ahtlon/deck
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
Files
4e2ea13c2c1d561bbff1a759636f672b12c4fa4e
deck/.github/workflows/npm-audit-fix.yml
dependabot[bot] 1a05a88c31 Chore(deps): Bump actions/setup-node from 3 to 4 
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 3 to 4.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-10-28 01:37:55 +00:00

72 lines
2.1 KiB
YAML
Raw Blame History

# This workflow is provided via the organization template repository
#
# https://github.com/nextcloud/.github
# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization
name: Npm audit fix and compile
on:
workflow_dispatch:
schedule:
# At 2:30 on Sundays
- cron: '30 2 * * 0'
jobs:
build:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
branches: ["main", "master", "stable27", "stable26", "stable25", "stable24"]
name: npm-audit-fix-${{ matrix.branches }}
steps:
- name: Checkout
uses: actions/checkout@v4 # v3.5.2
with:
ref: ${{ matrix.branches }}
- name: Read package.json node and npm engines version
uses: skjnldsv/read-package-engines-version-actions@8205673bab74a63eb9b8093402fd9e0e018663a1 # v2.2
id: versions
with:
fallbackNode: '^16'
fallbackNpm: '^7'
- name: Set up node ${{ steps.versions.outputs.nodeVersion }}
uses: actions/setup-node@8f152de45cc393bb48ce5d89d36b731f54556e65 # v3
with:
node-version: ${{ steps.versions.outputs.nodeVersion }}
- name: Set up npm ${{ steps.versions.outputs.npmVersion }}
run: npm i -g npm@"${{ steps.versions.outputs.npmVersion }}"
- name: Fix npm audit
run: |
npm audit fix
- name: Run npm ci and npm run build
if: always()
run: |
npm ci
npm run build --if-present
- name: Create Pull Request
if: always()
uses: peter-evans/create-pull-request@153407881ec5c347639a548ade7d8ad1d6740e38 # v5
with:
token: ${{ secrets.COMMAND_BOT_PAT }}
commit-message: "chore(deps): fix npm audit"
committer: GitHub <noreply@github.com>
author: nextcloud-command <nextcloud-command@users.noreply.github.com>
signoff: true
branch: automated/noid/${{ matrix.branches }}-fix-npm-audit
title: "[${{ matrix.branches }}] Fix npm audit"
body: |
Auto-generated fix of npm audit
labels: |
dependencies
3. to review
Reference in New Issue View Git Blame Copy Permalink