npm-audit-fix.yml 2.3 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374
  1. # This workflow is provided via the organization template repository
  2. #
  3. # https://github.com/nextcloud/.github
  4. # https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization
  5. name: Npm audit fix and compile
  6. on:
  7. workflow_dispatch:
  8. schedule:
  9. # At 2:30 on Sundays
  10. - cron: '30 2 * * 0'
  11. jobs:
  12. build:
  13. runs-on: ubuntu-latest
  14. strategy:
  15. fail-fast: false
  16. matrix:
  17. branches: ["main", "master", "stable28", "stable27", "stable26"]
  18. name: npm-audit-fix-${{ matrix.branches }}
  19. steps:
  20. - name: Checkout
  21. uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
  22. with:
  23. ref: ${{ matrix.branches }}
  24. - name: Read package.json node and npm engines version
  25. uses: skjnldsv/read-package-engines-version-actions@8205673bab74a63eb9b8093402fd9e0e018663a1 # v2.2
  26. id: versions
  27. with:
  28. fallbackNode: '^20'
  29. fallbackNpm: '^9'
  30. - name: Set up node ${{ steps.versions.outputs.nodeVersion }}
  31. uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
  32. with:
  33. node-version: ${{ steps.versions.outputs.nodeVersion }}
  34. - name: Set up npm ${{ steps.versions.outputs.npmVersion }}
  35. run: npm i -g npm@"${{ steps.versions.outputs.npmVersion }}"
  36. - name: Fix npm audit
  37. run: |
  38. npm audit fix
  39. - name: Run npm ci and npm run build
  40. if: always()
  41. env:
  42. CYPRESS_INSTALL_BINARY: 0
  43. PUPPETEER_SKIP_DOWNLOAD: true
  44. run: |
  45. npm ci
  46. npm run build --if-present
  47. - name: Create Pull Request
  48. if: always()
  49. uses: peter-evans/create-pull-request@a4f52f8033a6168103c2538976c07b467e8163bc # v5
  50. with:
  51. token: ${{ secrets.COMMAND_BOT_PAT }}
  52. commit-message: "chore(deps): fix npm audit"
  53. committer: GitHub <noreply@github.com>
  54. author: nextcloud-command <nextcloud-command@users.noreply.github.com>
  55. signoff: true
  56. branch: automated/noid/${{ matrix.branches }}-fix-npm-audit
  57. title: "[${{ matrix.branches }}] Fix npm audit"
  58. body: |
  59. Auto-generated fix of npm audit
  60. labels: |
  61. dependencies
  62. 3. to review