ci: check for dependency vulnerabilities on push

.github/workflows/yarn-audit.yml

@@ -0,0 +1,22 @@
+name: Check for vulnerabilities
+on: [push]
+jobs:
+  yarn-audit:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v2
+        with:
+          node-version: '20'
+
+      - name: Install dependencies
+        run: yarn
+
+      - name: Run yarn audit
+        run: |
+          yarn audit
+          exit $?