Updated symfony/process to ^6.4.14 to resolve security vulnerability … #1817
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Copyright (c) HashiCorp, Inc. | |
# SPDX-License-Identifier: MPL-2.0 | |
# | |
# Based on https://github.com/hashicorp/nextjs-bundle-analysis/blob/main/template.yml | |
name: 'Next.js Bundle Analysis' | |
on: | |
pull_request: | |
branches-ignore: | |
- 'main' | |
push: | |
branches: | |
- 'canary' | |
workflow_dispatch: | |
permissions: | |
contents: read # for checkout repository | |
actions: read # for fetching base branch bundle stats | |
pull-requests: write # for comments | |
jobs: | |
analyze: | |
strategy: | |
matrix: | |
next-dir: [ | |
'examples/next/faustwp-getting-started', | |
] | |
runs-on: ubuntu-22.04 | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Install Node.js | |
uses: actions/setup-node@v4 | |
with: | |
node-version: 18 | |
- name: Install bundle analyzer dependency globally | |
run: npm install -g @next/bundle-analyzer | |
- name: Install dependencies | |
run: npm ci | |
- name: Build packages | |
run: npm run build | |
- name: Create "faust" cli bin | |
run: npm ci | |
- name: Create example project .env.local file | |
working-directory: ${{ matrix.next-dir }} | |
run: | | |
cp .env.local.sample .env.local | |
- name: Add bundle analyzer to next.config.js | |
working-directory: ${{ matrix.next-dir }} | |
run: | | |
echo "const withBundleAnalyzer = require('@next/bundle-analyzer')({enabled: true});" >> next.config.js | |
echo "module.exports = withBundleAnalyzer(module.exports);" >> next.config.js | |
- name: Add bundle analyzer config to package.json | |
working-directory: ${{ matrix.next-dir }} | |
run: | | |
npm pkg set nextBundleAnalysis.budget=358400 nextBundleAnalysis.budgetPercentIncreaseRed=20 nextBundleAnalysis.showDetails=true --json | |
- name: Restore next build | |
uses: actions/cache@v4 | |
id: restore-build-cache | |
env: | |
cache-name: cache-next-build | |
with: | |
# if you use a custom build directory, replace all instances of `.next` in this file with your build directory | |
# ex: if your app builds to `dist`, replace `.next` with `dist` | |
path: ${{ matrix.next-dir }}/.next/cache | |
# change this if you prefer a more strict cache | |
key: ${{ runner.os }}-build-${{ env.cache-name }} | |
- name: Build Next.js example app | |
working-directory: ${{ matrix.next-dir }} | |
run: npm run build | |
# Here's the first place where next-bundle-analysis' own script is used | |
# This step pulls the raw bundle stats for the current bundle | |
- name: Create bundle analysis report for this PR | |
working-directory: ${{ matrix.next-dir }} | |
run: npx -p nextjs-bundle-analysis report | |
- name: Upload bundle analysis report for this PR | |
uses: actions/upload-artifact@v4 | |
with: | |
name: bundle | |
path: ${{ matrix.next-dir }}/.next/analyze/__bundle_analysis.json | |
- name: Download bundle analysis report for base branch | |
uses: dawidd6/action-download-artifact@v6 | |
if: success() && github.event.number | |
with: | |
workflow: nextjs-bundle-analysis.yml | |
branch: ${{ github.event.pull_request.base.ref }} | |
path: ${{ matrix.next-dir }}/.next/analyze/base | |
- name: Compare analysis reports from base branch and PR branch | |
if: success() && github.event.number | |
working-directory: ${{ matrix.next-dir }} | |
run: | | |
npx -p nextjs-bundle-analysis compare | |
- name: Get Comment Body | |
id: get-comment-body | |
if: success() && github.event.number | |
working-directory: ${{ matrix.next-dir }} | |
# https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings | |
run: | | |
echo "body<<EOF" >> $GITHUB_OUTPUT | |
echo "$(cat .next/analyze/__bundle_analysis_comment.txt)" >> $GITHUB_OUTPUT | |
echo EOF >> $GITHUB_OUTPUT | |
- name: Find Comment | |
uses: peter-evans/find-comment@v3 | |
if: success() && github.event.number | |
id: fc | |
with: | |
issue-number: ${{ github.event.number }} | |
body-includes: '<!-- __NEXTJS_BUNDLE_@faustwp/getting-started-example -->' | |
- name: Create Comment | |
uses: peter-evans/create-or-update-comment@v4 | |
continue-on-error: true | |
if: success() && github.event.number && steps.fc.outputs.comment-id == 0 | |
with: | |
issue-number: ${{ github.event.number }} | |
body: ${{ steps.get-comment-body.outputs.body }} | |
- name: Update Comment | |
uses: peter-evans/create-or-update-comment@v4 | |
continue-on-error: true | |
if: success() && github.event.number && steps.fc.outputs.comment-id != 0 | |
with: | |
issue-number: ${{ github.event.number }} | |
body: ${{ steps.get-comment-body.outputs.body }} | |
comment-id: ${{ steps.fc.outputs.comment-id }} | |
edit-mode: replace |