Skip to content

chore: patch vite version for security vulnerable #2452

chore: patch vite version for security vulnerable

chore: patch vite version for security vulnerable #2452

Workflow file for this run

name: 'PR Check'
on: [pull_request] # Triggers on any branch
env:
CI: 'true'
NX_BASE: ${{ github.event.pull_request.base.sha }}
BROWSERSTACK_USERNAME: ${{ secrets.BROWSERSTACK_USERNAME }}
BROWSERSTACK_ACCESS_KEY: ${{ secrets.BROWSERSTACK_ACCESS_KEY }}
BROWSERSTACK_BUILD: 'Test ${{ github.run_number }}'
BROWSERSTACK_LATEST_BROWSERS_LAUNCHER: 'Playwright'
TEST_SSL_CERT: ${{ secrets.TEST_SSL_CERT }}
TEST_SSL_KEY: ${{ secrets.TEST_SSL_KEY }}
jobs:
build:
name: Build
runs-on: ubuntu-latest
steps:
- name: Check out repository code
uses: actions/checkout@v4
with:
# Number of commits to fetch. 0 indicates all history for all branches and tags.
# Pulls all commits (needed for Lerna)
fetch-depth: 0
- name: Setup resources and environment
uses: ./.github/actions/setup
id: setup
- name: Install Dependencies
run: npm ci --audit=false --fund=false
- name: Version
run: |
node -v
npm -v
- name: Build
run: npm run build:affected
lint:
name: Lint
needs: build
runs-on: ubuntu-latest
steps:
- name: Check out repository code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Setup resources and environment
uses: ./.github/actions/setup
- name: Lint
run: npm run lint:affected
test-chrome:
name: 'Test / Chrome'
needs: lint
runs-on: ubuntu-latest
steps:
- name: Check out repository code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Test
uses: ./.github/actions/run-test
with:
browsers: 'chrome'
test-firefox:
name: 'Test / Firefox'
needs: lint
runs-on: ubuntu-latest
steps:
- name: Check out repository code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Test
uses: ./.github/actions/run-test
with:
browsers: 'firefox'
test-safari:
name: 'Test / Safari'
needs: lint
runs-on: ubuntu-latest
steps:
- name: Check out repository code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Test
uses: ./.github/actions/run-test
with:
browsers: 'safari'
test-ios:
name: 'Test / iOS'
needs: lint
runs-on: ubuntu-latest
# updating playwright via dependabot creates no impact on iOS testing
if: github.triggering_actor != 'dependabot[bot]'
steps:
- name: Check out repository code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Test
uses: ./.github/actions/run-test
with:
browsers: 'ios'
# Disable HTTPS with Safari, and iOS on BrowserStack for now because it required run extra script before test start
# https://www.browserstack.com/docs/automate/selenium/accept-insecure-certificates
https: 'false'
test-android:
name: 'Test / Android'
needs: lint
runs-on: ubuntu-latest
# updating playwright via dependabot creates no impact on Android testing
if: github.triggering_actor != 'dependabot[bot]'
steps:
- name: Check out repository code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Test
uses: ./.github/actions/run-test
with:
browsers: 'android'
scan-sonarcloud:
name: Scan
needs: test-chrome
uses: ./.github/workflows/sonarcloud_scan.yml
secrets: inherit
scan-blackduck:
name: Scan
uses: ./.github/workflows/blackduck_scan.yml
with:
target: Development-v7
secrets: inherit
scan-semgrep:
name: Scan
uses: ./.github/workflows/semgrep_scan.yml
with:
verbose: false
secrets: inherit
size-report:
name: 'Report / Bundle Size'
runs-on: ubuntu-latest
steps:
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: 20.x
- uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.ref }}
fetch-depth: 0
- uses: preactjs/compressed-size-action@f780fd104362cfce9e118f9198df2ee37d12946c # 2.6.0
with:
build-script: 'build:prod'
pattern: '{**/lib/**/*.js,**/*-theme/**/*.{js,css}}'