Merge pull request #140 from myrotvorets/renovate/lock-file-maintenance #211

	name: Package Audit

	on:
	push:
	branches:
	- '**'
	paths:
	- package.json
	- package-lock.json
	- .github/workflows/package-audit.yml
	workflow_dispatch:

	permissions:
	contents: read

	jobs:
	audit-npm:
	name: NPM Audit
	runs-on: ubuntu-latest
	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
	with:
	disable-sudo: true
	allowed-endpoints:
	api.github.com:443
	github.com:443
	registry.npmjs.org:443

	- name: Audit with NPM
	uses: myrotvorets/composite-actions/node-package-audit@master

Provide feedback