Skip to content

VTAdmin: Address security vuln in path-to-regexp node pkg #3901

VTAdmin: Address security vuln in path-to-regexp node pkg

VTAdmin: Address security vuln in path-to-regexp node pkg #3901

name: vtadmin-web build
# In specifying the 'paths' property, we need to include the path to this workflow .yml file.
# See https://github.community/t/trigger-a-workflow-on-change-to-the-yml-file-itself/17792/4)
on:
push:
paths:
- '.github/workflows/vtadmin_web_build.yml'
- 'web/vtadmin/**'
pull_request:
paths:
- '.github/workflows/vtadmin_web_build.yml'
- 'web/vtadmin/**'
permissions: read-all
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Skip CI
run: |
if [[ "${{contains( github.event.pull_request.labels.*.name, 'Skip CI')}}" == "true" ]]; then
echo "skipping CI due to the 'Skip CI' label"
exit 1
fi
- name: Check if workflow needs to be skipped
id: skip-workflow
run: |
skip='false'
if [[ "${{github.event.pull_request}}" == "" ]] && [[ "${{github.ref}}" != "refs/heads/main" ]] && [[ ! "${{github.ref}}" =~ ^refs/heads/release-[0-9]+\.[0-9]$ ]] && [[ ! "${{github.ref}}" =~ "refs/tags/.*" ]]; then
skip='true'
fi
echo Skip ${skip}
echo "skip-workflow=${skip}" >> $GITHUB_OUTPUT
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
if: steps.skip-workflow.outputs.skip-workflow == 'false'
- uses: actions/setup-node@v4
if: steps.skip-workflow.outputs.skip-workflow == 'false'
with:
# node-version should match package.json
node-version: '20.12.2'
- name: Install dependencies
if: steps.skip-workflow.outputs.skip-workflow == 'false'
run: cd ./web/vtadmin && npm ci
- name: Build front-end
if: steps.skip-workflow.outputs.skip-workflow == 'false'
run: cd ./web/vtadmin && npm run build
# Cancel pending and in-progress runs of this workflow if a newer ref is pushed to CI.
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true