From c528e7215a1170766facc3d4e2e49fad0672a43c Mon Sep 17 00:00:00 2001 From: Kawika Bader Date: Wed, 20 Sep 2023 06:47:43 -0700 Subject: [PATCH] Add lockfile change workflow. --- .github/workflows/ci.yml | 7 +++---- .github/workflows/pr.yml | 23 +++++++++++++++++++++++ 2 files changed, 26 insertions(+), 4 deletions(-) create mode 100644 .github/workflows/pr.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 7d8478da9..ddec5e190 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,5 +1,3 @@ -# Workflow to run CI and tests for all branches on push and on pull requests - name: CI on: @@ -14,10 +12,11 @@ jobs: strategy: matrix: - node-version: [16.x,18.x] + node-version: [18.x, 20.x] steps: - - uses: actions/checkout@v3 + - name: Checkout Repository + uses: actions/checkout@v3 - name: Use Node.js ${{ matrix.node-version }} uses: actions/setup-node@v3 diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml new file mode 100644 index 000000000..1e23eb8d2 --- /dev/null +++ b/.github/workflows/pr.yml @@ -0,0 +1,23 @@ +name: NPM Lockfile Changes + +on: [pull_request] + +jobs: + lockfile_changes: + runs-on: ubuntu-latest + # Permission overwrite is required for Dependabot PRs + permissions: + pull-requests: write + steps: + - name: Checkout Repository + uses: actions/checkout@v3 + + - name: NPM Lockfile Changes + uses: codepunkt/npm-lockfile-changes@main + with: + token: ${{ secrets.GITHUB_TOKEN }} + # Optional inputs, can be deleted safely if you are happy with default values. + collapsibleThreshold: 25 + failOnDowngrade: false + path: package-lock.json + updateComment: true