diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..c597feb --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,31 @@ +# https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file + +version: 2 +updates: + # Maintain dependencies for GitHub Actions + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "daily" + time: "06:30" + timezone: "EST" + target-branch: "main" + pull-request-branch-name: + separator: "-" + + # Minor updates to npm production dependencies daily + - package-ecosystem: "npm" + directory: "/" + schedule: + interval: "daily" + time: "06:45" + timezone: "EST" + versioning-strategy: lockfile-only + target-branch: "main" + pull-request-branch-name: + separator: "-" + groups: + production-dependencies: + dependency-type: "production" + development-dependencies: + dependency-type: "development" \ No newline at end of file diff --git a/.github/workflows/automatic-tests.yml b/.github/workflows/automatic-tests.yml new file mode 100644 index 0000000..8815df1 --- /dev/null +++ b/.github/workflows/automatic-tests.yml @@ -0,0 +1,28 @@ +name: Automatic-node-tests + +on: push + +jobs: + build-node-versions: + name: Node version matrix + runs-on: ubuntu-latest + + strategy: + matrix: + node-version: [14.x, 16.x, 18.x, 20.x] + # See supported Node.js release schedule at https://nodejs.org/en/about/releases/ + + steps: + - name: Checkout the code + uses: actions/checkout@v4 # https://github.com/actions/checkout + - name: Setup Node.js ${{ matrix.node-version }} + uses: actions/setup-node@v3 # https://github.com/actions/setup-node + with: + node-version: ${{ matrix.node-version }} + cache: 'npm' + env: + NPM_CONFIG_IGNORE_SCRIPTS: true + - run: npm audit --package-lock-only --production --audit-level=high + - run: npm i + - run: npm test + - run: npm run build --if-present \ No newline at end of file