Skip to content

Update dependency fastify to v4.29.0 (#345) #972

Update dependency fastify to v4.29.0 (#345)

Update dependency fastify to v4.29.0 (#345) #972

name: 'Pinned dependencies'
on: push
jobs:
check-dependencies:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Extract all versions from package.json
uses: sergeysova/jq-action@a3f0d4ff59cc1dddf023fc0b325dd75b10deec58 # v2.3.0
id: versions
with:
cmd: "jq '[getpath([\"dependencies\"],[\"devDependencies\"],[\"optionalDependencies\"])] | del(..|nulls) | map(.[]) | join(\",\")' package.json -r"
multiline: true
- name: Check for un-pinned versions
run: |
versions="${{ steps.versions.outputs.value }}"
IFS="," read -a versionsList <<< $versions
# Simple regex that does what we need it for
regex="^(0|[1-9][0-9]*)\.(0|[1-9][0-9]*)\.(0|[1-9][0-9]*)(-\w+)?(\+\w+)?(\.(0|[1-9][0-9]*))?$"
exitCode=0
for version in ${versionsList[@]}; do
if echo "$version" | grep -Ev "$regex" > /dev/null; then
lineNumber=$(grep -F -n -m 1 "$version" "package.json" | sed 's/\([0-9]*\).*/\1/')
MESSAGE="Dependency version is not pinned: $version"
echo "::error file=package.json,line=$lineNumber,endLine=$lineNumber,title=Dependency::$MESSAGE"
exitCode=1
fi
done
exit "$exitCode"