Skip to content

chore: update github/codeql-action action to v2.23.1 #1710

chore: update github/codeql-action action to v2.23.1

chore: update github/codeql-action action to v2.23.1 #1710

---
name: CI
on:
push:
branches: [master]
pull_request:
# The branches below must be a subset of the branches above
branches: [master]
schedule:
- cron: '0 2 * * 1' # At 02:00 on Monday
permissions: {}
jobs:
test:
name: Test
timeout-minutes: 15
strategy:
matrix:
os: [ubuntu-latest]
node-version: [18, 20, 21]
include:
- os: macos-latest
node-version: 18 # LTS
- os: windows-latest
node-version: 18 # LTS
fail-fast: false
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # tag=v4.1.1
with:
fetch-depth: 0
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@b39b52d1213e96004bfcb1c61a8a6fa8ab84f3e8 # v4.0.1
with:
node-version: ${{ matrix.node-version }}
- name: Bootstrap project
run: npm ci --ignore-scripts
- name: Build project
run: npm run --ignore-scripts build
- name: Run tests
run: npm test --ignore-scripts
- name: Coveralls Parallel
uses: coverallsapp/github-action@3dfc5567390f6fa9267c0ee9c251e4c8c3f18949 # tag=v2.2.3
with:
github-token: ${{ secrets.github_token }}
flag-name: run-${{ matrix.os }}-node@${{ matrix.node-version }}
path-to-lcov: ${{ github.workspace }}/coverage/lcov.info
parallel: true
posttest:
name: Post-Test
needs: test
runs-on: ubuntu-latest
steps:
- name: Coveralls Finish
uses: coverallsapp/github-action@3dfc5567390f6fa9267c0ee9c251e4c8c3f18949 # tag=v2.2.3
with:
github-token: ${{ secrets.github_token }}
parallel-finished: true
commit-lint:
name: Commit Lint
runs-on: ubuntu-latest
if: ${{ github.event.pull_request }}
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # tag=v4.1.1
with:
fetch-depth: 0
- name: Use Node.js 18
uses: actions/setup-node@b39b52d1213e96004bfcb1c61a8a6fa8ab84f3e8 # v4.0.1
with:
node-version: 18
- name: Bootstrap project
run: npm ci --ignore-scripts
- name: Verify commit linting
run: npx commitlint --from origin/master --to HEAD --verbose
codeql:
name: CodeQL
runs-on: ubuntu-latest
permissions:
# See: https://github.com/github/codeql-action/blob/008b2cc71c4cf3401f45919d8eede44a65b4a322/README.md#usage
security-events: write
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # tag=v4.1.1
- name: Initialize CodeQL
uses: github/codeql-action/init@4759df8df70c5ebe7042c3029bbace20eee13edd # v2.23.1
with:
languages: 'javascript'
config-file: ./.github/codeql/codeql-config.yaml
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@4759df8df70c5ebe7042c3029bbace20eee13edd # v2.23.1