action: package lock should be updated before audit fix runs

neverendingqs · Jul 10, 2020 · e2d6013 · e2d6013
1 parent 2acd086
commit e2d6013
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/entrypoint.sh b/entrypoint.sh
@@ -9,8 +9,8 @@ BUMP_VERSION=${4}
 npx npm-check-updates -u
 
 if [ "${PACKAGE_MANAGER}" == 'npm' ]; then
-  npm audit fix --force
   npm i --package-lock-only
+  npm audit fix --force
 elif [ "${PACKAGE_MANAGER}" == 'yarn' ]; then
   yarn install
 else