fix: package.json to reduce vulnerabilities #15

	# This is a basic workflow to help you get started with Actions

	name: ci

	# Controls when the workflow will run
	on:
	# Triggers the workflow on push or pull request events but only for the "main" branch
	push:
	branches:
	- '**'
	pull_request:
	branches:
	- 'master'

	# Allows you to run this workflow manually from the Actions tab
	workflow_dispatch:

	# A workflow run is made up of one or more jobs that can run sequentially or in parallel
	jobs:
	build-test:
	# The type of runner that the job will run on
	runs-on: ubuntu-latest
	# Steps represent a sequence of tasks that will be executed as part of the job
	steps:
	# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
	- uses: actions/checkout@v3
	- name: Setup Node.js environment
	uses: actions/setup-node@v3
	with:
	node-version: 18
	- name: Install dependencies
	run: \|
	npm install
	- name: Run tests
	run: \|
	npm test
	- name: Run Snyk to check for vulnerabilities
	uses: snyk/actions/node@master
	env:
	SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
	with:
	args: --severity-threshold=high
	build-test-monitor:
	if: github.ref == 'refs/heads/master'
	runs-on: ubuntu-latest
	needs: build-test
	steps:
	- uses: actions/checkout@v3
	- name: Setup Node.js environment
	uses: actions/setup-node@v3
	with:
	node-version: 18
	- name: Install dependencies
	run: \|
	npm install semantic-release @semantic-release/exec pkg --save-dev
	npm install
	- name: Run Snyk to check for vulnerabilities
	uses: snyk/actions/node@master
	env:
	SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
	with:
	args: --org=cse-snyk-labs
	command: monitor

Provide feedback