Skip to content

Bump @actions/io from 1.1.3 to 3.0.2 #191

Bump @actions/io from 1.1.3 to 3.0.2

Bump @actions/io from 1.1.3 to 3.0.2 #191

name: Compile Dependabot Updates
on:
pull_request:
jobs:
build:
# PR was opened by Dependabot PR has 'javascript' label
if: ${{ github.event.pull_request.user.login == 'dependabot[bot]' && contains(github.event.pull_request.labels.*.name, 'javascript') }}
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- name: Checkout Pull Request
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
with:
persist-credentials: false
ref: ${{ github.event.pull_request.head.ref }}
- name: Set up Node
uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
with:
node-version: '24'
cache: 'npm'
- name: Install dependencies
run: npm ci
- name: Build and package
run: npm run build && npm run package
- name: Upload build artifacts
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
with:
name: dist
path: dist/
retention-days: 1
commit-artifacts:
needs: build
runs-on: ubuntu-latest
permissions:
contents: write
pull-requests: write
steps:
- name: Checkout Pull Request
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
with:
token: ${{ secrets.GITHUB_TOKEN }}
fetch-depth: 0
persist-credentials: false
ref: ${{ github.event.pull_request.head.ref }}
- name: Download build artifacts
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
name: dist
path: dist/
- name: Commit and push build artifacts
run: |
git config user.name "github-actions[bot]"
git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
git add dist/
if git commit -m "[dependabot skip] Update dist/ with compiled dependencies"; then
git remote set-url origin https://x-access-token:${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }}.git
git push
else
echo "No changes to commit"
fi