mirror of
https://github.com/imjasonh/govulncheck-action
synced 2026-07-17 14:14:55 +00:00
Merge branch 'main' into dependabot/npm_and_yarn/npm-dependencies-d095f69092
This commit is contained in:
commit
c2a0d4313f
3 changed files with 40 additions and 14 deletions
22
.github/workflows/ci.yml
vendored
22
.github/workflows/ci.yml
vendored
|
|
@ -2,28 +2,28 @@ name: CI
|
|||
|
||||
on:
|
||||
push:
|
||||
branches: [ main ]
|
||||
branches: [main]
|
||||
pull_request:
|
||||
branches: [ main ]
|
||||
branches: [main]
|
||||
|
||||
jobs:
|
||||
test:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v6.0.2
|
||||
|
||||
|
||||
- name: Setup Node.js
|
||||
uses: actions/setup-node@v6
|
||||
with:
|
||||
node-version: '20'
|
||||
cache: 'npm'
|
||||
|
||||
|
||||
- name: Install dependencies
|
||||
run: npm ci
|
||||
|
||||
|
||||
- name: Run tests
|
||||
run: npm test
|
||||
|
||||
|
||||
- name: Check test coverage
|
||||
run: npm run test:coverage
|
||||
|
||||
|
|
@ -31,23 +31,23 @@ jobs:
|
|||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v6.0.2
|
||||
|
||||
|
||||
- name: Setup Node.js
|
||||
uses: actions/setup-node@v6
|
||||
with:
|
||||
node-version: '20'
|
||||
cache: 'npm'
|
||||
|
||||
|
||||
- name: Install dependencies
|
||||
run: npm ci
|
||||
|
||||
|
||||
- name: Build dist
|
||||
run: npm run build
|
||||
|
||||
|
||||
- name: Check if dist is up to date
|
||||
run: |
|
||||
if [ -n "$(git status --porcelain dist/)" ]; then
|
||||
echo "::error::dist/ is not up to date. Please run 'npm run build' and commit the changes."
|
||||
git diff dist/
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
|
|
|
|||
30
.github/workflows/dependabot-auto-merge.yml
vendored
30
.github/workflows/dependabot-auto-merge.yml
vendored
|
|
@ -9,10 +9,36 @@ permissions:
|
|||
jobs:
|
||||
dependabot:
|
||||
runs-on: ubuntu-latest
|
||||
if: github.actor == 'dependabot[bot]'
|
||||
steps:
|
||||
- uses: actions/checkout@v6
|
||||
with:
|
||||
ref: ${{ github.event.pull_request.head.ref }}
|
||||
|
||||
- name: Setup Node.js
|
||||
uses: actions/setup-node@v6
|
||||
with:
|
||||
node-version: '20'
|
||||
cache: 'npm'
|
||||
|
||||
- name: Install dependencies
|
||||
run: npm ci
|
||||
|
||||
- name: Rebuild dist
|
||||
run: npm run build
|
||||
|
||||
- name: Commit and push changes
|
||||
run: |
|
||||
if [ -n "$(git status --porcelain dist/)" ]; then
|
||||
git config --global user.name "dependabot[bot]"
|
||||
git config --global user.email "49699333+dependabot[bot]@users.noreply.github.com"
|
||||
git add dist/
|
||||
git commit -m "chore: rebuild dist"
|
||||
git push
|
||||
fi
|
||||
|
||||
- name: Enable auto-merge for Dependabot PRs
|
||||
if: github.actor == 'dependabot[bot]'
|
||||
run: gh pr merge --auto --squash "$PR_URL"
|
||||
env:
|
||||
PR_URL: ${{github.event.pull_request.html_url}}
|
||||
GH_TOKEN: ${{secrets.GITHUB_TOKEN}}
|
||||
GH_TOKEN: ${{secrets.GITHUB_TOKEN}}
|
||||
|
|
|
|||
2
.github/workflows/malcontent.yaml
vendored
2
.github/workflows/malcontent.yaml
vendored
|
|
@ -35,7 +35,7 @@ jobs:
|
|||
# NB: Could also set `fail-on-increase: false` and use `if: ${{steps.malcontent.outputs.risk-delta > 5}}` to allow some risk increase
|
||||
|
||||
- name: Upload SARIF
|
||||
uses: github/codeql-action/upload-sarif@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 #v3.29.0 - 11 Jun 2025
|
||||
uses: github/codeql-action/upload-sarif@9e907b5e64f6b83e7804b09294d44122997950d6 #v3.29.0 - 11 Jun 2025
|
||||
if: always() # Upload even if the malcontent check fails
|
||||
with:
|
||||
sarif_file: ${{ steps.malcontent.outputs.sarif-file }}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue