Skip to content

build(deps): Bump the github-actions group with 3 updates #2323

build(deps): Bump the github-actions group with 3 updates

build(deps): Bump the github-actions group with 3 updates #2323

Workflow file for this run

name: unit_tests
permissions:
contents: read
on:
workflow_dispatch:
push:
branches:
- trunk
pull_request:
branches:
- trunk
- release-v*.*.*
jobs:
cli_tags:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- uses: ./.github/composite/verify_cli_tags
noports_core-unit_tests:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
dart-channel: [stable,beta]
steps:
- uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- uses: dart-lang/setup-dart@0a8a0fc875eb934c15d08629302413c671d3f672 # v1.6.5
with:
sdk: ${{ matrix.dart-channel}}
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: "stable"
cache-dependency-path: tools/osv-scanner/go.sum
- name: dart pub get
working-directory: packages/dart/noports_core
run: dart pub get
- name: dart analyze
working-directory: packages/dart/noports_core
run: dart analyze
- name: dart test
working-directory: packages/dart/noports_core
run: dart test
# Runs osv-scanner to find any vulnerable Dart dependencies
# It needs to look at pubspec.lock files, which is why it's
# placed here, as the `dart pub get` above will create them
- name: Run osv-scanner
working-directory: packages/dart
run: |
go install github.com/google/osv-scanner/cmd/osv-scanner@6316373e47d7e3e4b4fd3630c4bbc10987738de6 # v1.4.3
osv-scanner --lockfile=./sshnoports/pubspec.lock
osv-scanner --lockfile=./sshnp_flutter/pubspec.lock
osv-scanner --lockfile=./noports_core/pubspec.lock