Resolve High Security Alerts by upgrading Dependencies #836
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: e2e-cache | |
on: | |
pull_request: | |
paths-ignore: | |
- '**.md' | |
push: | |
branches: | |
- main | |
- releases/* | |
paths-ignore: | |
- '**.md' | |
jobs: | |
node-npm-depencies-caching: | |
name: Test npm (Node ${{ matrix.node-version}}, ${{ matrix.os }}) | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false | |
matrix: | |
os: [ubuntu-latest, windows-latest, macos-latest] | |
node-version: [18, 20, 22] | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Clean global cache | |
run: npm cache clean --force | |
- name: Setup Node | |
uses: ./ | |
with: | |
node-version: ${{ matrix.node-version }} | |
cache: 'npm' | |
- name: Install dependencies | |
run: npm install | |
- name: Verify node and npm | |
run: __tests__/verify-node.sh "${{ matrix.node-version }}" | |
shell: bash | |
node-pnpm-depencies-caching: | |
name: Test pnpm (Node ${{ matrix.node-version}}, ${{ matrix.os }}) | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false | |
matrix: | |
os: [ubuntu-latest, windows-latest, macos-latest] | |
node-version: [18, 20, 22] | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Install pnpm | |
uses: pnpm/action-setup@v2 | |
with: | |
version: 6.10.0 | |
- name: Generate pnpm file | |
run: pnpm install | |
- name: Remove dependencies | |
shell: pwsh | |
run: Remove-Item node_modules -Force -Recurse | |
- name: Clean global cache | |
run: rm -rf ~/.pnpm-store | |
shell: bash | |
- name: Setup Node | |
uses: ./ | |
with: | |
node-version: ${{ matrix.node-version }} | |
cache: 'pnpm' | |
- name: Install dependencies | |
run: pnpm install | |
- name: Verify node and pnpm | |
run: __tests__/verify-node.sh "${{ matrix.node-version }}" | |
shell: bash | |
node-yarn1-depencies-caching: | |
name: Test yarn 1 (Node ${{ matrix.node-version}}, ${{ matrix.os }}) | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false | |
matrix: | |
os: [ubuntu-latest, windows-latest, macos-latest] | |
node-version: [18, 20] | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Yarn version | |
run: yarn --version | |
- name: Generate yarn file | |
run: yarn install | |
- name: Remove dependencies | |
shell: pwsh | |
run: Remove-Item node_modules -Force -Recurse | |
- name: Clean global cache | |
run: yarn cache clean | |
- name: Setup Node | |
uses: ./ | |
with: | |
node-version: ${{ matrix.node-version }} | |
cache: 'yarn' | |
- name: Install dependencies | |
run: yarn install --ignore-engines | |
- name: Verify node and yarn | |
run: __tests__/verify-node.sh "${{ matrix.node-version }}" | |
shell: bash | |
node-yarn3-depencies-caching: | |
name: Test yarn 3 (Node ${{ matrix.node-version}}, ${{ matrix.os }}) | |
runs-on: ${{ matrix.os }} | |
env: | |
YARN_ENABLE_IMMUTABLE_INSTALLS: false | |
strategy: | |
fail-fast: false | |
matrix: | |
os: [ubuntu-latest, windows-latest, macos-latest] | |
node-version: [18, 20, 22] | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Update yarn | |
run: yarn set version 3.6.4 | |
- name: Yarn version | |
run: yarn --version | |
- name: Generate simple .yarnrc.yml | |
run: | | |
echo "nodeLinker: node-modules" >> .yarnrc.yml | |
- name: Generate yarn file | |
run: yarn install | |
- name: Remove dependencies | |
shell: pwsh | |
run: Remove-Item node_modules -Force -Recurse | |
- name: Clean global cache | |
run: yarn cache clean --all | |
- name: Setup Node | |
uses: ./ | |
with: | |
node-version: ${{ matrix.node-version }} | |
cache: 'yarn' | |
- name: Install dependencies | |
run: yarn install | |
- name: Verify node and yarn | |
run: __tests__/verify-node.sh "${{ matrix.node-version }}" | |
shell: bash | |
yarn-subprojects: | |
name: Test yarn subprojects | |
strategy: | |
matrix: | |
node-version: [18, 20, 22] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: prepare sub-projects | |
run: __tests__/prepare-yarn-subprojects.sh yarn1 | |
# expect | |
# - no errors | |
# - log | |
# ##[debug]Cache Paths: | |
# ##[debug]["sub2/.yarn/cache","sub3/.yarn/cache","../../../.cache/yarn/v6"] | |
- name: Setup Node | |
uses: ./ | |
with: | |
node-version: ${{ matrix.node-version }} | |
cache: 'yarn' | |
cache-dependency-path: | | |
**/*.lock | |
yarn.lock | |
yarn-subprojects-berry-local: | |
name: Test yarn subprojects all locally managed | |
strategy: | |
matrix: | |
node-version: [18, 20, 22] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: prepare sub-projects | |
run: __tests__/prepare-yarn-subprojects.sh keepcache keepcache | |
# expect | |
# - no errors | |
# - log | |
# ##[info]All dependencies are managed locally by yarn3, the previous cache can be used | |
# ##[debug]["node-cache-Linux-yarn-401024703386272f1a950c9f014cbb1bb79a7a5b6e1fb00e8b90d06734af41ee","node-cache-Linux-yarn"] | |
- name: Setup Node | |
uses: ./ | |
with: | |
node-version: ${{ matrix.node-version }} | |
cache: 'yarn' | |
cache-dependency-path: | | |
sub2/*.lock | |
sub3/*.lock | |
yarn-subprojects-berry-global: | |
name: Test yarn subprojects some locally managed | |
strategy: | |
matrix: | |
node-version: [18, 20, 22] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: prepare sub-projects | |
run: __tests__/prepare-yarn-subprojects.sh global | |
# expect | |
# - no errors | |
# - log must | |
# ##[debug]"/home/runner/work/setup-node-test/setup-node-test/sub2" dependencies are managed by yarn 3 locally | |
# ##[debug]"/home/runner/work/setup-node-test/setup-node-test/sub3" dependencies are not managed by yarn 3 locally | |
- name: Setup Node | |
uses: ./ | |
with: | |
node-version: ${{ matrix.node-version }} | |
cache: 'yarn' | |
cache-dependency-path: | | |
sub2/*.lock | |
sub3/*.lock | |
yarn-subprojects-berry-git: | |
name: Test yarn subprojects managed by git | |
strategy: | |
matrix: | |
node-version: [18, 20, 22] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: prepare sub-projects | |
run: /bin/bash __tests__/prepare-yarn-subprojects.sh keepcache | |
# expect | |
# - no errors | |
# - log | |
# [debug]"/home/runner/work/setup-node-test/setup-node-test/sub2" has .yarn/cache - dependencies are kept in the repository | |
# [debug]"/home/runner/work/setup-node-test/setup-node-test/sub3" has .yarn/cache - dependencies are kept in the repository | |
# [debug]["node-cache-Linux-yarn-401024703386272f1a950c9f014cbb1bb79a7a5b6e1fb00e8b90d06734af41ee"] | |
- name: Setup Node | |
uses: ./ | |
with: | |
node-version: ${{ matrix.node-version }} | |
cache: 'yarn' | |
cache-dependency-path: | | |
sub2/*.lock | |
sub3/*.lock |