Skip to content

fix(deps): update dependency jsonpath-plus to 10.0.0 due to vulnerability #1751

fix(deps): update dependency jsonpath-plus to 10.0.0 due to vulnerability

fix(deps): update dependency jsonpath-plus to 10.0.0 due to vulnerability #1751

# This action is centrally managed in https://github.com/asyncapi/.github/
# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in above mentioned repo
# It does magic only if there is package.json file in the root of the project
name: PR testing - if Node project
on:
pull_request:
types: [opened, reopened, synchronize, ready_for_review]
jobs:
test-nodejs-pr:
name: Test NodeJS PR - ${{ matrix.os }}
runs-on: ${{ matrix.os }}
strategy:
matrix:
# Using macos-13 instead of latest (macos-14) due to an issue with Puppeteer and such runner.
# See: https://github.com/puppeteer/puppeteer/issues/12327 and https://github.com/asyncapi/parser-js/issues/1001
os: [ubuntu-latest, macos-13, windows-latest]
steps:
- if: >
!github.event.pull_request.draft && !(
(github.actor == 'asyncapi-bot' && (
startsWith(github.event.pull_request.title, 'ci: update of files from global .github repo') ||
startsWith(github.event.pull_request.title, 'chore(release):')
)) ||
(github.actor == 'asyncapi-bot-eve' && (
startsWith(github.event.pull_request.title, 'ci: update of files from global .github repo') ||
startsWith(github.event.pull_request.title, 'chore(release):')
)) ||
(github.actor == 'allcontributors[bot]' &&
startsWith(github.event.pull_request.title, 'docs: add')
)
)
id: should_run
name: Should Run
run: echo "shouldrun=true" >> $GITHUB_OUTPUT
shell: bash
- if: steps.should_run.outputs.shouldrun == 'true'
name: Set git to use LF #to once and for all finish neverending fight between Unix and Windows
run: |
git config --global core.autocrlf false
git config --global core.eol lf
shell: bash
- if: steps.should_run.outputs.shouldrun == 'true'
name: Checkout repository
uses: actions/checkout@v4
- if: steps.should_run.outputs.shouldrun == 'true'
name: Check if Node.js project and has package.json
id: packagejson
run: test -e ./package.json && echo "exists=true" >> $GITHUB_OUTPUT || echo "exists=false" >> $GITHUB_OUTPUT
shell: bash
- if: steps.packagejson.outputs.exists == 'true'
name: Check package-lock version
uses: asyncapi/.github/.github/actions/get-node-version-from-package-lock@master
id: lockversion
- if: steps.packagejson.outputs.exists == 'true'
name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: "${{ steps.lockversion.outputs.version }}"
- if: steps.lockversion.outputs.version == '18' && matrix.os == 'windows-latest'
#npm cli 10 is buggy because of some cache issue
name: Install npm cli 8
shell: bash
run: npm install -g [email protected]
- if: steps.packagejson.outputs.exists == 'true'
name: Install dependencies
shell: bash
run: npm ci
- if: steps.packagejson.outputs.exists == 'true'
name: Test
run: npm test --if-present
- if: steps.packagejson.outputs.exists == 'true' && matrix.os == 'ubuntu-latest'
#linting should run just one and not on all possible operating systems
name: Run linter
run: npm run lint --if-present
- if: steps.packagejson.outputs.exists == 'true'
name: Run release assets generation to make sure PR does not break it
shell: bash
run: npm run generate:assets --if-present