diff --git a/.github/workflows/fixup.yml b/.github/workflows/fixup.yml index 1444299..d30a43d 100644 --- a/.github/workflows/fixup.yml +++ b/.github/workflows/fixup.yml @@ -1,6 +1,6 @@ # This workflow is provided via the organization template repository # -# https://github.com/nextcloud/.github +# https://github.com/nextcloud-libraries/.github # https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization # # SPDX-FileCopyrightText: 2021-2024 Nextcloud GmbH and Nextcloud contributors diff --git a/.github/workflows/node.yml b/.github/workflows/node.yml index bb5fd56..45abe58 100644 --- a/.github/workflows/node.yml +++ b/.github/workflows/node.yml @@ -1,6 +1,6 @@ # This workflow is provided via the organization template repository # -# https://github.com/nextcloud/.github +# https://github.com/nextcloud-libraries/.github # https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization # # SPDX-FileCopyrightText: 2021-2024 Nextcloud GmbH and Nextcloud contributors @@ -18,54 +18,33 @@ concurrency: cancel-in-progress: true jobs: - changes: - runs-on: ubuntu-latest - - outputs: - src: ${{ steps.changes.outputs.src}} - - steps: - - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2 - id: changes - continue-on-error: true - with: - filters: | - src: - - '.github/workflows/**' - - 'src/**' - - 'appinfo/info.xml' - - 'package.json' - - 'package-lock.json' - - 'tsconfig.json' - - '**.js' - - '**.ts' - - '**.vue' - build: runs-on: ubuntu-latest + name: node-build - needs: changes - if: needs.changes.outputs.src != 'false' - - name: NPM build steps: - name: Checkout - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + with: + persist-credentials: false - - name: Read package.json node and npm engines version - uses: skjnldsv/read-package-engines-version-actions@06d6baf7d8f41934ab630e97d9e6c0bc9c9ac5e4 # v3 + - name: Read package.json + uses: nextcloud-libraries/parse-package-engines-action@122ae05d4257008180a514e1ddeb0c1b9d094bdd # v0.1.0 id: versions - with: - fallbackNode: '^20' - fallbackNpm: '^10' - - name: Set up node ${{ steps.versions.outputs.nodeVersion }} - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v3 + - name: Set up node + uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0 with: - node-version: ${{ steps.versions.outputs.nodeVersion }} + node-version: ${{ steps.versions.outputs.node-version }} - - name: Set up npm ${{ steps.versions.outputs.npmVersion }} - run: npm i -g npm@"${{ steps.versions.outputs.npmVersion }}" + - name: Set up npm + run: npm i -g 'npm@${{ steps.versions.outputs.package-manager-version }}' + + - name: Validate package-lock.json # See https://github.com/npm/cli/issues/4460 + run: | + npm i -g npm-package-lock-add-resolved@1.1.4 + npm-package-lock-add-resolved + git --no-pager diff --exit-code - name: Install dependencies & build env: @@ -74,18 +53,3 @@ jobs: run: | npm ci npm run build --if-present - - summary: - permissions: - contents: none - runs-on: ubuntu-latest - needs: [changes, build] - - if: always() - - # This is the summary, we just avoid to rename it so that branch protection rules still match - name: node - - steps: - - name: Summary status - run: if ${{ needs.changes.outputs.src != 'false' && needs.build.result != 'success' }}; then exit 1; fi diff --git a/.github/workflows/reuse.yml b/.github/workflows/reuse.yml index 63582ed..18ba649 100644 --- a/.github/workflows/reuse.yml +++ b/.github/workflows/reuse.yml @@ -19,9 +19,9 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false - name: REUSE Compliance Check - uses: fsfe/reuse-action@bb774aa972c2a89ff34781233d275075cbddf542 # v5.0.0 + uses: fsfe/reuse-action@676e2d560c9a403aa252096d99fcab3e1132b0f5 # v6.0.0