From c11b1da9a6546e006bea29cc7f524b94736f7bfb Mon Sep 17 00:00:00 2001
From: Frank Nagel <frank.nagel@hrz.uni-marburg.de>
Date: Fri, 19 Jun 2020 13:00:38 +0200
Subject: [PATCH] feat: Change 'npm audit' failure behaviour

The audit fails only if the results include a vulnerability with a level of
at least 'high' in scheduled pipelines.
---
 src/common.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/common.ts b/src/common.ts
index b852f1ef..9c5a8013 100644
--- a/src/common.ts
+++ b/src/common.ts
@@ -752,7 +752,7 @@ export function getRules(configuration: Configuration): Rules {
         'schedules',
       ],
       script: [
-        'npm audit',
+        'npm audit --audit-level=high',
       ],
       stage: 'audit',
     },