NodeSource developed a GitHub Action that can be used as a lightweight CI workflow. Whenever a PR is submitted, NodeSource's 'Node Certified Modules' (NCM) uses the NCM pipeline to check and evaluate the project. The PR then fails or passes depending on the project’s risk profile. The integration delivers detailed code annotations to reflect where certain risk factors occurred in your project.