Skip to content

fix(security): patch cookie dependency vulnerabilities #1337

fix(security): patch cookie dependency vulnerabilities

fix(security): patch cookie dependency vulnerabilities #1337

Workflow file for this run

name: Build, Test and Deploy
on:
push:
branches:
- main
- beta
pull_request:
env:
TZ: 'Europe/Paris'
jobs:
lint:
name: Linting
runs-on: ubuntu-latest
if: "!contains(github.event.head_commit.message, '[skip ci]')"
steps:
- name: Cancel previous running workflows
uses: fkirc/skip-duplicate-actions@master
- uses: actions/checkout@v2
with:
fetch-depth: 0
- uses: actions/setup-node@v2
- uses: actions/cache@v2
with:
path: '**/node_modules'
key: ${{ runner.os }}-modules-${{ hashFiles('**/yarn.lock') }}
- name: install dependencies
run: yarn install --frozen-lockfile --non-interactive --production=false
- name: Lint commit message
uses: wagoid/commitlint-github-action@v2
- name: lint Javascript
run: yarn lint
test:
name: Test
runs-on: ubuntu-latest
needs: [lint]
steps:
- uses: actions/checkout@v2
- uses: actions/setup-node@v2
- name: Cache node_modules
uses: actions/cache@v2
with:
path: '**/node_modules'
key: ${{ runner.os }}-modules-${{ hashFiles('**/yarn.lock') }}
- name: Login on dockerhub
run: echo ${{ secrets.DOCKER_PASSWORD }} | docker login -u ${{ secrets.DOCKER_USERNAME }} --password-stdin
- name: Start docker container
run: docker compose up -d; sleep 20
- name: Send coverage
uses: paambaati/[email protected]
env:
CC_TEST_REPORTER_ID: ${{ secrets.CC_TEST_REPORTER_ID }}
with:
coverageCommand: yarn test:coverage
deploy:
name: Release package
runs-on: ubuntu-latest
needs: [test]
if: github.event_name == 'push' && (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/beta')
steps:
- uses: actions/checkout@v2
with:
persist-credentials: false # GITHUB_TOKEN must not be set for the semantic release
- uses: actions/setup-node@v2
with:
node-version: 12.13.0
- uses: actions/cache@v2
with:
path: '**/node_modules'
key: ${{ runner.os }}-modules-${{ hashFiles('**/yarn.lock') }}
- name: Build package
run: yarn build
- name: Semantic Release
uses: cycjimmy/semantic-release-action@v2
id: semantic
with:
semantic_version: 17.3.0
env:
GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
GIT_AUTHOR_EMAIL: ${{ secrets.GIT_AUTHOR_EMAIL }}
GIT_AUTHOR_NAME: ${{ secrets.GIT_AUTHOR_NAME }}
GIT_COMMITTER_EMAIL: ${{ secrets.GIT_COMMITTER_EMAIL }}
GIT_COMMITTER_NAME: ${{ secrets.GIT_COMMITTER_NAME }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}