npm-audit-fix.yml 2.4 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677
  1. # This workflow is provided via the organization template repository
  2. #
  3. # https://github.com/nextcloud/.github
  4. # https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization
  5. #
  6. # SPDX-FileCopyrightText: 2023-2024 Nextcloud GmbH and Nextcloud contributors
  7. # SPDX-License-Identifier: MIT
  8. name: Npm audit fix and compile
  9. on:
  10. workflow_dispatch:
  11. schedule:
  12. # At 2:30 on Sundays
  13. - cron: '30 2 * * 0'
  14. jobs:
  15. build:
  16. runs-on: ubuntu-latest
  17. strategy:
  18. fail-fast: false
  19. matrix:
  20. branches: ["main", "master", "stable29", "stable28", "stable27"]
  21. name: npm-audit-fix-${{ matrix.branches }}
  22. steps:
  23. - name: Checkout
  24. uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
  25. with:
  26. ref: ${{ matrix.branches }}
  27. - name: Read package.json node and npm engines version
  28. uses: skjnldsv/read-package-engines-version-actions@06d6baf7d8f41934ab630e97d9e6c0bc9c9ac5e4 # v3
  29. id: versions
  30. with:
  31. fallbackNode: '^20'
  32. fallbackNpm: '^9'
  33. - name: Set up node ${{ steps.versions.outputs.nodeVersion }}
  34. uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
  35. with:
  36. node-version: ${{ steps.versions.outputs.nodeVersion }}
  37. - name: Set up npm ${{ steps.versions.outputs.npmVersion }}
  38. run: npm i -g npm@"${{ steps.versions.outputs.npmVersion }}"
  39. - name: Fix npm audit
  40. run: |
  41. npm audit fix
  42. - name: Run npm ci and npm run build
  43. if: always()
  44. env:
  45. CYPRESS_INSTALL_BINARY: 0
  46. PUPPETEER_SKIP_DOWNLOAD: true
  47. run: |
  48. npm ci
  49. npm run build --if-present
  50. - name: Create Pull Request
  51. if: always()
  52. uses: peter-evans/create-pull-request@6d6857d36972b65feb161a90e484f2984215f83e # v6.0.5
  53. with:
  54. token: ${{ secrets.COMMAND_BOT_PAT }}
  55. commit-message: "fix(deps): fix npm audit"
  56. committer: GitHub <noreply@github.com>
  57. author: nextcloud-command <nextcloud-command@users.noreply.github.com>
  58. signoff: true
  59. branch: automated/noid/${{ matrix.branches }}-fix-npm-audit
  60. title: "[${{ matrix.branches }}] Fix npm audit"
  61. body: |
  62. Auto-generated fix of npm audit
  63. labels: |
  64. dependencies
  65. 3. to review