From 6adc3d8a1d2650ad597da34fb9fb16577ae5d7c6 Mon Sep 17 00:00:00 2001 From: Filipe C Menezes Date: Fri, 2 May 2025 14:01:15 +0100 Subject: [PATCH 1/4] fix: fork checks --- .github/workflows/{lint.yml => check.yml} | 24 ++++++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) rename .github/workflows/{lint.yml => check.yml} (52%) diff --git a/.github/workflows/lint.yml b/.github/workflows/check.yml similarity index 52% rename from .github/workflows/lint.yml rename to .github/workflows/check.yml index c40fb689..4cb07837 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/check.yml @@ -1,10 +1,13 @@ --- -name: Lint +name: Checks on: push: branches: - main pull_request: + pull_request_target: + branches: + - main permissions: {} @@ -35,3 +38,22 @@ jobs: - name: Install dependencies run: npm ci - run: npm run generate + + check-dep: + name: Check dependencies + runs-on: ubuntu-latest + steps: + - uses: GitHubSecurityLab/actions-permissions/monitor@v1 + - uses: actions/checkout@v4 + - uses: actions/setup-node@v4 + with: + node-version-file: package.json + cache: "npm" + - name: Install dependencies & build + run: npm ci + - name: Remove dev dependencies + run: | + rm -rf node_modules + npm pkg set scripts.prepare="exit 0" + npm install --omit=dev + - run: npx -y @modelcontextprotocol/inspector --cli --method tools/list -- node dist/index.js --connectionString "mongodb://localhost" From 36f69414180ac41920f5e5e08f483c55b76b7640 Mon Sep 17 00:00:00 2001 From: Filipe C Menezes Date: Fri, 2 May 2025 14:02:07 +0100 Subject: [PATCH 2/4] fix: remove from code_health --- .github/workflows/code_health.yaml | 20 -------------------- 1 file changed, 20 deletions(-) diff --git a/.github/workflows/code_health.yaml b/.github/workflows/code_health.yaml index 1451f36e..2f8ed17a 100644 --- a/.github/workflows/code_health.yaml +++ b/.github/workflows/code_health.yaml @@ -62,26 +62,6 @@ jobs: name: atlas-test-results path: coverage/lcov.info - dep-check: - name: Check dependencies - if: github.event.pull_request.user.login != 'dependabot[bot]' && github.event.pull_request.head.repo.full_name == github.repository - runs-on: ubuntu-latest - steps: - - uses: GitHubSecurityLab/actions-permissions/monitor@v1 - - uses: actions/checkout@v4 - - uses: actions/setup-node@v4 - with: - node-version-file: package.json - cache: "npm" - - name: Install dependencies & build - run: npm ci - - name: Remove dev dependencies - run: | - rm -rf node_modules - npm pkg set scripts.prepare="exit 0" - npm install --omit=dev - - run: npx -y @modelcontextprotocol/inspector --cli --method tools/list -- node dist/index.js --connectionString "mongodb://localhost" - coverage: name: Report Coverage if: always() && github.event.pull_request.user.login != 'dependabot[bot]' && github.event.pull_request.head.repo.full_name == github.repository From fb10f21ed6f4746ebcd26e9628af739fe1c5fdcc Mon Sep 17 00:00:00 2001 From: Filipe C Menezes Date: Fri, 2 May 2025 14:03:50 +0100 Subject: [PATCH 3/4] fix: join npm ci with dev deps --- .github/workflows/check.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml index 4cb07837..71a5b657 100644 --- a/.github/workflows/check.yml +++ b/.github/workflows/check.yml @@ -49,10 +49,9 @@ jobs: with: node-version-file: package.json cache: "npm" - - name: Install dependencies & build - run: npm ci - - name: Remove dev dependencies + - name: Install dependencies, build and remove dev dependencies run: | + npm ci rm -rf node_modules npm pkg set scripts.prepare="exit 0" npm install --omit=dev From 0d987aa65b8f0ae70ab6e26bffee74424a9e0f8b Mon Sep 17 00:00:00 2001 From: Filipe C Menezes Date: Fri, 2 May 2025 15:55:09 +0100 Subject: [PATCH 4/4] fix: no wait for dependabot PR --- .github/workflows/code_health_fork.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/code_health_fork.yaml b/.github/workflows/code_health_fork.yaml index 915d271c..3704ddbc 100644 --- a/.github/workflows/code_health_fork.yaml +++ b/.github/workflows/code_health_fork.yaml @@ -42,8 +42,6 @@ jobs: permissions: pull-requests: write contents: write - needs: - - run-tests steps: - name: Enable auto-merge for Dependabot PRs run: gh pr merge --auto --squash "$PR_URL"