npm-audit-fix.yml 2.2 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071
  1. # This workflow is provided via the organization template repository
  2. #
  3. # https://github.com/nextcloud/.github
  4. # https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization
  5. name: Npm audit fix and compile
  6. on:
  7. workflow_dispatch:
  8. schedule:
  9. # At 2:30 on Sundays
  10. - cron: '30 2 * * 0'
  11. jobs:
  12. build:
  13. runs-on: ubuntu-latest
  14. strategy:
  15. fail-fast: false
  16. matrix:
  17. branches: ["main", "master", "stable27", "stable26", "stable25", "stable24"]
  18. name: npm-audit-fix-${{ matrix.branches }}
  19. steps:
  20. - name: Checkout
  21. uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
  22. with:
  23. ref: ${{ matrix.branches }}
  24. - name: Read package.json node and npm engines version
  25. uses: skjnldsv/read-package-engines-version-actions@8205673bab74a63eb9b8093402fd9e0e018663a1 # v2.1
  26. id: versions
  27. with:
  28. fallbackNode: '^16'
  29. fallbackNpm: '^7'
  30. - name: Set up node ${{ steps.versions.outputs.nodeVersion }}
  31. uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3
  32. with:
  33. node-version: ${{ steps.versions.outputs.nodeVersion }}
  34. - name: Set up npm ${{ steps.versions.outputs.npmVersion }}
  35. run: npm i -g npm@"${{ steps.versions.outputs.npmVersion }}"
  36. - name: Fix npm audit
  37. run: |
  38. npm audit fix
  39. - name: Run npm ci and npm run build
  40. if: always()
  41. run: |
  42. npm ci
  43. npm run build --if-present
  44. - name: Create Pull Request
  45. if: always()
  46. uses: peter-evans/create-pull-request@284f54f989303d2699d373481a0cfa13ad5a6666 # v5
  47. with:
  48. token: ${{ secrets.COMMAND_BOT_PAT }}
  49. commit-message: "chore(deps): fix npm audit"
  50. committer: GitHub <noreply@github.com>
  51. author: nextcloud-command <nextcloud-command@users.noreply.github.com>
  52. signoff: true
  53. branch: automated/noid/${{ matrix.branches }}-fix-npm-audit
  54. title: "[${{ matrix.branches }}] Fix npm audit"
  55. body: |
  56. Auto-generated fix of npm audit
  57. labels: |
  58. dependencies
  59. 3. to review