npm-audit-fix.yml 2.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475
  1. # This workflow is provided via the organization template repository
  2. #
  3. # https://github.com/nextcloud/.github
  4. # https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization
  5. #
  6. # SPDX-FileCopyrightText: 2023-2024 Nextcloud GmbH and Nextcloud contributors
  7. # SPDX-License-Identifier: MIT
  8. name: Npm audit fix and compile
  9. on:
  10. workflow_dispatch:
  11. schedule:
  12. # At 2:30 on Sundays
  13. - cron: '30 2 * * 0'
  14. jobs:
  15. build:
  16. runs-on: ubuntu-latest
  17. strategy:
  18. fail-fast: false
  19. matrix:
  20. branches: ['main', 'master', 'stable30', 'stable29', 'stable28']
  21. name: npm-audit-fix-${{ matrix.branches }}
  22. steps:
  23. - name: Checkout
  24. uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
  25. with:
  26. ref: ${{ matrix.branches }}
  27. - name: Read package.json node and npm engines version
  28. uses: skjnldsv/read-package-engines-version-actions@06d6baf7d8f41934ab630e97d9e6c0bc9c9ac5e4 # v3
  29. id: versions
  30. with:
  31. fallbackNode: '^20'
  32. fallbackNpm: '^10'
  33. - name: Set up node ${{ steps.versions.outputs.nodeVersion }}
  34. uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v3
  35. with:
  36. node-version: ${{ steps.versions.outputs.nodeVersion }}
  37. - name: Set up npm ${{ steps.versions.outputs.npmVersion }}
  38. run: npm i -g 'npm@${{ steps.versions.outputs.npmVersion }}'
  39. - name: Fix npm audit
  40. id: npm-audit
  41. uses: nextcloud-libraries/npm-audit-action@2a60bd2e79cc77f2cc4d9a3fe40f1a69896f3a87 # v0.1.0
  42. - name: Run npm ci and npm run build
  43. if: always()
  44. env:
  45. CYPRESS_INSTALL_BINARY: 0
  46. run: |
  47. npm ci
  48. npm run build --if-present
  49. - name: Create Pull Request
  50. if: always()
  51. uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f # v7.0.5
  52. with:
  53. token: ${{ secrets.COMMAND_BOT_PAT }}
  54. commit-message: 'fix(deps): Fix npm audit'
  55. committer: GitHub <noreply@github.com>
  56. author: nextcloud-command <nextcloud-command@users.noreply.github.com>
  57. signoff: true
  58. branch: automated/noid/${{ matrix.branches }}-fix-npm-audit
  59. title: '[${{ matrix.branches }}] Fix npm audit'
  60. body: ${{ steps.npm-audit.outputs.markdown }}
  61. labels: |
  62. dependencies
  63. 3. to review