diff --git a/.github/workflows/auto-merge.yml b/.github/workflows/auto-merge.yml index a4ebd0a..2fffe77 100644 --- a/.github/workflows/auto-merge.yml +++ b/.github/workflows/auto-merge.yml @@ -5,15 +5,23 @@ on: branches: - master +permissions: read-all + jobs: auto-merge: name: Check and enable auto-merge if: ${{ github.actor == 'dependabot[bot]' }} runs-on: ubuntu-latest + timeout-minutes: 2 steps: - - name: Enable auto-merge for dependency update - uses: wearerequired/auto-merge-dependency-update-action@v1 - with: - github-token: ${{ secrets.PAT_WITH_REPO_SCOPE }} - allowed-update-types: 'devDependencies:minor, devDependencies:patch, dependencies:patch' + - name: Get Dependabot metadata + id: metadata + uses: dependabot/fetch-metadata@5e5f99653a5b510e8555840e80cbf1514ad4af38 # v2.1.0 + + - name: Enable auto-merge for minor and patch version updates + if: ${{ steps.metadata.outputs.update-type == 'version-update:semver-minor' || steps.metadata.outputs.update-type == 'version-update:semver-patch' }} + run: gh pr merge --auto --squash "$PR_URL" + env: + PR_URL: ${{ github.event.pull_request.html_url }} + GITHUB_TOKEN: ${{ secrets.REQUIRED_COM_REPO_ACCESS_PAT }} diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 01fea8b..b1e43c7 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -9,27 +9,22 @@ jobs: build: name: Build and commit updated assets runs-on: ubuntu-latest + timeout-minutes: 5 steps: - name: Check out repository - uses: actions/checkout@v2 + uses: actions/checkout@v4 with: # Custom token to allow commits trigger other workflows. - token: ${{ secrets.PAT_WITH_REPO_SCOPE }} - ref: ${{ github.event.pull_request.head.sha }} + token: ${{ secrets.REQUIRED_COM_REPO_ACCESS_PAT }} + ref: ${{ github.event.pull_request.head.ref }} - name: Set up Node.js - uses: actions/setup-node@v2 + uses: actions/setup-node@v4 with: - node-version: 14 - - - name: Cache Node.js dependencies - uses: actions/cache@v2 - with: - path: ~/.npm - key: ${{ runner.os }}-node-${{ hashFiles('**/package.json') }} - restore-keys: | - ${{ runner.os }}-node- + node-version-file: '.nvmrc' + cache: 'npm' + cache-dependency-path: 'package.json' - name: Install Node.js dependencies run: npm i diff --git a/.github/workflows/coding-standards.yml b/.github/workflows/coding-standards.yml index 009dc51..a8016ba 100644 --- a/.github/workflows/coding-standards.yml +++ b/.github/workflows/coding-standards.yml @@ -15,30 +15,25 @@ jobs: check: name: Set up and run linters runs-on: ubuntu-latest + timeout-minutes: 5 steps: - name: Check out repository (push) if: ${{ github.event_name == 'push' }} - uses: actions/checkout@v2 + uses: actions/checkout@v4 - name: Check out repository (pull_request_target) if: ${{ github.event_name == 'pull_request_target' }} - uses: actions/checkout@v2 + uses: actions/checkout@v4 with: ref: ${{ github.event.pull_request.head.sha }} - name: Set up Node.js - uses: actions/setup-node@v2 + uses: actions/setup-node@v4 with: - node-version: 14 - - - name: Cache Node.js dependencies - uses: actions/cache@v2 - with: - path: ~/.npm - key: ${{ runner.os }}-node-${{ hashFiles('**/package.json') }} - restore-keys: | - ${{ runner.os }}-node- + node-version-file: '.nvmrc' + cache: 'npm' + cache-dependency-path: 'package.json' - name: Install Node.js dependencies run: npm i @@ -46,18 +41,18 @@ jobs: - name: Set up PHP uses: shivammathur/setup-php@v2 with: - php-version: "7.4" + php-version: "8.2" coverage: none tools: composer - name: Install PHP dependencies - uses: ramsey/composer-install@v1 + uses: ramsey/composer-install@v3 - name: Make Composer packages available globally run: echo "${PWD}/vendor/bin" >> $GITHUB_PATH - name: Run linters - uses: wearerequired/lint-action@v1 + uses: wearerequired/lint-action@v2 with: continue_on_error: false eslint: true