Skip to content
🚀 Dependency Update and Vulnerability Scan

🚀 Dependency Update and Vulnerability Scan #56

Sign in to view logs

🚀 Dependency Update and Vulnerability Scan

🚀 Dependency Update and Vulnerability Scan #56

Workflow file for this run

.github/workflows/npm-update.yml at b616869
name: 🚀 Dependency Update and Vulnerability Scan
on:
schedule:
- cron: '0 2 * * 5'
workflow_dispatch: # Allows manual triggering
jobs:
update-and-scan:
runs-on: ubuntu-latest
steps:
- name: 🛠️ Checkout code
uses: actions/checkout@v4
- name: 🔧 Set up Node.js
uses: actions/setup-node@v4
with:
node-version: '20'
- name: 🗑️ Remove package-lock.json
run: rm -f package-lock.json
- name: 📦 Install npm-check-updates
run: npm install -g npm-check-updates
- name: ⬆️ Update all packages
run: |
ncu -u # Update package.json with the latest versions
npm install --legacy-peer-deps # Install dependencies with legacy peer deps handling
- name: 📦 Update dependencies with legacy peer deps
run: npm update --legacy-peer-deps
- name: 🎭 Mask Debricked credentials
run: |
echo "::add-mask::${{ secrets.DEBRICKED_TOKEN }}"
- name: Install Debricked CLI
run: |
curl -L https://github.com/debricked/cli/releases/latest/download/cli_linux_x86_64.tar.gz | tar -xz debricked
sudo mv debricked /usr/local/bin/debricked
- name: 🛡️ Debricked Vulnerability Scan
run: |
debricked scan -t ${{ secrets.DEBRICKED_TOKEN }} -r ${{ github.repository }} -c ${{ github.sha }}
- name: 🏗️ Build project
run: npm run build
- name: 📝 Commit changes
if: success()
run: |
git config --local user.name "Debugging Duck 🦆"
git config --local user.email "github-actions[bot]@users.noreply.github.com"
git add .
git diff-index --quiet HEAD || git commit -m "⬆️ update all npm dependencies except ESLint ⬆️"
- name: 🚀 Push changes
if: success()
run: git push