diff options
| author | Nextcloud bot <bot@nextcloud.com> | 2025-01-29 21:36:09 +0000 |
|---|---|---|
| committer | Nextcloud bot <bot@nextcloud.com> | 2025-01-29 21:36:09 +0000 |
| commit | f3bb7ae66602483ff5efe3af524b1b31badab291 (patch) | |
| tree | 57d08ea5c3556f5610de909eeb8cd450e495660e | |
| parent | 3f45bc5ed3b53a265dc3dd95b10b2506374f6a02 (diff) | |
| download | nextcloud-server-f3bb7ae66602483ff5efe3af524b1b31badab291.tar.gz nextcloud-server-f3bb7ae66602483ff5efe3af524b1b31badab291.zip | |
chore(CI): Updating npm-audit-fix.yml workflow from templatefeat/workflow-auto-update-npm-audit-fix.yml
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
| -rw-r--r-- | .github/workflows/npm-audit-fix.yml | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/.github/workflows/npm-audit-fix.yml b/.github/workflows/npm-audit-fix.yml index 60a7ef07505..ab51e6c4842 100644 --- a/.github/workflows/npm-audit-fix.yml +++ b/.github/workflows/npm-audit-fix.yml @@ -14,6 +14,9 @@ on: # At 2:30 on Sundays - cron: '30 2 * * 0' +permissions: + contents: read + jobs: build: runs-on: ubuntu-latest @@ -27,9 +30,12 @@ jobs: steps: - name: Checkout + id: checkout uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: + persist-credentials: false ref: ${{ matrix.branches }} + continue-on-error: true - name: Read package.json node and npm engines version uses: skjnldsv/read-package-engines-version-actions@06d6baf7d8f41934ab630e97d9e6c0bc9c9ac5e4 # v3 @@ -39,7 +45,7 @@ jobs: fallbackNpm: '^10' - name: Set up node ${{ steps.versions.outputs.nodeVersion }} - uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v3 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 with: node-version: ${{ steps.versions.outputs.nodeVersion }} @@ -51,7 +57,7 @@ jobs: uses: nextcloud-libraries/npm-audit-action@2a60bd2e79cc77f2cc4d9a3fe40f1a69896f3a87 # v0.1.0 - name: Run npm ci and npm run build - if: always() + if: steps.checkout.outcome == 'success' env: CYPRESS_INSTALL_BINARY: 0 run: | @@ -59,8 +65,8 @@ jobs: npm run build --if-present - name: Create Pull Request - if: always() - uses: peter-evans/create-pull-request@67ccf781d68cd99b580ae25a5c18a1cc84ffff1f # v7.0.6 + if: steps.checkout.outcome == 'success' + uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f # v7.0.5 with: token: ${{ secrets.COMMAND_BOT_PAT }} commit-message: 'fix(deps): Fix npm audit' |