Skip to content

fix: Security upgrade ws, parse and puppeteer #2497

fix: Security upgrade ws, parse and puppeteer

fix: Security upgrade ws, parse and puppeteer #2497

Workflow file for this run

name: ci
on:
push:
branches: [ release, alpha, beta, next-major ]
pull_request:
branches:
- '**'
env:
NODE_VERSION: 20.11.1
jobs:
check-ci:
name: Node Engine Check
timeout-minutes: 15
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Use Node.js ${{ env.NODE_VERSION }}
uses: actions/setup-node@v4
with:
node-version: ${{ env.NODE_VERSION }}
- name: Cache Node.js modules
uses: actions/cache@v4
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ env.NODE_VERSION }}-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-${{ env.NODE_VERSION }}-
- name: Install dependencies
run: npm ci --ignore-scripts
- name: CI Node Engine Check
run: npm run ci:checkNodeEngine
check-lint:
name: Lint
timeout-minutes: 15
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Use Node.js ${{ env.NODE_VERSION }}
uses: actions/setup-node@v4
with:
node-version: ${{ env.NODE_VERSION }}
- name: Cache Node.js modules
uses: actions/cache@v4
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ env.NODE_VERSION }}-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-${{ env.NODE_VERSION }}-
- name: Install dependencies
run: npm ci --ignore-scripts
- run: npm run lint
check-circular:
name: Circular Dependencies
timeout-minutes: 15
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Use Node.js ${{ env.NODE_VERSION }}
uses: actions/setup-node@v4
with:
node-version: ${{ env.NODE_VERSION }}
- name: Cache Node.js modules
uses: actions/cache@v4
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ env.NODE_VERSION }}-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-${{ env.NODE_VERSION }}-
- name: Install dependencies
run: npm ci --ignore-scripts
- name: Scan for circular dependencies
run: npm run madge:circular
check-docker:
strategy:
matrix:
include:
- name: Docker linux/amd64
DOCKER_PLATFORM: linux/amd64
RUNNER_TYPE: ubuntu-latest
# - name: Docker linux/arm64/v8
# DOCKER_PLATFORM: linux/arm64/v8
# # Replace this with a native arm linux runner when available, presumably by EOY 2024, see:
# # https://github.com/orgs/community/discussions/19197#discussioncomment-10550689
# # The conditional setup of QEMU may need to be adapted to not run on native arm,
# # which will speed up the build process for arm64/v8 since no emulation will be needed.
# RUNNER_TYPE: ubuntu-latest
fail-fast: false
name: ${{ matrix.name }}
timeout-minutes: 45
runs-on: ${{ matrix.RUNNER_TYPE }}
steps:
- uses: actions/checkout@v4
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
# Only set up QEMU if not running on native arm
if: ${{ matrix.DOCKER_PLATFORM != 'linux/amd64' && matrix.RUNNER_TYPE == 'ubuntu-latest' }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
with:
install: true
- name: Build docker image
uses: docker/build-push-action@v3
with:
platforms: ${{ matrix.DOCKER_PLATFORM }}
cache-from: type=gha
cache-to: type=gha,mode=max
check-lock-file-version:
name: NPM Lock File Version
timeout-minutes: 5
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Check NPM lock file version
uses: mansona/npm-lockfile-version@v1
with:
version: 3
check-build:
strategy:
matrix:
include:
- name: Node 18
NODE_VERSION: 18.20.4
- name: Node 20
NODE_VERSION: 20.18.0
- name: Node 22
NODE_VERSION: 22.9.0
fail-fast: false
name: ${{ matrix.name }}
timeout-minutes: 15
runs-on: ubuntu-latest
env:
NODE_VERSION: ${{ matrix.NODE_VERSION }}
steps:
- name: Determine major node version
id: node
run: |
node_major=$(echo "${{ matrix.NODE_VERSION }}" | cut -d'.' -f1)
echo "::set-output name=node_major::$(echo $node_major)"
- name: Fix usage of insecure GitHub protocol
run: sudo git config --system url."https://github".insteadOf "git://github"
- uses: actions/checkout@v4
- name: Use Node.js ${{ matrix.NODE_VERSION }}
uses: actions/setup-node@v4
with:
node-version: ${{ matrix.NODE_VERSION }}
- name: Cache Node.js modules
uses: actions/cache@v4
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ matrix.NODE_VERSION }}-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-${{ matrix.NODE_VERSION }}-
- name: Install dependencies
run: npm ci
- name: Tests
run: npm test
- name: Test bundles
run: ./scripts/before_script.sh
env:
CI: true
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true