Skip to content

[Snyk] Security upgrade axios from 1.7.2 to 1.7.4 #486

[Snyk] Security upgrade axios from 1.7.2 to 1.7.4

[Snyk] Security upgrade axios from 1.7.2 to 1.7.4 #486

Workflow file for this run

name: Test and Release
# Run this job on all pushes and pull requests
# as well as tags with a semantic version
on:
push:
branches:
- "*"
tags:
# normal versions
- "v[0-9]+.[0-9]+.[0-9]+"
# pre-releases
- "v[0-9]+.[0-9]+.[0-9]+-**"
pull_request: {}
jobs:
# Performs quick checks before the expensive test runs
check-and-lint:
if: contains(github.event.head_commit.message, '[skip ci]') == false
runs-on: ubuntu-latest
strategy:
matrix:
node-version: [18.x, 20.x]
steps:
- uses: actions/checkout@v1
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v1
with:
node-version: ${{ matrix.node-version }}
- name: Install Dependencies
run: npm ci
- name: Lint source code
run: npm run lint
- name: Test package files
run: npm run test:package
# Runs adapter tests on all supported node versions and OSes
adapter-tests:
if: contains(github.event.head_commit.message, '[skip ci]') == false
needs: [check-and-lint]
runs-on: ${{ matrix.os }}
strategy:
matrix:
node-version: [18.x, 20.x]
os: [ubuntu-latest, windows-latest, macos-latest]
exclude:
# Don't test Node.js 8 on Windows. npm is weird here
- os: windows-latest
node-version: 8.x
steps:
- uses: actions/checkout@v1
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v1
with:
node-version: ${{ matrix.node-version }}
- name: Install Dependencies
run: npm ci
- name: Run unit tests
run: npm run test:unit
- name: Run integration tests (unix only)
if: startsWith(runner.OS, 'windows') == false
run: DEBUG=testing:* npm run test:integration
- name: Run integration tests (windows only)
if: startsWith(runner.OS, 'windows')
run: set DEBUG=testing:* & npm run test:integration
# TODO: To enable automatic npm releases, create a token on npmjs.org
# Enter this token as a GitHub secret (with name NPM_TOKEN) in the repository options
# Then uncomment the following block:
# Deploys the final package to NPM
deploy:
needs: [adapter-tests]
# Trigger this step only when a commit on master is tagged with a version number
if: |
contains(github.event.head_commit.message, '[skip ci]') == false &&
github.event_name == 'push' &&
startsWith(github.ref, 'refs/tags/')
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Use Node.js 18.x
uses: actions/setup-node@v4
with:
node-version: 18.x
- name: Extract the version and commit body from the tag
id: extract_release
# The body may be multiline, therefore, we need to escape some characters
run: |
VERSION="${{ github.ref }}"
VERSION=${VERSION##*/}
VERSION=${VERSION##*v}
echo "::set-output name=VERSION::$VERSION"
BODY=$(git show -s --format=%b)
BODY="${BODY//'%'/'%25'}"
BODY="${BODY//$'\n'/'%0A'}"
BODY="${BODY//$'\r'/'%0D'}"
echo "::set-output name=BODY::$BODY"
- name: Publish package to npm
run: |
npm config set //registry.npmjs.org/:_authToken=${{ secrets.NPM_TOKEN }}
npm whoami
npx lerna publish from-package --yes
- name: Create Github Release
uses: actions/create-release@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: ${{ github.ref }}
release_name: Release v${{ steps.extract_release.outputs.VERSION }}
draft: false
# Prerelease versions create pre-releases on GitHub
prerelease: ${{ contains(steps.extract_release.outputs.VERSION, '-') }}
body: ${{ steps.extract_release.outputs.BODY }}
- name: Notify Sentry.io about the release
run: |
cd packages/admin
npm i -g @sentry/cli
export SENTRY_AUTH_TOKEN=${{ secrets.SENTRY_AUTH_TOKEN }}
export SENTRY_URL=https://sentry.iobroker.net
export SENTRY_ORG=iobroker
export SENTRY_PROJECT=iobroker-admin
export SENTRY_VERSION=iobroker.admin@${{ steps.extract_release.outputs.VERSION }}
export SENTRY_RELEASE=${{ steps.extract_release.outputs.VERSION }}
sentry-cli releases new $SENTRY_VERSION
sentry-cli releases finalize $SENTRY_VERSION
sentry-cli sourcemaps inject ./adminWww
sentry-cli sourcemaps upload ./adminWww
# Dummy job for skipped builds - without this, github reports the build as failed
skip-ci:
if: contains(github.event.head_commit.message, '[skip ci]')
runs-on: ubuntu-latest
steps:
- name: Skip build
run: echo "Build skipped!"