fix(deps): resolve vulnerability #4
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: Semantic Release Check π | |
on: | |
pull_request: | |
branches: | |
- master | |
permissions: write-all | |
jobs: | |
PR-checks: | |
# https://docs.github.com/en/actions/hosting-your-own-runners/managing-self-hosted-runners/using-self-hosted-runners-in-a-workflow | |
runs-on: ubuntu-latest | |
name: Semantic Release Check π | |
steps: | |
- name: π Checkout | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: π₯οΈ Setup Env | |
uses: ./.github/workflows/install | |
- name: π¬ Check semantic versioning | |
id: semantic-release | |
run: | | |
GITHUB_REF=${{ github.head_ref }} | |
npx semantic-release --no-ci --dry-run --plugins @semantic-release/commit-analyzer,@semantic-release/release-notes-generator --branches ${{ github.head_ref }} > output.txt | |
OUTPUT=$(cat output.txt | base64 -w 0) | |
echo "::set-output name=releaseNote::$OUTPUT" | |
- name: π Report semantic versioning | |
uses: actions/github-script@v3 | |
if: ${{ steps.semantic-release.outputs.releaseNote != '' }} | |
with: | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
script: | | |
// build release note | |
const semanticReleaseOutput = Buffer.from('${{ steps.semantic-release.outputs.releaseNote }}', 'base64').toString('utf8'); | |
const semanticReleaseLogMatch = /^[[0-9:\sAMPM]+\]\s\[semantic-release\].*$/; | |
const lines = semanticReleaseOutput.split('\n'); | |
const lastSemanticReleaseLogIndex = [...lines] | |
.reverse() | |
.findIndex((line) => line.match(semanticReleaseLogMatch)); | |
const releaseNoteIndex = lines.length - lastSemanticReleaseLogIndex; | |
const releaseNote = lines.slice(releaseNoteIndex); | |
let res = releaseNote.join('\n'); | |
if (!releaseNote.length || !res) { | |
res = '### No release note would be generated.'; | |
} | |
const SEMANTIC_RELEASE_BODY_HEADER = '## π Semantic Release Report'; | |
const body = [SEMANTIC_RELEASE_BODY_HEADER, res].join('\n'); | |
// get last comment | |
const comments = await github.issues.listComments({ | |
issue_number: context.issue.number, | |
owner: context.repo.owner, | |
repo: context.repo.repo | |
}); | |
// find comments to delete | |
const commentsToDelete = comments.data.filter((comment) => | |
comment.body.startsWith(SEMANTIC_RELEASE_BODY_HEADER) | |
); | |
// delete comments | |
const prms = commentsToDelete.map((comment) => | |
github.issues.deleteComment({ | |
comment_id: comment.id, | |
owner: context.repo.owner, | |
repo: context.repo.repo | |
}) | |
); | |
await Promise.all(prms); | |
// create new comment for release note | |
github.issues.createComment({ | |
issue_number: context.issue.number, | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
body | |
}); |