Bump eslint from 9.17.0 to 9.18.0 #417
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Original source: Docusaurus documentation | |
| name: On Pull Request | |
| on: | |
| pull_request: | |
| branches: | |
| - main | |
| workflow_dispatch: | |
| concurrency: | |
| group: | |
| ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | |
| cancel-in-progress: true | |
| permissions: read-all | |
| jobs: | |
| scan-actions-bidi: | |
| name: Scan Actions, scan files for BIDI Trojan Attacks | |
| uses: Ed-Fi-Alliance-OSS/Ed-Fi-Actions/.github/workflows/repository-scanner.yml@main | |
| with: | |
| config-file-path: ./.github/workflows/bidi-config.json | |
| test-deploy: | |
| name: Test deployment | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
| with: | |
| fetch-depth: 0 | |
| - name: Dependency Review ("Dependabot on PR") | |
| if: ${{ github.event_name == 'pull_request' && !github.event.repository.fork }} | |
| uses: actions/dependency-review-action@9129d7d40b8c12c1ed0f60400d00c92d437adcce # v4.1.3 | |
| - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 | |
| with: | |
| node-version: 18 | |
| cache: npm | |
| - name: Node modules cache | |
| id: modules-cache | |
| uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 #v4.0.0 | |
| with: | |
| path: '**/node_modules' | |
| key: ${{ runner.os }}-modules-${{ hashFiles('**/package-lock.json') }} | |
| - name: Install dependencies | |
| if: ${{ steps.modules-cache.outputs.cache-hit != 'true' }} | |
| run: npm ci | |
| - name: Test build website | |
| run: npm run build | |
| code-analysis: | |
| name: Code Analysis | |
| runs-on: ubuntu-latest | |
| permissions: | |
| security-events: write | |
| steps: | |
| - name: Checkout the Repo | |
| uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
| - name: Dependency Review ("Dependabot on PR") | |
| if: ${{ github.event_name == 'pull_request' && !github.event.repository.fork }} | |
| uses: actions/dependency-review-action@9129d7d40b8c12c1ed0f60400d00c92d437adcce # v4.1.3 | |
| - name: Initialize CodeQL | |
| if: success() | |
| uses: github/codeql-action/init@cf7e9f23492505046de9a37830c3711dd0f25bb3 # codeql-bundle-v2.16.2 | |
| with: | |
| languages: javascript-typescript | |
| - name: Perform CodeQL Analysis | |
| if: success() | |
| uses: github/codeql-action/analyze@cf7e9f23492505046de9a37830c3711dd0f25bb3 # codeql-bundle-v2.16.2 | |