Update devDependencies #47

Summary
Jobs
- refresh
Run details
- Usage
- Workflow file

Workflow file for this run

.github/workflows/devDeps.yml at 00bc6fa

	name: Update devDependencies

	permissions: read-all
	on:
	workflow_dispatch:
	schedule:
	- cron: '30 4 * * *' # 12:30AM ET/9:30PM PT
	# push:
	# branches: ["main"]
	# pull_request:
	# branches: ["main"]

	jobs:
	refresh:
	runs-on: ubuntu-latest
	permissions:
	contents: write
	pull-requests: write
	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
	with:
	egress-policy: audit

	- name: clone pepr
	uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
	with:
	repository: defenseunicorns/pepr
	path: pepr

	- name: "set env: PEPR"
	run: echo "PEPR=${GITHUB_WORKSPACE}/pepr" >> "$GITHUB_ENV"

	- name: clone pepr-excellent-examples
	uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
	with:
	repository: defenseunicorns/pepr-excellent-examples
	path: pepr-excellent-examples

	- name: "set env: PEPR_EXEX"
	id: PEPR_EXEX
	run: \|
	echo "PEPR_EXEX=${GITHUB_WORKSPACE}/pepr-excellent-examples" >> "$GITHUB_ENV"
	echo "PEPR_EXEX=${GITHUB_WORKSPACE}/pepr-excellent-examples" >> "$GITHUB_OUTPUT"

	- name: setup node
	uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
	with:
	node-version: 22
	cache: "npm"
	cache-dependency-path: pepr

	- name: create module (pepr init)
	run: \|
	cd "$PEPR"
	npm ci
	npm run build
	npx --yes file://./pepr-0.0.0-development.tgz init \
	--name "pepr-test-module" \
	--description "for comparing devDependencies against" \
	--skip-post-init \
	--confirm

	- name: "set env: PEPR_MOD"
	run: echo "PEPR_MOD=${PEPR}/pepr-test-module" >> "$GITHUB_ENV"

	- name: scan for updates
	run: \|
	cd "$PEPR_EXEX"
	npm ci
	npm run --workspaces cli -- deps "${PEPR_MOD}/package.json" --write

	- name: package-lock.json
	run: \|
	cd "$PEPR_EXEX"
	if git diff --quiet ; then return ; fi

	# npm install removes resolved and integrity properties from package-lock.json if installed from cache
	# https://github.com/npm/cli/issues/4263
	rm ./package-lock.json
	find . -maxdepth 2 -name node_modules -type d -print0 \| xargs -0 rm -rf
	npm cache clean --force
	npm install

	- name: PR (if required)
	uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f #v7.0.5
	with:
	sign-commits: true
	path: ${{ steps.PEPR_EXEX.outputs.PEPR_EXEX }}
	title: 'build(devDeps): bump the devDeps (via helper CLI)'

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update devDependencies #47

Workflow file

Update devDependencies #47

Jobs

Run details

Workflow file for this run