Skip to content

npm-audit

npm-audit #32

Workflow file for this run

on:
workflow_dispatch:
schedule:
# every Monday morning
- cron: '0 1 * * 1'
name: npm-audit
jobs:
findPackages:
runs-on: ubuntu-latest
outputs:
nodePaths: ${{ steps.interrogate.outputs.nodePaths }}
steps:
- uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3
with:
fetch-depth: 0
- uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3
with:
node-version: 14
- id: interrogate
run: node ./.github/workflows/list-node-paths-for-deps.js
updateDeps:
runs-on: ubuntu-latest
needs: findPackages
strategy:
fail-fast: false
max-parallel: 4
matrix:
package: ${{fromJson(needs.findPackages.outputs.nodePaths)}}
steps:
- uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3
- uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3
with:
node-version: ${{ matrix.node }}
- run: echo ./packages/${{ matrix.package }}
- run: cd ./packages/${{ matrix.package }} && npm audit fix
- uses: googleapis/code-suggester@6222c8894a0776306b5496b62cb20b408c95efd2 # v4
env:
ACCESS_TOKEN: ${{ secrets.YOSHI_CODE_BOT_TOKEN }}
with:
command: pr
upstream_owner: googleapis
upstream_repo: repo-automation-bots
description: 'ran `npm audit fix` in packages/${{ matrix.package }}'
title: 'chore: update lock file for ${{ matrix.package }}'
message: 'chore: update lock file for ${{ matrix.package }}'
branch: update-lock-file-${{ matrix.package }}
primary: main
force: true
git_dir: '.'