Skip to content

chore(deps): bump jekyll from 4.3.2 to 4.3.3 #36

chore(deps): bump jekyll from 4.3.2 to 4.3.3

chore(deps): bump jekyll from 4.3.2 to 4.3.3 #36

# Do NOT use any secrets in this workflow. This will result in serious security holes.
name: Dependabot Diff Checker
on:
pull_request_target:
types:
- labeled
jobs:
dependabot_diff:
name: Site Build Difference
runs-on: ubuntu-latest
if: contains(github.event.pull_request.labels.*.name, 'dependencies') # See https://git.io/JsVv1
steps:
- name: Checkout Pull Request Branch
uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.sha }}
submodules: true
- name: Setup Ruby
uses: ruby/setup-ruby@v1
with:
ruby-version: 3.1
bundler-cache: true
- name: Build Pull Request Version of Website
run: |
bundle install
bundle exec jekyll build
mv _site _site-pr
- name: Checkout Default Branch
uses: actions/checkout@v4
with:
clean: false
submodules: true
- name: Build Production Version of Website
run: |
bundle install
bundle exec jekyll build
- name: Compare Built Websites
id: site-diff
run: |
has_changes=0
site_diff=$(diff -r _site-pr _site) || has_changes=$?
if [[ $has_changes == 0 ]]; then
PR_COMMENT="
There were no changes to the code of the compiled website as a result of this Dependabot update.
"
else
PR_COMMENT="
There were changes to the compiled website as a result of this Dependabot update:
\`\`\`
$site_diff
\`\`\`
"
fi
# Replace newlines and other special characters with escaped equivalents
PR_COMMENT="${PR_COMMENT//'%'/'%25'}"
PR_COMMENT="${PR_COMMENT//$'\n'/'%0A'}"
PR_COMMENT="${PR_COMMENT//$'\r'/'%0D'}"
echo "::set-output name=pr-comment::$PR_COMMENT"
- name: Comment on the Pull Request
uses: peter-evans/create-or-update-comment@v3
with:
issue-number: ${{ github.event.pull_request.number }}
body: ${{ steps.site-diff.outputs.pr-comment }}