Skip to content

[Snyk] Security upgrade next from 12.3.2 to 14.2.7 #4050

[Snyk] Security upgrade next from 12.3.2 to 14.2.7

[Snyk] Security upgrade next from 12.3.2 to 14.2.7 #4050

Workflow file for this run

name: Continuous integration
on:
pull_request:
types: [opened, synchronize, ready_for_review, review_requested]
jobs:
# @see https://github.com/marketplace/actions/skip-duplicate-actions
pre_job:
# continue-on-error: true # Uncomment once integration is finished
runs-on: ubuntu-latest
# Map a step output to a job output
outputs:
should_skip: ${{ steps.skip_check.outputs.should_skip }}
steps:
- id: skip_check
uses: fkirc/skip-duplicate-actions@master
with:
# All of these options are optional, so you can remove them if you are happy with the defaults
concurrent_skipping: 'never' # is the default [never, same_content, outdated_runs, always]
skip_after_successful_duplicate: 'true' # is the default [true, false]
cancel_others: true # default false
# paths_ignore: '["**/README.md", "**/docs/**"]'
# paths: '[]'
# do_not_skip: '["pull_request", "workflow_dispatch", "schedule"]' # default ["workflow_dispatch", "schedule"]
Source-Checks:
name: Validate Source Code
needs: pre_job
if: ${{ needs.pre_job.outputs.should_skip != 'true' }}
runs-on: ubuntu-latest
strategy:
matrix:
node-version: [16.x]
steps:
- name: Checkout Repo
uses: actions/checkout@main
with:
ref: ${{ github.event.client_payload.ref }}
- name: Install pnpm
uses: pnpm/action-setup@master
with:
version: next-7
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@main
with:
node-version: ${{ matrix.node-version }}
check-latest: true
cache: 'pnpm'
- name: Install dependencies
run: |
pnpm --version
pnpm install --prefer-frozen-lockfile
- name: Run prettier
run: pnpm format
- name: Run eslint
run: pnpm lint
- name: Run type-check
run: pnpm type-check
# TODO: would be better to run this once a day or so
- name: Run audit
run: |
pnpm audit --production
pnpm audit --audit-level=critical
Build-Checks:
name: Validate App Code
needs: pre_job
if: ${{ needs.pre_job.outputs.should_skip != 'true' }}
runs-on: ubuntu-latest
strategy:
matrix:
node-version: [16.x]
steps:
- name: Checkout Repo
uses: actions/checkout@main
with:
ref: ${{ github.event.client_payload.ref }}
- name: Install pnpm
uses: pnpm/action-setup@master
with:
version: v7.9.5
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@main
with:
node-version: ${{ matrix.node-version }}
check-latest: true
cache: 'pnpm'
- name: Install dependencies
run: |
pnpm --version
pnpm install --prefer-frozen-lockfile
- name: 'Run tests'
if: false # cypress headless is broken
run: pnpm test
env:
CI: true
FAUNADB_SECRET: ${{ secrets.FAUNADB_SECRET }}
- name: Report Test Coverage
if: false
uses: romeovs/[email protected]
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
lcov-file: ./coverage/lcov.info