Skip to content
This repository has been archived by the owner on Aug 14, 2024. It is now read-only.

[Snyk] Upgrade @nodesecure/js-x-ray from 7.0.0 to 7.2.0 #337

[Snyk] Upgrade @nodesecure/js-x-ray from 7.0.0 to 7.2.0

[Snyk] Upgrade @nodesecure/js-x-ray from 7.0.0 to 7.2.0 #337

Workflow file for this run

name: Node.js CI
on:
push:
branches: main
pull_request:
permissions:
contents: read
jobs:
test:
runs-on: ubuntu-latest
strategy:
matrix:
node-version: [18.x, 20.x]
fail-fast: false
steps:
- name: Harden Runner
uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v2.6.0
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
with:
node-version: ${{ matrix.node-version }}
- name: Install dependencies
run: npm ci
- name: Run tests
run: npm run test
automerge:
if: >
github.event_name == 'pull_request' && github.event.pull_request.user.login == 'dependabot[bot]'
needs:
- test
runs-on: ubuntu-latest
permissions:
contents: write
pull-requests: write
steps:
- name: Merge Dependabot PR
uses: fastify/github-action-merge-dependabot@9e7bfb249c69139d7bdcd8d984f9665edd49020b # v3.10.1
with:
github-token: ${{ secrets.GITHUB_TOKEN }}