Skip to content

Commit 4a37e3b

Browse files
alexander-akaitalexander-akait
authored
chore: use locks for ci and dependabot update (#201)
1 parent 612069b commit 4a37e3b

3 files changed

Lines changed: 86 additions & 6 deletions

File tree

.github/dependabot.yml

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,28 @@
1+
version: 2
2+
updates:
3+
- package-ecosystem: npm
4+
directory: "/"
5+
schedule:
6+
interval: "weekly"
7+
open-pull-requests-limit: 20
8+
labels:
9+
- dependencies
10+
versioning-strategy: widen
11+
groups:
12+
dependencies:
13+
patterns:
14+
- "*"
15+
update-types:
16+
- "minor"
17+
- "patch"
18+
- package-ecosystem: "github-actions"
19+
directory: "/"
20+
schedule:
21+
interval: "weekly"
22+
open-pull-requests-limit: 20
23+
labels:
24+
- dependencies
25+
groups:
26+
dependencies:
27+
patterns:
28+
- "*"

.github/workflows/dependabot.yml

Lines changed: 38 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,38 @@
1+
name: Dependabot
2+
3+
on: pull_request
4+
5+
permissions:
6+
contents: write
7+
pull-requests: write
8+
9+
jobs:
10+
dependabot-auto-merge:
11+
runs-on: ubuntu-latest
12+
if: github.actor == 'dependabot[bot]'
13+
steps:
14+
- name: Generate Token
15+
uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0
16+
id: app-token
17+
with:
18+
app-id: ${{ secrets.BOT_APP_ID }}
19+
private-key: ${{ secrets.BOT_PRIVATE_KEY }}
20+
21+
- name: Dependabot metadata
22+
id: dependabot-metadata
23+
uses: dependabot/fetch-metadata@21025c705c08248db411dc16f3619e6b5f9ea21a # v2.5.0
24+
with:
25+
github-token: "${{ steps.app-token.outputs.token }}"
26+
27+
- name: Enable auto-merge for Dependabot PRs
28+
if: steps.dependabot-metadata.outputs.update-type != 'version-update:semver-major'
29+
run: |
30+
if [ "$(gh pr status --json reviewDecision -q .currentBranch.reviewDecision)" != "APPROVED" ];
31+
then gh pr review --approve "$PR_URL"
32+
else echo "PR already approved, skipping additional approvals to minimize emails/notification noise.";
33+
fi
34+
35+
gh pr merge --auto --squash "$PR_URL"
36+
env:
37+
PR_URL: ${{ github.event.pull_request.html_url }}
38+
GH_TOKEN: ${{ steps.app-token.outputs.token }}

.github/workflows/test.yml

Lines changed: 20 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -13,14 +13,20 @@ jobs:
1313
lint:
1414
runs-on: ubuntu-latest
1515
steps:
16-
- uses: actions/checkout@v4
16+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
17+
with:
18+
fetch-depth: 0
19+
1720
- name: Use Node.js
18-
uses: actions/setup-node@v4
21+
uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
1922
with:
2023
node-version: lts/*
2124
cache: npm
25+
2226
- run: npm ci
27+
2328
- run: npm run lint
29+
2430
test:
2531
strategy:
2632
fail-fast: false
@@ -41,8 +47,11 @@ jobs:
4147
]
4248
runs-on: ${{ matrix.os }}
4349
steps:
44-
- uses: actions/checkout@v4
45-
- uses: actions/github-script@v7
50+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
51+
with:
52+
fetch-depth: 0
53+
54+
- uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
4655
id: calculate_architecture
4756
with:
4857
result-encoding: string
@@ -52,21 +61,26 @@ jobs:
5261
} else {
5362
return ''
5463
}
64+
5565
- name: Use Node.js ${{ matrix.node-version }}
56-
uses: actions/setup-node@v4
66+
uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
5767
with:
5868
node-version: ${{ matrix.node-version }}
5969
architecture: ${{ steps.calculate_architecture.outputs.result }}
6070
cache: npm
71+
6172
- name: Install dependencies
6273
run: npm install
6374
if: matrix.node-version == '8.x' || matrix.node-version == '10.x' || matrix.node-version == '12.x' || matrix.node-version == '14.x'
75+
6476
- name: Install dependencies
6577
run: npm ci
6678
if: matrix.node-version != '8.x' && matrix.node-version != '10.x' && matrix.node-version != '12.x' && matrix.node-version != '14.x'
79+
6780
- name: Run tests with coverage
6881
run: npm run test -- --ci --coverage
69-
- uses: codecov/codecov-action@v5
82+
83+
- uses: codecov/codecov-action@671740ac38dd9b0130fbe1cec585b89eea48d3de # v5.5.2
7084
with:
7185
flags: integration
7286
token: ${{ secrets.CODECOV_TOKEN }}

0 commit comments

Comments
 (0)