# This workflow is provided via the organization template repository # # https://github.com/nextcloud/.github # https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization name: Npm audit fix and compile on: workflow_dispatch: schedule: # At 2:30 on Sundays - cron: '30 2 * * 0' jobs: build: runs-on: ubuntu-latest strategy: fail-fast: false matrix: branches: ["main", "master", "stable29", "stable28", "stable27"] name: npm-audit-fix-${{ matrix.branches }} steps: - name: Checkout uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v3.6.0 with: ref: ${{ matrix.branches }} - name: Read package.json node and npm engines version uses: skjnldsv/read-package-engines-version-actions@8205673bab74a63eb9b8093402fd9e0e018663a1 # v2.2 id: versions with: fallbackNode: '^20' fallbackNpm: '^9' - name: Set up node ${{ steps.versions.outputs.nodeVersion }} uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 with: node-version: ${{ steps.versions.outputs.nodeVersion }} - name: Set up npm ${{ steps.versions.outputs.npmVersion }} run: npm i -g npm@"${{ steps.versions.outputs.npmVersion }}" - name: Fix npm audit run: | npm audit fix - name: Run npm ci and npm run build if: always() env: CYPRESS_INSTALL_BINARY: 0 PUPPETEER_SKIP_DOWNLOAD: true run: | npm ci npm run build --if-present - name: Create Pull Request if: always() uses: peter-evans/create-pull-request@70a41aba780001da0a30141984ae2a0c95d8704e # v5 with: token: ${{ secrets.COMMAND_BOT_PAT }} commit-message: "chore(deps): fix npm audit" committer: GitHub author: nextcloud-command signoff: true branch: automated/noid/${{ matrix.branches }}-fix-npm-audit title: "[${{ matrix.branches }}] Fix npm audit" body: | Auto-generated fix of npm audit labels: | dependencies 3. to review