Tools and deps update #15

Workflow file for this run

	name: Tools and deps update
	on:
	schedule:
	# Run once a week at 00:05 AM UTC on Sunday.
	- cron: 5 0 * * 0

	workflow_dispatch:
	inputs:
	id:
	description: The ID of the job to run
	required: true
	default: all
	type: choice
	options:
	- all
	- acorn
	- acorn-walk
	- ada
	- brotli
	- c-ares
	- cjs-module-lexer
	- corepack
	- doc
	- eslint
	- github_reporter
	- googletest
	- gyp-next
	- histogram
	- icu
	# - libuv
	- lint-md-dependencies
	- llhttp
	- minimatch
	- nbytes
	- nghttp2
	- nghttp3
	- ngtcp2
	- postject
	- root-certificates
	- simdjson
	- simdutf
	- sqlite
	- undici
	- uvwasi
	- zlib

	env:
	PYTHON_VERSION: '3.12'

	permissions:
	contents: read

	jobs:
	tools-deps-update:
	if: github.repository == 'nodejs/node'
	runs-on: ubuntu-latest
	strategy:
	fail-fast: false # Prevent other jobs from aborting if one fails
	matrix:
	include:
	- id: acorn
	subsystem: deps
	label: dependencies
	run: \|
	./tools/dep_updaters/update-acorn.sh > temp-output
	cat temp-output
	tail -n1 temp-output \| grep "NEW_VERSION=" >> "$GITHUB_ENV" \|\| true
	rm temp-output
	- id: acorn-walk
	subsystem: deps
	label: dependencies
	run: \|
	./tools/dep_updaters/update-acorn-walk.sh > temp-output
	cat temp-output
	tail -n1 temp-output \| grep "NEW_VERSION=" >> "$GITHUB_ENV" \|\| true
	rm temp-output
	- id: ada
	subsystem: deps
	label: dependencies
	run: \|
	./tools/dep_updaters/update-ada.sh > temp-output
	cat temp-output
	tail -n1 temp-output \| grep "NEW_VERSION=" >> "$GITHUB_ENV" \|\| true
	rm temp-output
	- id: brotli
	subsystem: deps
	label: dependencies
	run: \|
	./tools/dep_updaters/update-brotli.sh > temp-output
	cat temp-output
	tail -n1 temp-output \| grep "NEW_VERSION=" >> "$GITHUB_ENV" \|\| true
	rm temp-output
	- id: c-ares
	subsystem: deps
	label: dependencies
	run: \|
	./tools/dep_updaters/update-c-ares.sh > temp-output
	cat temp-output
	tail -n1 temp-output \| grep "NEW_VERSION=" >> "$GITHUB_ENV" \|\| true
	rm temp-output
	- id: cjs-module-lexer
	subsystem: deps
	label: dependencies
	run: \|
	./tools/dep_updaters/update-cjs-module-lexer.sh > temp-output
	cat temp-output
	tail -n1 temp-output \| grep "NEW_VERSION=" >> "$GITHUB_ENV" \|\| true
	rm temp-output
	- id: corepack
	subsystem: deps
	label: dependencies
	run: \|
	make corepack-update
	echo "NEW_VERSION=$(node deps/corepack/dist/corepack.js --version)" >> $GITHUB_ENV
	- id: doc
	subsystem: tools
	label: tools
	run: \|
	cd tools/doc
	npm ci
	NEW_VERSION=$(npm outdated --parseable \| cut -d: -f4 \| xargs)
	if [ "$NEW_VERSION" != "" ]; then
	echo "NEW_VERSION=new version" >> $GITHUB_ENV
	rm -rf package-lock.json node_modules
	# Include $NEW_VERSION to explicitly update the package.json
	# entry for the dependency and also so that semver-major updates
	# are not skipped.
	npm install --ignore-scripts $NEW_VERSION
	npm install --ignore-scripts
	fi
	- id: eslint
	subsystem: tools
	label: tools
	run: \|
	./tools/dep_updaters/update-eslint.sh > temp-output
	cat temp-output
	tail -n1 temp-output \| grep "NEW_VERSION=" >> "$GITHUB_ENV" \|\| true
	rm temp-output
	- id: github_reporter
	subsystem: tools
	label: tools
	run: \|
	./tools/dep_updaters/update-github-reporter.sh > temp-output
	cat temp-output
	tail -n1 temp-output \| grep "NEW_VERSION=" >> "$GITHUB_ENV" \|\| true
	rm temp-output
	- id: googletest
	subsystem: deps
	label: dependencies, test
	run: \|
	./tools/dep_updaters/update-googletest.sh > temp-output
	cat temp-output
	tail -n1 temp-output \| grep "NEW_VERSION=" >> "$GITHUB_ENV" \|\| true
	rm temp-output
	- id: gyp-next
	subsystem: tools
	label: tools
	run: \|
	./tools/dep_updaters/update-gyp-next.sh > temp-output
	cat temp-output
	tail -n1 temp-output \| grep "NEW_VERSION=" >> "$GITHUB_ENV" \|\| true
	rm temp-output
	- id: histogram
	subsystem: deps
	label: dependencies
	run: \|
	./tools/dep_updaters/update-histogram.sh > temp-output
	cat temp-output
	tail -n1 temp-output \| grep "NEW_VERSION=" >> "$GITHUB_ENV" \|\| true
	rm temp-output
	- id: icu
	subsystem: deps
	label: dependencies, test
	run: \|
	./tools/dep_updaters/update-icu.sh > temp-output
	cat temp-output
	tail -n1 temp-output \| grep "NEW_VERSION=" >> "$GITHUB_ENV" \|\| true
	rm temp-output
	# libuv update was disabled because of Feb 14, 2024 security release
	# modified the bundled version of libuv, we cannot automatically update
	# libuv without potentially undoing those changes.
	# - id: libuv
	# subsystem: deps
	# label: dependencies
	# run: \|
	# ./tools/dep_updaters/update-libuv.sh > temp-output
	# cat temp-output
	# tail -n1 temp-output \| grep "NEW_VERSION=" >> "$GITHUB_ENV" \|\| true
	# rm temp-output
	- id: lint-md-dependencies
	subsystem: tools
	label: tools
	run: \|
	cd tools/lint-md
	npm ci
	NEW_VERSION=$(npm outdated --parseable \| cut -d: -f4 \| xargs)
	if [ "$NEW_VERSION" != "" ]; then
	echo "NEW_VERSION=$NEW_VERSION" >> $GITHUB_ENV
	rm -rf package-lock.json node_modules
	# Include $NEW_VERSION to explicitly update the package.json
	# entry for the dependency and also so that semver-major updates
	# are not skipped.
	npm install --ignore-scripts $NEW_VERSION
	npm install --ignore-scripts
	cd ../..
	make lint-md-rollup
	fi
	- id: llhttp
	subsystem: deps
	label: dependencies
	run: \|
	./tools/dep_updaters/update-llhttp.sh > temp-output
	cat temp-output
	tail -n1 temp-output \| grep "NEW_VERSION=" >> "$GITHUB_ENV" \|\| true
	rm temp-output
	- id: minimatch
	subsystem: deps
	label: dependencies
	run: \|
	./tools/dep_updaters/update-minimatch.sh > temp-output
	cat temp-output
	tail -n1 temp-output \| grep "NEW_VERSION=" >> "$GITHUB_ENV" \|\| true
	rm temp-output
	- id: nbytes
	subsystem: deps
	label: dependencies
	run: \|
	./tools/dep_updaters/update-nbytes.sh > temp-output
	cat temp-output
	tail -n1 temp-output \| grep "NEW_VERSION=" >> "$GITHUB_ENV" \|\| true
	rm temp-output
	- id: nghttp2
	subsystem: deps
	label: dependencies
	run: \|
	./tools/dep_updaters/update-nghttp2.sh > temp-output
	cat temp-output
	tail -n1 temp-output \| grep "NEW_VERSION=" >> "$GITHUB_ENV" \|\| true
	rm temp-output
	- id: nghttp3
	subsystem: deps
	label: dependencies
	run: \|
	./tools/dep_updaters/update-nghttp3.sh > temp-output
	cat temp-output
	tail -n1 temp-output \| grep "NEW_VERSION=" >> "$GITHUB_ENV" \|\| true
	rm temp-output
	- id: ngtcp2
	subsystem: deps
	label: dependencies
	run: \|
	./tools/dep_updaters/update-ngtcp2.sh > temp-output
	cat temp-output
	tail -n1 temp-output \| grep "NEW_VERSION=" >> "$GITHUB_ENV" \|\| true
	rm temp-output
	- id: postject
	subsystem: deps,test
	label: test
	run: \|
	./tools/dep_updaters/update-postject.sh > temp-output
	cat temp-output
	tail -n1 temp-output \| grep "NEW_VERSION=" >> "$GITHUB_ENV" \|\| true
	rm temp-output
	- id: root-certificates
	subsystem: crypto
	label: crypto, notable-change
	run: \|
	node ./tools/dep_updaters/update-root-certs.mjs -v -f "$GITHUB_ENV"
	- id: simdjson
	subsystem: deps
	label: dependencies
	run: \|
	./tools/dep_updaters/update-simdjson.sh > temp-output
	cat temp-output
	tail -n1 temp-output \| grep "NEW_VERSION=" >> "$GITHUB_ENV" \|\| true
	rm temp-output
	- id: simdutf
	subsystem: deps
	label: dependencies
	run: \|
	./tools/dep_updaters/update-simdutf.sh > temp-output
	cat temp-output
	tail -n1 temp-output \| grep "NEW_VERSION=" >> "$GITHUB_ENV" \|\| true
	rm temp-output
	- id: sqlite
	subsystem: deps
	label: dependencies
	run: \|
	./tools/dep_updaters/update-sqlite.sh > temp-output
	cat temp-output
	tail -n1 temp-output \| grep "NEW_VERSION=" >> "$GITHUB_ENV" \|\| true
	rm temp-output
	- id: undici
	subsystem: deps
	label: dependencies
	run: \|
	./tools/dep_updaters/update-undici.sh > temp-output
	cat temp-output
	tail -n1 temp-output \| grep "NEW_VERSION=" >> "$GITHUB_ENV" \|\| true
	rm temp-output
	- id: uvwasi
	subsystem: deps
	label: dependencies
	run: \|
	./tools/dep_updaters/update-uvwasi.sh > temp-output
	cat temp-output
	tail -n1 temp-output \| grep "NEW_VERSION=" >> "$GITHUB_ENV" \|\| true
	rm temp-output
	- id: zlib
	subsystem: deps
	label: dependencies
	run: \|
	./tools/dep_updaters/update-zlib.sh > temp-output
	cat temp-output
	tail -n1 temp-output \| grep "NEW_VERSION=" >> "$GITHUB_ENV" \|\| true
	rm temp-output
	steps:
	- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
	if: github.event_name == 'schedule' \|\| inputs.id == 'all' \|\| inputs.id == matrix.id
	with:
	persist-credentials: false
	- name: Set up Python ${{ env.PYTHON_VERSION }}
	if: matrix.id == 'icu' && (github.event_name == 'schedule' \|\| inputs.id == 'all' \|\| inputs.id == matrix.id)
	uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0
	with:
	python-version: ${{ env.PYTHON_VERSION }}
	- run: ${{ matrix.run }}
	if: github.event_name == 'schedule' \|\| inputs.id == 'all' \|\| inputs.id == matrix.id
	env:
	GITHUB_TOKEN: ${{ secrets.GH_USER_TOKEN }}
	- name: Generate commit message if not set
	if: env.COMMIT_MSG == '' && (github.event_name == 'schedule' \|\| inputs.id == 'all' \|\| inputs.id == matrix.id)
	run: \|
	echo "COMMIT_MSG=${{ matrix.subsystem }}: update ${{ matrix.id }} to ${{ env.NEW_VERSION }}" >> "$GITHUB_ENV"
	- uses: gr2m/create-or-update-pull-request-action@86ec1766034c8173518f61d2075cc2a173fb8c97 # v1.9.4
	if: github.event_name == 'schedule' \|\| inputs.id == 'all' \|\| inputs.id == matrix.id
	# Creates a PR or update the Action's existing PR, or
	# no-op if the base branch is already up-to-date.
	env:
	GITHUB_TOKEN: ${{ secrets.GH_USER_TOKEN }}
	with:
	author: Node.js GitHub Bot <github-bot@iojs.org>
	body: This is an automated update of ${{ matrix.id }} to ${{ env.NEW_VERSION }}.
	branch: actions/tools-update-${{ matrix.id }} # Custom branch just for this Action.
	commit-message: ${{ env.COMMIT_MSG }}
	labels: ${{ matrix.label }}
	title: '${{ matrix.subsystem }}: update ${{ matrix.id }} to ${{ env.NEW_VERSION }}'
	update-pull-request-title-and-body: true

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Tools and deps update #15

Workflow file

Tools and deps update #15

Jobs

Run details

Workflow file for this run