Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found
Select Git revision
  • master
1 result

Target

Select target project
  • smartdatalab/public/applications/renovate
1 result
Select Git revision
  • master
1 result
Show changes
Commits on Source (1000)
900 additional commits have been omitted to prevent performance issues.
Show whitespace changes
Inline Side-by-side
Showing
with 185 additions and 206 deletions
.devcontainer/Dockerfile
View file @ 04fecf4b
FROM ghcr.io/containerbase/node:20.9.0
USER root
RUN install-apt make g++
# renovate: datasource=github-releases packageName=containerbase/python-prebuild
RUN install-tool python 3.12.0
# renovate: datasource=npm
RUN install-tool corepack 0.22.0
USER ubuntu
FROM ghcr.io/containerbase/devcontainer:10.1.4
.devcontainer/devcontainer.json
View file @ 04fecf4b
{
"$schema": "https://raw.githubusercontent.com/devcontainers/spec/main/schemas/devContainer.schema.json",
"name": "Renovate",
"dockerFile": "Dockerfile",
"features": {
"ghcr.io/devcontainers/features/common-utils:2": {}
"build": {
"dockerfile": "Dockerfile"
},
"capAdd": ["SYS_PTRACE"],
"privileged": true,
"securityOpt": ["seccomp=unconfined"],
"init": true,
"hostRequirements": {
"cpus": 4,
"memory": "7gb",
......@@ -15,6 +11,12 @@
},
"customizations": {
"vscode": {
"terminal.integrated.profiles.linux": {
"bash": {
"path": "bash",
"icon": "terminal-bash"
}
},
"extensions": [
"dbaeumer.vscode-eslint",
"esbenp.prettier-vscode",
......
.devcontainer/post-create.sh
View file @ 04fecf4b
......@@ -7,6 +7,4 @@ if [[ "${CODESPACES}" == true ]]; then
sudo chmod 1777 /tmp
fi
set -x
exec pnpm install
pnpm install
.dockerignore 0 → 100644
View file @ 04fecf4b
*
!tools/docker/bin
!dist/
!package.json
!pnpm-lock.yaml
!renovate-schema.json
!license
.github/DISCUSSION_TEMPLATE/ask-a-question.yml
View file @ 04fecf4b
......@@ -4,21 +4,18 @@ body:
attributes:
label: How are you running Renovate?
options:
- 'Placeholder value, please select the correct response from the dropdown'
- 'Mend Renovate hosted app on github.com'
- 'Self-hosted'
validations:
required: true
- type: input
id: renovate-version-if-selfhosting
id: self-hosted-version
attributes:
label: If you're self-hosting Renovate, tell us what version of Renovate you run.
validations:
required: false
- type: dropdown
id: platform-select
id: self-hosted-platform
attributes:
label: If you're self-hosting Renovate, select which platform you are using.
options:
......@@ -35,40 +32,20 @@ body:
validations:
required: false
- type: dropdown
id: regression-error
attributes:
label: Was this something which used to work for you, and then stopped?
options:
- 'Placeholder value, please select the correct response from the dropdown'
- 'It used to work, and then stopped'
- 'I never saw this working'
validations:
required: true
- type: textarea
id: wanted-end-result
id: the-question
attributes:
label: Wanted end result.
description: 'Describe the wanted end result. Do not report any security concerns here. Email [renovate-disclosure@mend.io](mailto:renovate-disclosure@mend.io) instead.'
validations:
required: true
- type: textarea
id: describe-what-you-tried
attributes:
label: What you tried so far.
description: 'Tell us what you tried so far, what worked, what did not work, and so on.'
label: What is your question?
validations:
required: true
- type: textarea
id: debug-logs
attributes:
label: Relevant debug logs
label: Logs (if relevant)
description: |
If you're running self-hosted, run with `LOG_LEVEL=debug` in your environment variables and search for whatever dependency/branch/PR that is causing the problem.
If you are using the Renovate App, log into [Renovate's app dashboard](https://app.renovatebot.com/dashboard) and locate the correct job log for when the problem occurred (e.g. when the PR was created).
If you are using the Renovate App, log into [Renovate's app dashboard](https://developer.mend.io) and locate the correct job log for when the problem occurred (e.g. when the PR was created).
Try to paste the *relevant* logs here, not the entire thing and not just a link to the dashboard (others don't have permissions to view them).
If you're not sure about the relevant parts of the log, then feel free to post the full log to a [Github Gist](https://gist.github.com/) and link to it.
Try to highlight the important logs into the issue itself.
......@@ -76,7 +53,9 @@ body:
<details><summary>Logs</summary>
```
Copy/paste the relevant log(s) here, between the starting and ending backticks
```
</details>
......
.github/DISCUSSION_TEMPLATE/report-a-problem.yml
View file @ 04fecf4b
......@@ -4,21 +4,18 @@ body:
attributes:
label: How are you running Renovate?
options:
- 'Placeholder value, please select the correct response from the dropdown'
- 'Mend Renovate hosted app on github.com'
- 'Self-hosted Renovate'
validations:
required: true
- type: input
id: renovate-version-if-selfhosting
id: self-hosted-veresion
attributes:
label: If you're self-hosting Renovate, tell us what version of Renovate you run.
validations:
required: false
- type: dropdown
id: platform-select
id: self-hosted-platform
attributes:
label: If you're self-hosting Renovate, select which platform you are using.
options:
......@@ -40,11 +37,8 @@ body:
attributes:
label: Was this something which used to work for you, and then stopped?
options:
- 'Placeholder value, please select the correct response from the dropdown'
- 'I am trying to get this working for the first time'
- 'It used to work, and then stopped'
validations:
required: true
- 'I have not seen this working'
- type: textarea
id: describe-problem
......@@ -61,7 +55,7 @@ body:
description: |
Try not to report a problem unless you've looked at the logs first.
If you're running self-hosted, run with `LOG_LEVEL=debug` in your environment variables and search for whatever dependency/branch/PR that is causing the problem.
If you are using the Renovate App, log into [Renovate's app dashboard](https://app.renovatebot.com/dashboard) and locate the correct job log for when the problem occurred (e.g. when the PR was created).
If you are using the Renovate App, log into [Renovate's app dashboard](https://developer.mend.io) and locate the correct job log for when the problem occurred (e.g. when the PR was created).
Try to paste the *relevant* logs here, not the entire thing and not just a link to the dashboard (others don't have permissions to view them).
If you're not sure about the relevant parts of the log, then feel free to post the full log to a [Github Gist](https://gist.github.com/) and link to it.
Try to highlight the important logs into the Discussion itself.
......@@ -69,7 +63,9 @@ body:
<details><summary>Logs</summary>
```
Copy/paste the relevant log(s) here, between the starting and ending backticks
```
</details>
......
.github/DISCUSSION_TEMPLATE/request-a-feature.yml .github/DISCUSSION_TEMPLATE/suggest-an-idea.yml
View file @ 04fecf4b
......@@ -3,6 +3,6 @@ body:
id: discussion-field
attributes:
label: Tell us more.
description: Explain your feature request in this field.
description: Explain your idea for Renovate in this field.
validations:
required: true
.github/actions/calculate-prefetch-matrix/action.yml
View file @ 04fecf4b
......@@ -34,7 +34,7 @@ runs:
- name: Check cache miss for MacOS
id: macos-cache
uses: actions/cache/restore@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2
uses: actions/cache/restore@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
with:
path: node_modules
key: ${{ env.MACOS_KEY }}
......@@ -43,7 +43,7 @@ runs:
- name: Check cache miss for Windows
id: windows-cache
uses: actions/cache/restore@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2
uses: actions/cache/restore@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
with:
path: node_modules
key: ${{ env.WINDOWS_KEY }}
......
.github/actions/setup-node/action.yml
View file @ 04fecf4b
......@@ -29,12 +29,12 @@ runs:
}}-${{
inputs.node-version
}}-${{
hashFiles('pnpm-lock.yaml')
hashFiles('pnpm-lock.yaml', 'package.json')
}}' >> "$GITHUB_ENV"
- name: Restore `node_modules`
id: node-modules-restore
uses: actions/cache/restore@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2
uses: actions/cache/restore@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
with:
path: node_modules
key: ${{ env.CACHE_KEY }}
......@@ -52,22 +52,22 @@ runs:
run: corepack enable
- name: Setup Node
uses: actions/setup-node@8f152de45cc393bb48ce5d89d36b731f54556e65 # v4.0.0
uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
with:
node-version: ${{ inputs.node-version }}
cache: ${{ env.CACHE_HIT != 'true' && 'pnpm' || '' }}
- name: Install dependencies
uses: nick-fields/retry@14672906e672a08bd6eeb15720e9ed3ce869cdd4 # v2.9.0
uses: nick-fields/retry@7152eba30c6575329ac0576536151aca5a72780e # v3.0.0
if: env.CACHE_HIT != 'true'
with:
timeout_minutes: 10
max_attempts: 3
command: pnpm install
command: pnpm install --frozen-lockfile
- name: Write `node_modules` cache
if: inputs.save-cache == 'true' && env.CACHE_HIT != 'true'
uses: actions/cache/save@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2
uses: actions/cache/save@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
with:
path: node_modules
key: ${{ env.CACHE_KEY }}
......
.github/contributing.md
View file @ 04fecf4b
......@@ -21,6 +21,15 @@ If you want help with your Renovate configuration, go to the [discussions tab in
For **feature requests**: first search for related requests in the issues and discussions, if you don't find anything: create a _discussion_.
## Rate Limiting of Support Requests through Temporary Blocking
To ensure that the Renovate maintainers don't burn out from dealing with unfriendly behavior, those who display a bad attitude when asking for or receiving support in the repo will be rate limited from further requests through the use of temporary blocking.
The duration of the temporary block depends on how rude or inconsiderate the behavior is perceived to be, and can be from 1-30 days.
If you have been blocked temporarily and believe that it is due to a misunderstanding, or you regret your comments and wish to make amends, please reach out to the lead maintainer Rhys Arkins by email with any request for early unblocking.
If/once you are unblocked, you should edit or delete whatever comment lead to the blocking, even if you did not intend it to be rude or inconsiderate.
Long emails or apologies are undesirable - the maintainers are busy and want to be able to help as many users as possible with the time they have available.
## Code
If you would like to fix a bug or work on a feature, please fork the repository and create a Pull Request.
......@@ -121,4 +130,4 @@ Important: this Slack group is restricted to development questions only in order
Pull Request authors must sign the [Renovate CLA](https://cla-assistant.io/renovateapp/renovate).
If you cannot or do not want to sign this CLA (e.g. your employment contract for your employer may not allow this), you should not submit a PR.
Open an issue and someone else can do the work.
Open a discussion and someone else can do the work.
.github/label-actions.yml
View file @ 04fecf4b
......@@ -250,6 +250,7 @@
comment: >
Hi there,
A maintainer has flagged this discussion as giving off some bad vibes. **Maintainers will no longer participate in this discussion unless/until such "vibes" are resolved.**
......@@ -279,10 +280,13 @@
comment: >
Hi there,
Please stick to one topic/question per Discussion. Start a new discussion per topic.
This prevents future users from finding this discussion and getting confused by multiple questions and answers. One question and answer per Discussion works best.
For example:
- Don't create a discussion with multiple questions requiring multiple answers
- If you got an answer to your first question, don't change topic like "Can I also ask you how I might..." which would then require a different answer. Mark the current discussion as answered and open a new one.
......@@ -294,11 +298,33 @@
comment: >
Hi there,
Please do not unnecessarily `@` mention maintainers like `@rarkins` or `@viceice`. Doing so causes annoying notifications and makes it harder to maintain this repository.
For example, never `@` mention a maintainer when you are creating a discussion if your desire is to get attention. This is rude behavior, just like shouting out your coffee order in a Starbucks before it's your turn.
It's OK to comment in an issue or discussion after multiple days or weeks. But please, still don't `@` mention people. The maintainers try to answer most discussions, but they can't answer all discussions. If you're still not getting an answer, take a look at the information you've given us and see if you can improve it.
Thanks, the Renovate team
'auto:misclassified-problem':
comment: >
Hi there,
A maintainer has flagged that this discussion is _misclassified_ as a bug when it is not.
Incorrectly classified discussions waste maintainer time, worsen search result accuracy and make it harder to train AI on this dataset.
The next time you create a discussion, please keep in mind:
- If you are new to Renovate, try to stick to questions instead of problem reports
- Just because Renovate does something you don't expect, doesn't automatically mean it's a bug
- Unsupported features should be raised as ideas, not problems
- Those who appear to be _twisting_ questions into sounding like a bug for attention will be given the least support
Thanks, the Renovate team
.github/workflows/build.yml
View file @ 04fecf4b
......@@ -26,11 +26,10 @@ permissions:
concurrency:
group: ${{ github.workflow }}-${{ github.event.number || github.ref }}
cancel-in-progress: true
cancel-in-progress: ${{ github.ref_name != 'main' }}
env:
# Currently no way to detect automatically (#8153)
DEFAULT_BRANCH: main
DEFAULT_BRANCH: ${{ github.event.repository.default_branch }}
NODE_VERSION: 18
DRY_RUN: true
SPARSE_CHECKOUT: |-
......@@ -97,6 +96,7 @@ jobs:
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
sparse-checkout: ${{ env.SPARSE_CHECKOUT }}
filter: blob:none # we don't need all blobs
- name: Calculate matrix for `node_modules` prefetch
uses: ./.github/actions/calculate-prefetch-matrix
......@@ -181,7 +181,7 @@ jobs:
os: ${{ runner.os }}
- name: Restore eslint cache
uses: actions/cache/restore@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2
uses: actions/cache/restore@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
with:
path: .cache/eslint
key: eslint-main-cache
......@@ -200,7 +200,7 @@ jobs:
- name: Save eslint cache
if: github.event_name == 'push'
uses: actions/cache/save@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2
uses: actions/cache/save@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
with:
path: .cache/eslint
key: eslint-main-cache
......@@ -224,7 +224,7 @@ jobs:
os: ${{ runner.os }}
- name: Restore prettier cache
uses: actions/cache/restore@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2
uses: actions/cache/restore@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
with:
path: .cache/prettier
key: prettier-main-cache
......@@ -243,7 +243,7 @@ jobs:
- name: Save prettier cache
if: github.event_name == 'push'
uses: actions/cache/save@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2
uses: actions/cache/save@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
with:
path: .cache/prettier
key: prettier-main-cache
......@@ -264,7 +264,7 @@ jobs:
os: ${{ runner.os }}
- name: Lint markdown
uses: DavidAnson/markdownlint-cli2-action@ed4dec634fd2ef689c7061d5647371d8248064f1 # v13.0.0
uses: DavidAnson/markdownlint-cli2-action@510b996878fc0d1a46c8a04ec86b06dbfba09de7 # v15.0.0
- name: Lint fenced code blocks
run: pnpm doc-fence-check
......@@ -328,7 +328,7 @@ jobs:
os: ${{ runner.os }}
- name: Cache jest
uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2
uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
with:
path: .cache/jest
key: |
......@@ -366,34 +366,45 @@ jobs:
- name: Save coverage artifacts
if: (success() || failure()) && github.event.pull_request.draft != true && matrix.coverage
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
with:
name: coverage
name: ${{ matrix.upload-artifact-name }}
path: |
./coverage/lcov
./coverage/json
coverage:
codecov:
needs: [test]
runs-on: ubuntu-latest
timeout-minutes: 3
if: (success() || failure()) && github.event.pull_request.draft != true
steps:
- name: Checkout code
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
sparse-checkout: ${{ env.SPARSE_CHECKOUT }}
- name: Download coverage reports
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
with:
name: coverage
pattern: coverage-*
path: coverage
merge-multiple: true
- name: Codecov
uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d # v3.1.4
uses: codecov/codecov-action@ab904c41d6ece82784817410c45d8b8c02684457 # v3.1.6
with:
directory: coverage/lcov
fail_ci_if_error: true
verbose: true
coverage-threshold:
needs:
- test
runs-on: ubuntu-latest
timeout-minutes: 3
if: (success() || failure()) && github.event.pull_request.draft != true
steps:
- name: Checkout code
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
sparse-checkout: ${{ env.SPARSE_CHECKOUT }}
filter: blob:none # we don't need all blobs
- name: Setup Node.js
uses: ./.github/actions/setup-node
......@@ -401,6 +412,13 @@ jobs:
node-version: ${{ env.NODE_VERSION }}
os: ${{ runner.os }}
- name: Download coverage reports
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
with:
pattern: coverage-*
path: coverage
merge-multiple: true
- name: Merge coverage reports
run: pnpm nyc merge ./coverage/json ./coverage/nyc/coverage.json
......@@ -417,7 +435,11 @@ jobs:
# Catch-all required check for test matrix and coverage
test-success:
needs: [setup, test, coverage]
needs:
- setup
- test
- codecov
- coverage-threshold
runs-on: ubuntu-latest
timeout-minutes: 1
if: always()
......@@ -435,17 +457,30 @@ jobs:
needs.test.result == 'skipped'
run: exit 1
- name: Fail for failed or cancelled coverage
- name: Fail for failed or cancelled codecov
if: |
needs.codecov.result == 'failure' ||
needs.codecov.result == 'cancelled'
run: exit 1
- name: Fail for skipped codecov when PR is ready for review
if: |
github.event_name == 'pull_request' &&
github.event.pull_request.draft != true &&
needs.codecov.result == 'skipped'
run: exit 1
- name: Fail for failed or cancelled coverage-threshold
if: |
needs.coverage.result == 'failure' ||
needs.coverage.result == 'cancelled'
needs.coverage-threshold.result == 'failure' ||
needs.coverage-threshold.result == 'cancelled'
run: exit 1
- name: Fail for skipped coverage when PR is ready for review
- name: Fail for skipped coverage-threshold when PR is ready for review
if: |
github.event_name == 'pull_request' &&
github.event.pull_request.draft != true &&
needs.coverage.result == 'skipped'
needs.coverage-threshold.result == 'skipped'
run: exit 1
build:
......@@ -466,11 +501,16 @@ jobs:
- name: Build
run: pnpm build
- name: Build docker
run: pnpm build:docker build --tries=3
env:
LOG_LEVEL: debug
- name: Pack
run: pnpm test-e2e:pack
- name: Upload
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
with:
name: renovate-package
path: renovate-0.0.0-semantic-release.tgz
......@@ -494,7 +534,7 @@ jobs:
run: pnpm build:docs
- name: Upload
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
with:
name: docs
path: tmp/docs/
......@@ -511,7 +551,7 @@ jobs:
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Setup Node.js
uses: actions/setup-node@8f152de45cc393bb48ce5d89d36b731f54556e65 # v4.0.0
uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
with:
node-version: ${{ env.NODE_VERSION }}
......@@ -520,7 +560,7 @@ jobs:
run: corepack enable
- name: Download package
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
with:
name: renovate-package
......@@ -540,20 +580,30 @@ jobs:
- test-e2e
- test-success
- build-docs
- coverage
- codecov
- coverage-threshold
if: github.repository == 'renovatebot/renovate' && github.event_name != 'pull_request'
runs-on: ubuntu-latest
timeout-minutes: 15
timeout-minutes: 60
permissions:
contents: write
issues: write
pull-requests: write
id-token: write
packages: write
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
fetch-depth: 0 # zero stands for full checkout, which is required for semantic-release
show-progress: false
filter: blob:none # we don't need all blobs, only the full tree
- name: docker-config
uses: containerbase/internal-tools@2d0f3e80979d6096de2c2f4d84936bb4dfab9ac6 # v3.0.60
with:
command: docker-config
- name: Setup Node.js
uses: ./.github/actions/setup-node
......@@ -561,6 +611,13 @@ jobs:
node-version: ${{ env.NODE_VERSION }}
os: ${{ runner.os }}
- uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4 # v3.4.0
- name: Docker registry login
run: |
echo "${{ secrets.DOCKER_PASSWORD }}" | docker login -u ${{ secrets.DOCKER_USERNAME }} --password-stdin
echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.repository_owner }} --password-stdin
- name: Check dry run
run: |
if [[ "${{github.event_name}}" == "workflow_dispatch" && "${{ github.event.inputs.dryRun }}" != "true" ]]; then
......@@ -573,9 +630,8 @@ jobs:
- name: semantic-release
run: |
echo '//registry.npmjs.org/:_authToken=${NPM_TOKEN}' >> ./.npmrc
pnpm semantic-release --dry-run ${{env.DRY_RUN}}
git checkout -- .npmrc
env:
GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} # TODO: use action token?
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
LOG_LEVEL: debug
.github/workflows/codeql-analysis.yml
View file @ 04fecf4b
......@@ -39,7 +39,7 @@ jobs:
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@74483a38d39275f33fcff5f35b679b5ca4a26a99 # v2.22.5
uses: github/codeql-action/init@379614612a29c9e28f31f39a59013eb8012a51f0 # v3.24.3
with:
languages: javascript
......@@ -49,7 +49,7 @@ jobs:
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@74483a38d39275f33fcff5f35b679b5ca4a26a99 # v2.22.5
uses: github/codeql-action/autobuild@379614612a29c9e28f31f39a59013eb8012a51f0 # v3.24.3
# ℹ️ Command-line programs to run using the OS shell.
# 📚 https://git.io/JvXDl
......@@ -63,4 +63,4 @@ jobs:
# make release
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@74483a38d39275f33fcff5f35b679b5ca4a26a99 # v2.22.5
uses: github/codeql-action/analyze@379614612a29c9e28f31f39a59013eb8012a51f0 # v3.24.3
.github/workflows/dependency-review.yml
View file @ 04fecf4b
......@@ -12,4 +12,4 @@ jobs:
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: 'Dependency Review'
uses: actions/dependency-review-action@6c5ccdad469c9f8a2996bfecaec55a631a347034 # v3.1.0
uses: actions/dependency-review-action@9129d7d40b8c12c1ed0f60400d00c92d437adcce # v4.1.3
.github/workflows/devcontainer.yml
View file @ 04fecf4b
......@@ -21,6 +21,6 @@ jobs:
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Build and run dev container task
uses: devcontainers/ci@57eaf0c9b518a76872bc429cdceefd65a912309b # v0.3.1900000329
uses: devcontainers/ci@3d462823359c481c587cb7426f39775f24257115 # v0.3.1900000339
with:
runCmd: pnpm build
.github/workflows/label-actions.yml
View file @ 04fecf4b
......@@ -18,6 +18,6 @@ jobs:
reaction:
runs-on: ubuntu-latest
steps:
- uses: dessant/label-actions@ade7bcd4c1b30de6ba8e556cc31301fd4f79ca65 # v3.1.0
- uses: dessant/label-actions@102faf474a544be75fbaf4df54e73d3c515a0e65 # v4.0.1
with:
github-token: ${{ github.token }}
.github/workflows/lock.yml
View file @ 04fecf4b
......@@ -20,9 +20,10 @@ jobs:
lock:
runs-on: ubuntu-latest
steps:
- uses: dessant/lock-threads@be8aa5be94131386884a6da4189effda9b14aa21 # v4.0.1
- uses: dessant/lock-threads@1bf7ec25051fe7c00bdd17e6a7cf3d7bfb7dc771 # v5.0.1
if: github.repository == 'renovatebot/renovate'
with:
github-token: ${{ github.token }}
issue-inactive-days: 30
pr-inactive-days: 30
process-only: 'issues, prs'
.github/workflows/mend-slack.yml
View file @ 04fecf4b
......@@ -14,7 +14,7 @@ jobs:
steps:
- name: Post to Slack
id: slack
uses: slackapi/slack-github-action@e28cf165c92ffef168d23c5c9000cffc8a25e117 # v1.24.0
uses: slackapi/slack-github-action@6c661ce58804a1a20f6dc5fbee7f0381b469e001 # v1.25.0
with:
channel-id: 'C05NLTMGCJC'
# For posting a simple plain text message
......
.github/workflows/release-npm.yml deleted 100644 → 0
View file @ 77ec7ce8
name: release-npm
on:
repository_dispatch:
types: [renovate-release]
workflow_dispatch:
inputs:
sha:
description: 'Git sha to checkout'
required: true
version:
description: 'Version to release'
required: true
tag:
description: 'Npm dist-tag'
default: 'latest'
required: false
env:
NODE_VERSION: 18
GIT_SHA: ${{ github.event.client_payload.sha }}
NPM_VERSION: ${{ github.event.client_payload.version }}
NPM_TAG: ${{ github.event.client_payload.tag }}
permissions:
contents: read
id-token: write
jobs:
release-npm:
runs-on: ubuntu-latest
steps:
- name: Prepare env
run: |
if [[ "${{github.event_name}}" == "workflow_dispatch" ]]; then
echo "GIT_SHA=${{ github.event.inputs.sha }}" >> "$GITHUB_ENV"
echo "NPM_VERSION=${{ github.event.inputs.version }}" >> "$GITHUB_ENV"
echo "NPM_TAG=${{ github.event.inputs.tag }}" >> "$GITHUB_ENV"
fi
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
ref: ${{ env.GIT_SHA }}
- name: Enable corepack
shell: bash
run: corepack enable
- name: Set up Node.js ${{ env.NODE_VERSION }}
uses: actions/setup-node@8f152de45cc393bb48ce5d89d36b731f54556e65 # v4.0.0
with:
node-version: ${{ env.NODE_VERSION }}
cache: pnpm
- name: Init platform
run: |
git config --global core.autocrlf false
git config --global core.symlinks true
git config --global user.email 'renovate@whitesourcesoftware.com'
git config --global user.name 'Renovate Bot'
- name: Installing dependencies
uses: nick-fields/retry@14672906e672a08bd6eeb15720e9ed3ce869cdd4 # v2.9.0
with:
timeout_minutes: 10
max_attempts: 3
command: pnpm install
- name: Build ${{ env.NPM_VERSION }}
run: pnpm build
- name: Prepare ${{ env.NPM_VERSION }}
run: |
npm --no-git-tag-version version ${{ env.NPM_VERSION }}
- name: Publish ${{ env.NPM_VERSION }}
run: |
echo '//registry.npmjs.org/:_authToken=${NPM_TOKEN}' >> ./.npmrc
npm publish --tag ${{ env.NPM_TAG }}
git checkout -- .npmrc
env:
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
.github/workflows/scorecard.yml
View file @ 04fecf4b
......@@ -42,7 +42,7 @@ jobs:
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
# format to the repository Actions tab.
- name: 'Upload artifact'
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
with:
name: SARIF file
path: results.sarif
......@@ -50,6 +50,6 @@ jobs:
# Upload the results to GitHub's code scanning dashboard.
- name: 'Upload to code-scanning'
uses: github/codeql-action/upload-sarif@74483a38d39275f33fcff5f35b679b5ca4a26a99 # v2.22.5
uses: github/codeql-action/upload-sarif@379614612a29c9e28f31f39a59013eb8012a51f0 # v3.24.3
with:
sarif_file: results.sarif