Skip to content
Audit

Bump rollup from 4.59.0 to 4.59.1 #2766

Sign in to view logs

Bump rollup from 4.59.0 to 4.59.1

Bump rollup from 4.59.0 to 4.59.1 #2766

Workflow file for this run

.github/workflows/audit-dev.yml at 1914a3b
name: Audit
on:
pull_request:
paths:
- .github/workflows/audit-dev.yml
- config/dirty-waters.json
- .ndmrc
- .nsprc
- .nvmrc
- package-lock.json
push:
branches:
- main
schedule:
- cron: "0 3 * * *"
workflow_dispatch: ~
permissions: read-all
jobs:
deprecations:
name: Deprecations
runs-on: ubuntu-24.04
steps:
- name: Checkout repository
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
with:
persist-credentials: false
- name: Verify action checksums
uses: ./.github/actions/ghasum
- name: Install Node.js
uses: actions/setup-node@v6.3.0
with:
cache: npm
node-version-file: .nvmrc
- name: Install dependencies
run: npm clean-install
- name: Audit for deprecations
run: npm run audit:deprecations
vulnerabilities:
name: Vulnerabilities
runs-on: ubuntu-24.04
steps:
- name: Checkout repository
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
with:
persist-credentials: false
- name: Verify action checksums
uses: ./.github/actions/ghasum
- name: Install Node.js
uses: actions/setup-node@v6.3.0
with:
cache: npm
node-version-file: .nvmrc
- name: Install dependencies
run: npm clean-install
- name: Audit for vulnerabilities
run: npm run audit:vulnerabilities
- name: Bump vulnerable dependencies
if: ${{ github.event_name == 'schedule' && failure() }}
run: npm audit fix
- name: Create automation token
if: ${{ github.event_name == 'schedule' && failure() }}
uses: actions/create-github-app-token@v3.0.0
id: automation-token
with:
app-id: ${{ secrets.AUTOMATION_APP_ID }}
private-key: ${{ secrets.AUTOMATION_APP_PRIVATE_KEY }}
- name: Create Pull Request
if: ${{ github.event_name == 'schedule' && failure() }}
uses: peter-evans/create-pull-request@v8.0.0
with:
token: ${{ steps.automation-token.outputs.token }}
title: Update vulnerable dependencies
body: |
_This Pull Request was created automatically based on at least one
known vulnerability detected in CI._
branch: bump-vulnerable-dependencies
commit-message: Fix vulnerable dependencies with `npm audit fix`