Skip to content

Update dependency express to v4.20.0 [SECURITY] #7184

Update dependency express to v4.20.0 [SECURITY]

Update dependency express to v4.20.0 [SECURITY] #7184

Workflow file for this run

# Copyright 2021 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# This workflow will do a clean install of node dependencies, build the source code and run tests across different versions of node
# For more information see: https://help.github.com/actions/language-and-framework-guides/using-nodejs-with-github-actions
name: Node.js CI
on:
push:
branches: [master]
pull_request:
# Intentionally left blank -- run on PRs against all branches.
jobs:
build:
runs-on: ubuntu-latest
strategy:
matrix:
node-version: [16.x, 18.x, 20.x]
steps:
- uses: actions/checkout@v3
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v3
with:
node-version: ${{ matrix.node-version }}
- run: npm ci
- run: npm run build
env:
CI: true
unit:
runs-on: ubuntu-latest
env:
NODE_OPTIONS: '--max_old_space_size=4096'
strategy:
matrix:
node-version: [18.x, 20.x]
steps:
- uses: actions/checkout@v3
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v3
with:
node-version: ${{ matrix.node-version }}
- run: npm ci
- name: Run tests against emulator
# forceExit: something is not cleaning up - likely firebase-app that needs to be deleted, investigate
run: |
npm install -g firebase-tools@latest
firebase emulators:exec --only database,firestore,storage --project sample 'npm run test:coverage -- --forceExit'
env:
CI: true
lint:
runs-on: ubuntu-latest
strategy:
matrix:
node-version: [16.x]
steps:
- uses: actions/checkout@v3
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v3
with:
node-version: ${{ matrix.node-version }}
# Use `npm install` which fixes package-lock.json in place if it is not
# already matching package.json. The resulting diff is caught below.
- run: npm install # Not using `npm ci`, which won't touch lock files.
- name: Lint package-lock.json
run: "git diff --exit-code -- package-lock.json || (echo 'Error: package-lock.json is changed during npm install! Please make sure to use npm >= 8 and commit package-lock.json.' && false)"
- name: Lint source files
run: npm run lint
check-license:
runs-on: ubuntu-latest
steps:
- uses: actions/setup-go@v3
with:
go-version: '^1.16.0'
- name: Install google/addlicense
run: go install github.com/google/addlicense@latest
- uses: actions/checkout@v3
- name: Check license headers
run: env BASHOPTS=extglob bash -c 'addlicense -check -c "Google LLC" -l apache !(node_modules)'