Skip to content

chore: fix dependabot alerts #667

chore: fix dependabot alerts

chore: fix dependabot alerts #667

Workflow file for this run

# This workflow will do a clean installation of node dependencies, cache/restore them, build the source code and run tests
name: Build
on:
push:
branches: [ "main" ]
pull_request:
branches: [ "main" ]
release:
types:
- published
permissions:
contents: write
jobs:
build-and-test:
name: Build zui
env:
CI: ""
runs-on: ubuntu-latest
strategy:
matrix:
node-version: [20.x]
# See supported Node.js release schedule at https://nodejs.org/en/about/releases/
steps:
- name: Checkout repository
uses: actions/checkout@v3
with:
fetch-depth: 2
- name: Set up Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v3
with:
node-version: ${{ matrix.node-version }}
cache: 'npm'
- name: Install dependencies
run: npm install
- name: Build app
run: npm run build
- name: Package app
run: tar -czvf /tmp/zui.tgz ./build
- name: Publish artifacts on releases
if: github.event_name == 'release' && github.event.action == 'published'
uses: svenstaro/upload-release-action@v2
with:
repo_token: ${{ secrets.GITHUB_TOKEN }}
file: /tmp/zui.tgz
tag: ${{ github.ref }}
overwrite: true
- name: Generate commit sha
if: github.ref_name == 'main'
uses: benjlevesque/[email protected]
# This creates and environment variable SHA containing the short commit ID
- name: Create new tag for builds on main branch
if: github.ref_name == 'main'
uses: mathieudutour/[email protected]
with:
custom_tag: commit-${{ env.SHA }}
tag_prefix: ""
github_token: ${{ secrets.GITHUB_TOKEN }}
- name: Publish artifact for builds on main branch
if: github.ref_name == 'main'
uses: svenstaro/upload-release-action@v2
with:
repo_token: ${{ secrets.GITHUB_TOKEN }}
file: /tmp/zui.tgz
tag: commit-${{ env.SHA }}
prerelease: true # Mark as prerelease and avoid triggering another workflow for the new tag
overwrite: true