[Snyk] Security upgrade axios from 0.27.2 to 1.7.8 #61
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "Lint+Test" | |
on: | |
pull_request: | |
push: | |
branches: | |
- main | |
- devnet | |
- testnet | |
- auto | |
- canary | |
env: | |
HAS_BUILDPULSE_SECRETS: ${{ secrets.BUILDPULSE_ACCESS_KEY_ID != '' && secrets.BUILDPULSE_SECRET_ACCESS_KEY != '' }} | |
HAS_DATADOG_SECRETS: ${{ secrets.DD_API_KEY != '' }} | |
CARGO_INCREMENTAL: "0" | |
CARGO_TERM_COLOR: always | |
# cancel redundant builds | |
concurrency: | |
# cancel redundant builds on PRs (only on PR, not on branches) | |
group: ${{ github.workflow }}-${{ (github.event_name == 'pull_request' && github.ref) || github.sha }} | |
cancel-in-progress: true | |
jobs: | |
scripts-lint: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- run: sudo apt-get install shellcheck --assume-yes --no-install-recommends | |
- run: shellcheck scripts/dev_setup.sh | |
terraform-lint: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Run terraform fmt, validate, and tflint | |
run: ./scripts/lint_terraform.sh | |
ecosystem-lint: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-node@v3 | |
with: | |
node-version-file: .node-version | |
- uses: pnpm/action-setup@v2 | |
with: | |
version: 7.14.2 | |
# install packages for examples | |
- run: cd ./ecosystem/typescript/sdk/examples/typescript && pnpm install | |
- run: cd ./ecosystem/typescript/sdk/examples/javascript && pnpm install | |
# Run package build+lint + tests | |
- run: cd ./ecosystem/typescript/sdk && pnpm install | |
- run: cd ./ecosystem/typescript/sdk && pnpm lint | |
- run: cd ./ecosystem/typescript/sdk && pnpm fmt:check | |
ecosystem-python-lint: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: snok/install-poetry@v1 | |
with: | |
version: 1.2.2 | |
- run: cd ./ecosystem/python/sdk && poetry install && make fmt && git status --porcelain | |
docs-lint: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-node@v3 | |
with: | |
node-version-file: .node-version | |
- uses: pnpm/action-setup@v2 | |
with: | |
version: 7.14.2 | |
- run: pnpm lint | |
working-directory: developer-docs-site | |
- run: sudo apt update -y && sudo apt install -y aspell aspell-en | |
- run: pnpm spellcheck | |
working-directory: developer-docs-site | |
rust-cryptohasher-domain-separation-check: | |
runs-on: high-perf-docker | |
steps: | |
- uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # pin@v3 | |
- uses: actions/setup-python@13ae5bb136fac2878aff31522b9efb785519f984 | |
- uses: ./.github/actions/rust-setup | |
- run: python3 scripts/check-cryptohasher-symbols.py | |
rust-lint: | |
runs-on: high-perf-docker | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: ./.github/actions/rust-setup | |
with: | |
GIT_CREDENTIALS: ${{ secrets.GIT_CREDENTIALS }} | |
- uses: pre-commit/[email protected] | |
- run: cargo install cargo-sort | |
- run: scripts/rust_lint.sh --check | |
rust-doc-test: | |
runs-on: high-perf-docker | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 # get all the history because cargo xtest --change-since origin/main requires it. | |
- uses: ./.github/actions/rust-setup | |
with: | |
GIT_CREDENTIALS: ${{ secrets.GIT_CREDENTIALS }} | |
- run: cargo test --locked --doc --workspace --exclude aptos-node-checker | |
rust-unit-test: | |
runs-on: high-perf-docker | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 # get all the history because cargo xtest --change-since origin/main requires it. | |
- uses: ./.github/actions/rust-setup | |
with: | |
GIT_CREDENTIALS: ${{ secrets.GIT_CREDENTIALS }} | |
- run: docker run --detach -p 5432:5432 cimg/postgres:14.2 | |
- uses: taiki-e/[email protected] | |
with: | |
tool: nextest | |
- run: cargo nextest run --profile ci --locked --workspace --exclude smoke-test --exclude aptos-testcases --retries 3 --no-fail-fast | |
env: | |
INDEXER_DATABASE_URL: postgresql://postgres@localhost/postgres | |
rust-smoke-test: | |
runs-on: high-perf-docker | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: ./.github/actions/rust-setup | |
with: | |
GIT_CREDENTIALS: ${{ secrets.GIT_CREDENTIALS }} | |
- run: docker run --detach -p 5432:5432 cimg/postgres:14.2 | |
- uses: taiki-e/[email protected] | |
with: | |
tool: nextest | |
# prebuild aptos-node binary, so that tests don't start before node is built. | |
# also prebuild aptos-node binary as a separate step to avoid feature unification issues | |
# --test-threads is intentionally set to reduce resource contention in ci jobs. Increasing this, increases job failures and retries. | |
- run: cargo build --locked --package=aptos-node --features=failpoints,indexer --release && LOCAL_SWARM_NODE_RELEASE=1 cargo nextest run --release --profile ci --package smoke-test --test-threads 6 --retries 3 | |
env: | |
INDEXER_DATABASE_URL: postgresql://postgres@localhost/postgres | |
# We always try to create the artifact, but it only creates on flaky or failed smoke tests -- when the directories are empty. | |
- name: Upload smoke test logs for failed and flaky tests | |
uses: actions/upload-artifact@v3 | |
if: ${{ failure() || success() }} | |
with: | |
name: failed-smoke-test-logs | |
# Retain all smoke test data except for the db (which may be large). | |
path: | | |
/tmp/.tmp* | |
!/tmp/.tmp*/**/db/ | |
retention-days: 14 | |
check-vm-features: | |
runs-on: high-perf-docker | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: ./.github/actions/rust-setup | |
with: | |
GIT_CREDENTIALS: ${{ secrets.GIT_CREDENTIALS }} | |
- run: cargo test --locked --features check-vm-features -p aptos-node | |
python-lint-test: | |
uses: ./.github/workflows/python-lint-test.yaml | |
helm-lint: | |
uses: ./.github/workflows/helm-lint.yaml |