From 4d8278234b7b8739e06dab89e5c0076a80dbff36 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Oriol=20Canad=C3=A9s?= <oriol.canades@in2.es>
Date: Sun, 20 Oct 2024 12:48:46 +0200
Subject: [PATCH] Create security.yaml

---
 .github/workflows/security.yaml | 29 +++++++++++++++++++++++++++++
 1 file changed, 29 insertions(+)
 create mode 100644 .github/workflows/security.yaml

diff --git a/.github/workflows/security.yaml b/.github/workflows/security.yaml
new file mode 100644
index 0000000..f9b4f96
--- /dev/null
+++ b/.github/workflows/security.yaml
@@ -0,0 +1,29 @@
+name: Security Check
+
+on:
+  schedule:
+    - cron: '0 13 * * 0'
+
+jobs:
+  security_check:
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v3
+
+    - name: Audit dependencies for vulnerabilities
+      run: npm audit --audit-level=high || echo "Vulnerabilities found"
+
+    - name: Send Email if vulnerabilities are found
+      if: failure()
+      uses: dawidd6/action-send-mail@v3
+      with:
+        server_address: smtp.office365.com
+        server_port: 587
+        username: ${{ secrets.OUTLOOK_USERNAME }}
+        password: ${{ secrets.OUTLOOK_PASSWORD }}
+        subject: "Security Alert: Vulnerabilities Detected"
+        body: "Dependabot found vulnerabilities in your project dependencies. Please review the logs."
+        to: "dome@in2.es"
+        from: "oriol.canades@in2.es"