Bump brakeman from 6.2.2 to 7.0.0 #2252
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Rails | |
| on: | |
| push: | |
| branches: [main] | |
| pull_request: | |
| branches: [main] | |
| workflow_dispatch: | |
| jobs: | |
| test: | |
| env: | |
| RAILS_ENV: test | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v2 | |
| - name: Build and start the DB | |
| run: docker compose up -d --wait db | |
| - uses: ruby/setup-ruby@v1 | |
| with: | |
| bundler-cache: true | |
| - name: Setup Rails DB | |
| run: | | |
| cp config/database.yml.example config/database.yml | |
| bundle exec rails db:prepare | |
| - name: Get yarn cache directory path | |
| id: yarn-cache-dir-path | |
| run: echo "dir=$(yarn config get globalFolder)" >> $GITHUB_OUTPUT | |
| - uses: actions/cache@v2 | |
| id: yarn-cache # use this to check for `cache-hit` (`steps.yarn-cache.outputs.cache-hit != 'true'`) | |
| with: | |
| path: ${{ steps.yarn-cache-dir-path.outputs.dir }} | |
| key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }} | |
| restore-keys: | | |
| ${{ runner.os }}-yarn- | |
| - name: Install JS Dependencies | |
| if: steps.yarn-cache.outputs.cache-hit != 'true' | |
| run: yarn install | |
| - name: Run Tests with JS | |
| run: bundle exec rails test:all | |
| - name: Run Tests without JS | |
| env: | |
| NOJS: 1 | |
| run: bundle exec rails test:all | |
| brakeman: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v2 | |
| - uses: ruby/setup-ruby@v1 | |
| with: | |
| bundler: "none" | |
| - name: Install Brakeman | |
| run: gem install brakeman | |
| - name: Run Brakeman | |
| run: brakeman -A --format github |