Merge pull request #2376 from texpert/dependabot/bundler/ruby-product… #721
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "test-on-push" | |
on: [push] | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.event.pull_request.number }} | |
cancel-in-progress: true | |
jobs: | |
eslint: | |
if: | | |
!contains(github.event.pull_request.title, '[skip ci]') | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- run: corepack enable && corepack prepare [email protected] | |
- name: setup node | |
uses: actions/setup-node@v4 | |
with: | |
node-version: 22.10.0 | |
cache: 'yarn' | |
- name: install app dependencies | |
run: yarn install --frozen-lockfile | |
- name: ESLint | |
run: yarn eslint | |
stylelint: | |
if: | | |
!contains(github.event.pull_request.title, '[skip ci]') | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- run: corepack enable && corepack prepare [email protected] | |
- name: setup node | |
uses: actions/setup-node@v4 | |
with: | |
node-version: 22.10.0 | |
cache: 'yarn' | |
- name: install app dependencies | |
run: yarn install --frozen-lockfile | |
- name: Stylelint | |
run: yarn stylelint "**/*.{css,js,scss}" -f github | |
rubocop: | |
if: | | |
!contains(github.event.pull_request.title, '[skip ci]') | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Setup Ruby and install gems | |
uses: ruby/setup-ruby@v1 | |
with: | |
bundler-cache: true | |
- name: Generate binstubs | |
run: bundle binstubs rubocop | |
- name: Lint Ruby files | |
run: bin/rubocop --parallel | |
security: | |
if: | | |
!contains(github.event.pull_request.title, '[skip ci]') | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Setup Ruby and install gems | |
uses: ruby/setup-ruby@v1 | |
with: | |
bundler-cache: true | |
- name: Generate binstubs | |
run: bundle binstubs bundler bundler-audit brakeman --force | |
- name: Security audit dependencies | |
run: bin/bundler-audit check --update --ignore CVE-2018-18260 CVE-2024-48652 | |
- name: Security audit application code | |
run: bin/brakeman |