Skip to content

[OPTIC-RELEASE-AUTOMATION] release/v11.0.5 #264

[OPTIC-RELEASE-AUTOMATION] release/v11.0.5

[OPTIC-RELEASE-AUTOMATION] release/v11.0.5 #264

Workflow file for this run

name: Check Lockfile
on:
pull_request:
jobs:
lockfile_version:
name: Lockfile version check
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- name: Check out a copy of the repo
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- name: Check package-lock.json version has not been changed
uses: mansona/npm-lockfile-version@85d9138b7776b4f8f768259f8a3e4f2611457d8f # v1
with:
version: 3
lockfile_changes:
name: Lockfile changes check
runs-on: ubuntu-latest
permissions:
contents: read
pull-requests: write
steps:
- name: Check out a copy of the repo
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- name: Create GitHub App Token
uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0
id: app-token
with:
app-id: ${{ vars.LOCKFILE_BOT_APP_ID }}
private-key: ${{ secrets.LOCKFILE_BOT_PRIVATE_KEY }}
- name: NPM Lockfile Changes
# The original doesn't support v3 lockfiles so we use a fork that adds support for them
# The fork doesn't update comments by an app token, so we use our own fork
uses: digidem/npm-lockfile-changes@614dfc33742374cb40bec2878e5b690580d11ede
with:
token: ${{ steps.app-token.outputs.token }}
updateComment: true