From 3247d274dd724c5c65caa7047ad843c03d42aee4 Mon Sep 17 00:00:00 2001
From: Mike Bender <mikebender@deephaven.io>
Date: Thu, 27 Jul 2023 16:09:34 -0400
Subject: [PATCH] ci: Add workflow to automatically run npm audit fix weekly
 (#1422)

- Scheduled to run every Thursday morning at 6am UTC (2am ET)
- Opens a PR automatically
- PR still needs to be reviewed/approved
---
 .github/workflows/audit-fix.yml | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)
 create mode 100644 .github/workflows/audit-fix.yml

diff --git a/.github/workflows/audit-fix.yml b/.github/workflows/audit-fix.yml
new file mode 100644
index 0000000000..ddad55ebe2
--- /dev/null
+++ b/.github/workflows/audit-fix.yml
@@ -0,0 +1,28 @@
+# Automatically run `npm audit fix` every Thursday morning and open a PR if there are changes
+name: Audit fix
+on:
+  schedule:
+    - cron: '0 6 * * 4'
+jobs:
+  audit_fix:
+    runs-on: ubuntu-22.04
+    name: Run npm audit fix
+    steps:
+      - name: Checkout latest
+        uses: actions/checkout@v3
+      - name: Setup Node
+        uses: actions/setup-node@v3
+        with:
+          node-version-file: '.nvmrc'
+          registry-url: 'https://registry.npmjs.org'
+      - name: Run npm audit fix
+        # There may be some packages that can't be updated automatically. We don't want that to error out this step.
+        continue-on-error: true
+        run: npm audit fix
+      - name: Create Pull Request
+        uses: peter-evans/create-pull-request@v5
+        with:
+          base: main
+          title: 'chore: npm audit fix'
+          branch: deephaven-bot/npm-audit-fix
+          delete-branch: true