diff --git a/.github/workflows/test-and-release.yml b/.github/workflows/test-and-release.yml index ee8c325..c9a3cb3 100644 --- a/.github/workflows/test-and-release.yml +++ b/.github/workflows/test-and-release.yml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-latest strategy: matrix: - node: [18, 20] + node: ["lts/*", latest] fail-fast: true steps: - uses: actions/checkout@main @@ -81,7 +81,8 @@ jobs: - uses: actions/checkout@main - uses: actions/setup-node@main with: - node-version: 20 + node-version: "lts/*" + check-latest: true registry-url: "https://registry.npmjs.org" - uses: actions/cache@main env: diff --git a/.github/workflows/upgrade-dependencies.yml b/.github/workflows/upgrade-dependencies.yml index 9eb213f..4e47c94 100644 --- a/.github/workflows/upgrade-dependencies.yml +++ b/.github/workflows/upgrade-dependencies.yml @@ -1,4 +1,4 @@ -name: upgrade-dependencies +name: upgrade-node-dependencies on: workflow_dispatch: {} @@ -6,77 +6,16 @@ on: - cron: "0 0 * * *" jobs: - upgrade-deps: + upgrade-node-dependencies: runs-on: ubuntu-latest steps: - uses: actions/checkout@main - uses: actions/setup-node@main with: - node-version: 20 - - name: Cache node modules - uses: actions/cache@main - env: - cache-name: cache-node-${{ matrix.node }}-modules + node-version: "lts/*" + check-latest: true + - uses: fardjad/my-actions/npm-automatic-dependency-update@main with: - path: ~/.npm - key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/package-lock.json') }} - restore-keys: | - ${{ runner.os }}-build-${{ env.cache-name }}- - ${{ runner.os }}-build- - ${{ runner.os }}- - - name: Setup Git - run: | - git config --local user.name "github-actions[bot]" - git config --local user.email "github-actions[bot]@users.noreply.github.com" - git config --local pull.rebase true - - # work around "insufficient permission for adding an object to repository database .git/object" issue - sudo chmod -R ugo+rwX .git - - name: Check for updates - id: check-updates - run: | - set -ex - npm ci &> /dev/null - npx ncu - npm i &> /dev/null - npm audit fix --quiet --no-progress --no-fund || true - npm run fix &> /dev/null || true - - git add -u - git update-index --refresh - if ! git diff-index --quiet HEAD --; then - echo "is-changed=1" >> $GITHUB_OUTPUT - fi - - name: Create a PR - if: steps.check-updates.outputs.is-changed - id: create-pr - run: | - npm version patch - PKG_VERSION="$(node -e 'process.stdout.write(require("./package.json").version)')" - - REMOTE_REPO="https://${GITHUB_ACTOR}:${GITHUB_TOKEN}@github.com/${GITHUB_REPOSITORY}.git" - CURRENT_BRANCH="$(git branch --show-current)" - NEW_BRANCH="v${PKG_VERSION}" - - if git ls-remote --exit-code --heads "${REMOTE_REPO}" "${NEW_BRANCH}" > /dev/null; then - # PR already exists - exit 0 - fi - - git commit -a -m "${PKG_VERSION}" --no-verify - git pull "${REMOTE_REPO}" "${CURRENT_BRANCH}" - git checkout -b "${NEW_BRANCH}" - git push "${REMOTE_REPO}" "HEAD:${NEW_BRANCH}" - - PR_URL=$(gh pr create -B "${CURRENT_BRANCH}" -H "${NEW_BRANCH}" -f) - echo "pr-url=${PR_URL}" >> $GITHUB_OUTPUT - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - name: Approve and merge the PR - if: steps.create-pr.outputs.pr-url - run: | - gh pr review --approve "${PR_URL}" - gh pr merge --auto --delete-branch --rebase "${PR_URL}" - env: - GITHUB_TOKEN: ${{ secrets.GH_PAT }} - PR_URL: ${{ steps.create-pr.outputs.pr-url }} + github-token: ${{ secrets.GH_PAT }} + ncu-check-extra-flags: --dep prod + ncu-upgrade-extra-flags: --dep prod