Bump actions/checkout from 4.1.4 to 4.2.0 #2465
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Check | |
on: | |
pull_request: ~ | |
push: | |
branches: | |
- main | |
- v3 | |
permissions: read-all | |
jobs: | |
build: | |
name: Build | |
runs-on: ubuntu-24.04 | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0 | |
with: | |
disable-sudo: true | |
egress-policy: block | |
allowed-endpoints: > | |
api.github.com:443 | |
artifactcache.actions.githubusercontent.com:443 | |
github.com:443 | |
nodejs.org:443 | |
objects.githubusercontent.com:443 | |
registry.npmjs.org:443 | |
- name: Checkout repository | |
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 | |
- name: Install Node.js | |
uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 | |
with: | |
cache: npm | |
node-version-file: .nvmrc | |
- name: Install dependencies | |
run: npm clean-install | |
- name: Build | |
run: npm run build | |
- name: Upload build file for re-use | |
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 | |
with: | |
name: index-js | |
path: index.js | |
retention-days: 1 | |
codeql: | |
name: CodeQL | |
runs-on: ubuntu-24.04 | |
needs: | |
- build | |
permissions: | |
security-events: write # To upload CodeQL results | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0 | |
with: | |
disable-sudo: true | |
egress-policy: block | |
allowed-endpoints: > | |
api.github.com:443 | |
ghcr.io:443 | |
github.com:443 | |
objects.githubusercontent.com:443 | |
pkg-containers.githubusercontent.com:443 | |
uploads.github.com:443 | |
- name: Checkout repository | |
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 | |
- name: Initialize CodeQL | |
uses: github/codeql-action/init@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6 | |
with: | |
config-file: ./.github/codeql.yml | |
languages: javascript | |
- name: Perform CodeQL analysis | |
uses: github/codeql-action/analyze@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6 | |
formatting: | |
name: Formatting | |
runs-on: ubuntu-24.04 | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0 | |
with: | |
disable-sudo: true | |
egress-policy: block | |
allowed-endpoints: > | |
api.github.com:443 | |
artifactcache.actions.githubusercontent.com:443 | |
github.com:443 | |
nodejs.org:443 | |
objects.githubusercontent.com:443 | |
registry.npmjs.org:443 | |
- name: Checkout repository | |
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 | |
- name: Install Node.js | |
uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 | |
with: | |
cache: npm | |
node-version-file: .nvmrc | |
- name: Install dependencies | |
run: npm clean-install | |
- name: Check formatting | |
run: npm run format:check -- --log-level debug | |
licenses: | |
name: Licenses | |
runs-on: ubuntu-24.04 | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0 | |
with: | |
disable-sudo: true | |
egress-policy: block | |
allowed-endpoints: > | |
api.github.com:443 | |
artifactcache.actions.githubusercontent.com:443 | |
github.com:443 | |
nodejs.org:443 | |
objects.githubusercontent.com:443 | |
registry.npmjs.org:443 | |
- name: Checkout repository | |
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 | |
- name: Install Node.js | |
uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 | |
with: | |
cache: npm | |
node-version-file: .nvmrc | |
- name: Install dependencies | |
run: npm clean-install | |
- name: Check licenses | |
run: npm run license-check | |
lint: | |
name: Lint | |
runs-on: ubuntu-24.04 | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0 | |
with: | |
disable-sudo: true | |
egress-policy: block | |
allowed-endpoints: > | |
api.github.com:443 | |
artifactcache.actions.githubusercontent.com:443 | |
github.com:443 | |
nodejs.org:443 | |
objects.githubusercontent.com:443 | |
registry.npmjs.org:443 | |
- name: Checkout repository | |
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 | |
- name: Install Node.js | |
uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 | |
with: | |
cache: npm | |
node-version-file: .nvmrc | |
- name: Install tooling | |
uses: asdf-vm/actions/install@4f8f7939dd917fc656bb7c3575969a5988c28364 # v3.0.0 | |
- name: Install dependencies | |
run: npm clean-install | |
- name: Lint CI | |
if: ${{ failure() || success() }} | |
run: npm run lint:ci -- -verbose | |
- name: Lint JSON | |
if: ${{ failure() || success() }} | |
run: npm run lint:json -- --debug | |
- name: Lint MarkDown | |
if: ${{ failure() || success() }} | |
run: | | |
npm run lint:md:text | |
npm run lint:md:code -- --debug | |
- name: Lint TypeScript | |
if: ${{ failure() || success() }} | |
run: npm run lint:ts -- --debug | |
- name: Lint YAML | |
if: ${{ failure() || success() }} | |
run: npm run lint:yml -- --debug | |
reproducible: | |
name: Reproducible build | |
runs-on: ubuntu-24.04 | |
needs: | |
- build | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0 | |
with: | |
disable-sudo: true | |
egress-policy: block | |
allowed-endpoints: > | |
api.github.com:443 | |
artifactcache.actions.githubusercontent.com:443 | |
github.com:443 | |
nodejs.org:443 | |
objects.githubusercontent.com:443 | |
registry.npmjs.org:443 | |
- name: Checkout repository | |
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 | |
- name: Install Node.js | |
uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 | |
with: | |
cache: npm | |
node-version-file: .nvmrc | |
- name: Install dependencies | |
run: npm clean-install | |
- name: Simulate publish | |
run: | | |
# Dry run publish to trigger any hooks | |
npm publish --dry-run --ignore-scripts=false | |
# Pack to produce the archive that would be published | |
npm pack | |
- name: Compute checksum | |
run: shasum -- *.tgz | tee checksums.txt | |
- name: Reset to a clean state | |
run: | | |
npm run clean | |
rm -- *.tgz | |
- name: Simulate publish again | |
run: | | |
npm publish --dry-run --ignore-scripts=false | |
npm pack | |
- name: Verify checksum | |
run: shasum --check checksums.txt --strict | |
test: | |
name: Test | |
runs-on: ubuntu-24.04 | |
needs: | |
- build | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0 | |
with: | |
disable-sudo: true | |
egress-policy: block | |
allowed-endpoints: > | |
api.github.com:443 | |
artifactcache.actions.githubusercontent.com:443 | |
github.com:443 | |
nodejs.org:443 | |
objects.githubusercontent.com:443 | |
registry.npmjs.org:443 | |
- name: Checkout repository | |
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 | |
- name: Install Node.js | |
uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 | |
with: | |
cache: npm | |
node-version-file: .nvmrc | |
- name: Install dependencies | |
run: npm clean-install | |
- name: Run tests with coverage | |
run: npm run coverage | |
test-compat: | |
name: Compatibility tests | |
runs-on: ubuntu-24.04 | |
needs: | |
- test | |
strategy: | |
fail-fast: false | |
matrix: | |
node-version: | |
- 18.0.0 | |
- 20.0.0 | |
- 22.0.0 | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0 | |
with: | |
disable-sudo: true | |
egress-policy: block | |
allowed-endpoints: > | |
api.github.com:443 | |
artifactcache.actions.githubusercontent.com:443 | |
github.com:443 | |
nodejs.org:443 | |
objects.githubusercontent.com:443 | |
registry.npmjs.org:443 | |
- name: Checkout repository | |
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 | |
- name: Install Node.js | |
uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 | |
with: | |
cache: npm | |
node-version: ${{ matrix.node-version }} | |
- name: Install compatible npm version | |
run: npm install --global [email protected] | |
- name: Install dependencies | |
run: npm clean-install | |
- name: Download index.js | |
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 | |
with: | |
name: index-js | |
- name: Run compatibility tests | |
run: npm run test:compat | |
test-mutation: | |
name: Mutation tests | |
runs-on: ubuntu-24.04 | |
needs: | |
- test | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0 | |
with: | |
disable-sudo: true | |
egress-policy: block | |
allowed-endpoints: > | |
api.github.com:443 | |
artifactcache.actions.githubusercontent.com:443 | |
github.com:443 | |
nodejs.org:443 | |
objects.githubusercontent.com:443 | |
registry.npmjs.org:443 | |
- name: Checkout repository | |
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 | |
- name: Install Node.js | |
uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 | |
with: | |
cache: npm | |
node-version-file: .nvmrc | |
- name: Cache Stryker incremental report | |
uses: actions/cache@ab5e6d0c87105b4c9c2047343972218f562e4319 # v4.0.1 | |
with: | |
path: .cache/stryker-incremental.json | |
key: mutation-${{ github.run_number }} | |
restore-keys: | | |
mutation- | |
- name: Install dependencies | |
run: npm clean-install | |
- name: Run mutation tests | |
run: npm run test:mutation | |
vet: | |
name: Vet | |
runs-on: ubuntu-24.04 | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0 | |
with: | |
disable-sudo: true | |
egress-policy: block | |
allowed-endpoints: > | |
api.github.com:443 | |
artifactcache.actions.githubusercontent.com:443 | |
github.com:443 | |
nodejs.org:443 | |
objects.githubusercontent.com:443 | |
registry.npmjs.org:443 | |
- name: Checkout repository | |
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 | |
- name: Install Node.js | |
uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 | |
with: | |
cache: npm | |
node-version-file: .nvmrc | |
- name: Install dependencies | |
run: npm clean-install | |
- name: Vet imports | |
if: ${{ failure() || success() }} | |
run: npm run vet:imports | |
- name: Vet package manifest | |
if: ${{ failure() || success() }} | |
run: npm run vet:package.json | |
- name: Vet lockfile | |
if: ${{ failure() || success() }} | |
run: npm run vet:package-lock.json | |
- name: Vet types | |
if: ${{ failure() || success() }} | |
run: npm run vet:types |