From 6fecc339d28418aa476129a28dd929ba07c79cf0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Markus=20Kalij=C3=A4rvi?= <markus.kalijarvi@druid.fi>
Date: Mon, 29 Jan 2024 12:18:33 +0200
Subject: [PATCH] UHF-9380: Simplified npm audit action.

---
 .github/workflows/npm-audit.yml | 33 ++++-----------------------------
 1 file changed, 4 insertions(+), 29 deletions(-)

diff --git a/.github/workflows/npm-audit.yml b/.github/workflows/npm-audit.yml
index 66820ac10..3f695bcf2 100644
--- a/.github/workflows/npm-audit.yml
+++ b/.github/workflows/npm-audit.yml
@@ -13,10 +13,10 @@ jobs:
       - name: Checkout code
         uses: actions/checkout@v4
 
-      - name: Use Node.js from .nvmrc in modules/custom
-        id: npm_audit_modules
+      - name: Run npm audit
+        id: npm_audit
         run: |
-          find public/modules/custom -type f -name ".nvmrc" -exec sh -c '
+          find public/modules/custom public/themes/custom -type f -name ".nvmrc" -exec sh -c '
             dir=$(dirname "$1")
             node_version=$(cat "$1")
             echo "Using Node.js version $node_version in $dir"
@@ -24,7 +24,6 @@ jobs:
             export NVM_DIR="$HOME/.nvm" && [ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"
             nvm install $node_version
             nvm use $node_version
-            npm install --silent
             set +e
             npm audit --package-lock-only --loglevel=error;
             # The npm audit command will exit with a 0 exit code if no vulnerabilities were found.
@@ -38,33 +37,9 @@ jobs:
             set -e
           ' sh {} \;
 
-      - name: Use Node.js from .nvmrc in themes/custom
-        id: npm_audit_themes
-        run: |
-          find public/themes/custom -type f -name ".nvmrc" -exec sh -c '
-            dir=$(dirname "$1")
-            node_version=$(cat "$1")
-            echo "Using Node.js version $node_version in $dir"
-            cd "$dir"
-            export NVM_DIR="$HOME/.nvm" && [ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"
-            nvm install $node_version
-            nvm use $node_version
-            npm install --silent
-            set +e
-            npm audit --package-lock-only --loglevel=error;
-            # The npm audit command will exit with a 0 exit code if no vulnerabilities were found.
-            if [ $? -gt 0 ]; then
-              npm audit fix --package-lock-only --loglevel=error;
-              if [ $? -gt 0 ]; then
-                echo "BC_BREAK=:exclamation: NPM Audit fix could not fix all vulnerabilities. Fix them manually by running \`npm audit fix --force\` and test the functionalities thoroughly as there might be breaking changes. :exclamation:" >> $GITHUB_ENV;
-              fi;
-              echo "CREATE_PR=true" >> $GITHUB_OUTPUT;
-            fi;
-            set -e
-          ' sh {} \;
 
       - name: Create Pull Request
-        if: steps.npm_audit_modules.outputs.CREATE_PR == 'true' || steps.npm_audit_themes.outputs.CREATE_PR == 'true'
+        if: steps.npm_audit.outputs.CREATE_PR == 'true'
         uses: peter-evans/create-pull-request@v4
         with:
           committer: GitHub <noreply@github.com>