Skip to content

fix(deps): update dependency cookie to v0.7.0 [security] (#709) #1844

fix(deps): update dependency cookie to v0.7.0 [security] (#709)

fix(deps): update dependency cookie to v0.7.0 [security] (#709) #1844

Workflow file for this run

# This is a basic workflow to help you get started with Actions
name: CI
# Controls when the action will run. Triggers the workflow on push or pull request
on:
push:
branches: [ main ]
pull_request:
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
prepare:
# The type of runner that the job will run on
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: lts/*
- name: generate lock files
run: npm i
- uses: actions/setup-node@v4
with:
node-version: lts/*
cache: npm
- name: generate tests datas
run: |
npm run generate:data
npm list > dependencies.list
- uses: actions/upload-artifact@v3
with:
name: prepare
path: |
./dependencies.list
./package-lock.json
./tests/datas
# This workflow contains a single job called "build"
build:
permissions:
checks: write
needs: [prepare]
# The type of runner that the job will run on
runs-on: ubuntu-latest
# do a matrix test with different node versions
strategy:
fail-fast: false
matrix:
node-version: [ lts/*, 16 ]
#can't test on 5.6.42 because database is too up-to-date ( 5.12.72 )
unifi-version: [ latest, 7.3.83, 7.2.95, 7.1.68, 7.0.25, 6.5.55, 6.4.54, version-6.2.26, version-6.0.45 ]
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/checkout@v4
- uses: actions/download-artifact@v3
with:
name: prepare
path: .
# try to perform a nodejs setup
- uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node-version }}
cache: npm
# - name: install+run docker-unifi-controller
# run: |
# # install our own demo database
# mkdir unifi-storage
# sudo tar -C unifi-storage -xf $GITHUB_WORKSPACE/.github/workflows/db-demo-dump.tar.bz2
# # create docker-unifi-controller
# docker create --name=unifi-controller -e PUID=1001 -e PGID=116 -p 8443:8443 -v $GITHUB_WORKSPACE/unifi-storage:/config linuxserver/unifi-controller:${{ matrix.unifi-version }}
# docker start unifi-controller
# # wait for unifi-controller to be ready
# while ! curl -ks https://127.0.0.1:8443; do echo waiting for unifi-controller; sleep 2; done
# echo unifi-controller answer
- name: npm install, build, and test
run: |
npm install
npm run build
echo start tests
npm run test:CI:coverage
env:
CI: true
- uses: mattallty/jest-github-action@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
CI: true
with:
test-command: npm run test:CI:coverage
coverage-comment: false
- name: replace path in coverage files
run: find ./coverage -type f -exec sed -i -e "s@$(pwd)@<root>@g" {} \;
if: always()
- uses: actions/upload-artifact@v3
with:
name: coverage
path: |
./coverage/clover.xml
./coverage/coverage-final.json
./coverage/lcov.info
./coverage/junit.xml
./coverage/test-report.xml
if: always()
eslint:
name: eslint
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: install eslint
run: npm install
- name: run eslint
run: |
echo start eslint
mkdir coverage
npm run ci:eslint
continue-on-error: true
env:
CI: true
- name: replace path in coverage files
run: find ./coverage -type f -exec sed -i -e "s@$(pwd)@<root>@g" {} \;
- uses: actions/upload-artifact@v3
with:
name: coverage
path: ./coverage/eslint-report.json
send-coverage:
runs-on: ubuntu-latest
needs: build
if: always()
steps:
- uses: actions/checkout@v4
- uses: actions/download-artifact@v3
with:
name: coverage
path: ./coverage/
- uses: codecov/codecov-action@v4
with:
#token: ${{ secrets.CODECOV_TOKEN }} # not required for public repos
# files: ./coverage/clover.xml # optional
fail_ci_if_error: false # optional (default = false)
sonarcloud:
name: SonarCloud
runs-on: ubuntu-latest
needs: [build, eslint]
if: always()
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
- uses: actions/download-artifact@v3
with:
name: coverage
path: ./coverage/
- name: change coverage path in file
run: find ./coverage -type f -exec sed -i -e "s@<root>@/github/workspace@g" {} \;
- name: SonarCloud Scan
uses: SonarSource/sonarcloud-github-action@master
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}