build(deps): bump @fastify/helmet from 12.0.1 to 13.0.0 in the fastify-core group #3709
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
# **What it does**: Runs our tests. | |
# **Why we have it**: We want our tests to pass before merging code. | |
on: | |
push: | |
branches: | |
- main | |
paths-ignore: | |
- "docs/**" | |
- "*.md" | |
pull_request: | |
branches: | |
- main | |
paths-ignore: | |
- "docs/**" | |
- "*.md" | |
types: [opened, ready_for_review, reopened, synchronize] | |
permissions: | |
contents: read | |
# This allows a subsequently queued workflow run to interrupt previous runs | |
concurrency: | |
group: "${{ github.workflow }} @ ${{ github.event.pull_request.head.label || github.head_ref || github.ref }}" | |
cancel-in-progress: true | |
jobs: | |
dependency-review: | |
name: Dependency Review | |
if: > | |
github.event.pull_request.draft == false && | |
github.event_name == 'pull_request' | |
runs-on: ubuntu-latest | |
steps: | |
- name: Check out repo | |
uses: actions/checkout@v4 | |
with: | |
persist-credentials: false | |
- name: Dependency review | |
uses: actions/dependency-review-action@v4 | |
lint: | |
name: Lint Code | |
if: github.event.pull_request.draft == false | |
runs-on: ubuntu-latest | |
steps: | |
- name: Check out repo | |
uses: actions/checkout@v4 | |
with: | |
persist-credentials: false | |
- name: Setup Node | |
uses: actions/setup-node@v4 | |
with: | |
cache: npm | |
check-latest: true | |
node-version: lts/* | |
- name: Install | |
run: npm ci --ignore-scripts | |
- name: Audit NPM package signatures and provenance attestations | |
run: npm audit signatures | |
- name: Run ESLint | |
run: npm run lint | |
- name: Run Prettier | |
run: npm run lint:prettier | |
- name: Run License Checker | |
run: npm run lint:licenses | |
- name: Run Lockfile Linter | |
run: npm run lint:lockfile | |
commit-lint: | |
name: Lint Commit Messages | |
if: > | |
github.event.pull_request.draft == false && | |
github.actor != 'dependabot[bot]' | |
runs-on: ubuntu-latest | |
steps: | |
- name: Check out repo | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
persist-credentials: false | |
- name: Run Commitlint | |
uses: wagoid/commitlint-github-action@v6 | |
with: | |
configFile: ./package.json | |
unit-tests: | |
name: Unit Tests | |
if: github.event.pull_request.draft == false | |
strategy: | |
matrix: | |
node-version: [20, 22] | |
os: [macos-latest, ubuntu-latest, windows-latest] | |
runs-on: ${{ matrix.os }} | |
steps: | |
- name: Check out repo | |
uses: actions/checkout@v4 | |
with: | |
persist-credentials: false | |
- name: Setup Node ${{ matrix.node-version }} on ${{ matrix.os }} | |
uses: actions/setup-node@v4 | |
with: | |
cache: npm | |
check-latest: true | |
node-version: ${{ matrix.node-version }} | |
- name: Install | |
run: npm ci --ignore-scripts | |
- name: Install Playwright | |
run: npx playwright install --with-deps firefox | |
- name: Run macOS tests | |
if: matrix.os == 'macos-latest' | |
env: | |
HOMEBREW_NO_ANALYTICS: 1 | |
HOMEBREW_NO_AUTO_UPDATE: 1 | |
HOMEBREW_NO_INSTALL_CLEANUP: 1 | |
run: | | |
brew install unrtf poppler | |
cp .env.template .env | |
chmod 100 ./node_modules/htmltidy2/bin/darwin/tidy | |
npm run jest:coverage -- --ci | |
- name: Run Ubuntu tests | |
if: matrix.os == 'ubuntu-latest' | |
run: | | |
sudo apt-get -q update | |
sudo apt-get -y --no-install-recommends install poppler-data poppler-utils unrtf | |
cp .env.template .env | |
chmod 100 ./node_modules/htmltidy2/bin/linux64/tidy | |
npm run jest:coverage -- --ci | |
- name: Run Windows tests | |
if: matrix.os == 'windows-latest' | |
run: | | |
cp .env.template .env | |
npm run jest:coverage -- --ci | |
- name: Coveralls parallel | |
if: github.repository == 'Fdawgs/docsmith' | |
uses: coverallsapp/github-action@v2 | |
with: | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
parallel: true | |
flag-name: run-${{ matrix.node-version }}-${{ matrix.os }} | |
build: | |
name: Build | |
if: github.event.pull_request.draft == false | |
runs-on: ubuntu-latest | |
steps: | |
- name: Check out repo | |
uses: actions/checkout@v4 | |
with: | |
persist-credentials: false | |
- name: Setup Node | |
uses: actions/setup-node@v4 | |
with: | |
cache: npm | |
check-latest: true | |
node-version: lts/* | |
- name: Install | |
run: npm ci --ignore-scripts | |
- name: Run esbuild | |
run: npm run build | |
lint-docker-file: | |
name: Lint Dockerfile | |
if: github.event.pull_request.draft == false | |
runs-on: ubuntu-latest | |
steps: | |
- name: Check out repo | |
uses: actions/checkout@v4 | |
with: | |
persist-credentials: false | |
- name: Run Hadolint | |
uses: hadolint/hadolint-action@v3.1.0 | |
with: | |
dockerfile: Dockerfile | |
ignore: DL3008 | |
docker-compose-tests: | |
name: Docker Compose Build Tests | |
needs: lint-docker-file | |
if: github.event.pull_request.draft == false | |
runs-on: ubuntu-latest | |
steps: | |
- name: Check out repo | |
uses: actions/checkout@v4 | |
with: | |
persist-credentials: false | |
- name: Build and start app | |
run: | | |
cp .env.template .env | |
docker compose up -d | |
coverage: | |
name: Aggregate Coverage Calculations | |
needs: unit-tests | |
if: > | |
github.event.pull_request.draft == false && | |
github.repository == 'Fdawgs/docsmith' | |
runs-on: ubuntu-latest | |
steps: | |
- name: Coveralls finished | |
uses: coverallsapp/github-action@v2 | |
with: | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
parallel-finished: true | |
# This job is used to save the PR number in an artifact, for use in the automerge.yml workflow | |
save-pr-number: | |
name: Save Dependabot PR Number | |
needs: unit-tests | |
if: > | |
github.event.pull_request.draft == false && | |
github.event_name == 'pull_request' && | |
github.event.pull_request.user.login == 'dependabot[bot]' | |
runs-on: ubuntu-latest | |
steps: | |
- name: Check out repo | |
uses: actions/checkout@v4 | |
with: | |
persist-credentials: false | |
- name: Save PR number | |
run: | | |
mkdir -p ./pr | |
echo ${{ github.event.number }} > ./pr/NR | |
- name: Upload PR number in artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: pr | |
path: pr/ |