feat(apollo-wind): add PromptEditor component [MST-10659] #3564
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Dependency Review | |
| on: [pull_request] | |
| permissions: {} | |
| jobs: | |
| vulnerability-review: | |
| name: Vulnerability & advisory review | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| pull-requests: write | |
| # The dependency-review-action requires a pull_request event with the base ref available. | |
| if: github.event_name == 'pull_request' | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 | |
| with: | |
| persist-credentials: false | |
| - name: Dependency Review | |
| # Scans added/changed deps against GitHub Advisory Database. Fails on high+ severity by default. | |
| uses: actions/dependency-review-action@a1d282b36b6f3519aa1f3fc636f609c47dddb294 # v5.0.0 | |
| with: | |
| fail-on-severity: high | |
| comment-summary-in-pr: on-failure | |
| dependency-review: | |
| name: Dependencies license check | |
| runs-on: ubuntu-latest | |
| if: github.event.pull_request.head.repo.fork == false | |
| permissions: | |
| contents: read | |
| issues: write | |
| pull-requests: write | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 | |
| with: | |
| persist-credentials: false | |
| - name: Install Node dependencies | |
| uses: ./.github/actions/install-node-deps | |
| - name: Check licenses | |
| id: check | |
| run: pnpm exec tsx scripts/check-licenses.ts | |
| continue-on-error: true | |
| - name: Post or update PR comment | |
| if: github.event.pull_request.head.repo.fork == false | |
| uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 | |
| with: | |
| script: | | |
| const fs = require('fs'); | |
| const reportPath = '${{ runner.temp }}/license-report.md'; | |
| const marker = '<!-- dependency-license-review -->'; | |
| let report; | |
| try { | |
| report = fs.readFileSync(reportPath, 'utf8'); | |
| } catch { | |
| report = '# Dependency License Review\n\n:x: License check script failed before generating a report. Check the workflow logs.'; | |
| } | |
| const body = `${marker}\n${report}`; | |
| const { data: comments } = await github.rest.issues.listComments({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| issue_number: context.issue.number, | |
| }); | |
| const existing = comments.find(c => c.body.includes(marker)); | |
| if (existing) { | |
| await github.rest.issues.updateComment({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| comment_id: existing.id, | |
| body, | |
| }); | |
| } else { | |
| await github.rest.issues.createComment({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| issue_number: context.issue.number, | |
| body, | |
| }); | |
| } | |
| - name: Fail if license violations found | |
| if: steps.check.outcome == 'failure' | |
| run: exit 1 |