Skip to content

Update dependency axios to v1.7.4 [SECURITY] #8663

Update dependency axios to v1.7.4 [SECURITY]

Update dependency axios to v1.7.4 [SECURITY] #8663

Workflow file for this run

# NOTE: This name appears in GitHub's Checks API and in workflow's status badge.
name: ci-renovate
# Trigger the workflow when:
on:
# When a pull request event occurs for a pull request against one of the
# matched branches.
pull_request:
branches: [master]
jobs:
add-changelog:
# NOTE: This name appears in GitHub's Checks API.
name: add-changelog
# Trigger job only for dependency update bot.
if: github.actor == 'renovate[bot]'
runs-on: ubuntu-latest
# Permissions needed to update PR.
permissions:
# Enable creating, updating files
contents: write
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
# Needed for correct git commit --amend.
fetch-depth: 0
# Checkout pull request HEAD commit instead of merge commit.
ref: ${{ github.event.pull_request.head.sha }}
# We use a Personal Access Token (PAT) to checkout and later push the commit instead of
# the default $GITHUB_TOKEN. This is because events triggered by $GITHUB_TOKEN will not
# trigger new workflow runs, but we want to re-run the CI after pushing the updated commit.
# https://docs.github.com/en/actions/using-workflows/triggering-a-workflow#triggering-a-workflow-from-a-workflow
token: ${{ secrets.BOT_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
- name: Create and commit Change Log fragment if it does not exist
env:
# There's no support for escaping this for use in a shell command.
# GitHub's recommendation is to pass it through the environment.
# https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable
FILE_NAME: .changelog/${{ github.event.pull_request.number }}.internal.md
HEAD_REF: ${{ github.head_ref }}
run: |
if [[ ! -f "$FILE_NAME" ]]; then
echo "Update dependencies" > "$FILE_NAME"
# Set git user email and name to match author of the last commit.
git config --local user.email "$(git log --pretty='%ae' -1)"
git config --local user.name "$(git log --pretty=format:'%an' -1)"
git add "$FILE_NAME"
git commit --amend --no-edit
git push --force-with-lease origin "HEAD:refs/heads/$HEAD_REF"
echo "FILE_EXISTS=false" >> $GITHUB_OUTPUT
fi