Skip to content

chore: update github/codeql-action action to v3.27.4 #2451

chore: update github/codeql-action action to v3.27.4

chore: update github/codeql-action action to v3.27.4 #2451

---
name: CI
on:
push:
branches: [master]
pull_request:
# The branches below must be a subset of the branches above
branches: [master]
schedule:
- cron: '0 2 * * 1' # At 02:00 on Monday
permissions: {}
jobs:
test:
name: Test
timeout-minutes: 15
strategy:
matrix:
os: [ubuntu-latest]
node-version: [18, 20, 22]
include:
- os: macos-latest
node-version: 20 # LTS
- os: windows-latest
node-version: 20 # LTS
fail-fast: false
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 0
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
with:
node-version: ${{ matrix.node-version }}
- name: Bootstrap project
run: npm ci --ignore-scripts
- name: Build project
run: npm run --ignore-scripts build
- name: Run tests
run: npm test --ignore-scripts
- name: Coveralls Parallel
uses: coverallsapp/github-action@cfd0633edbd2411b532b808ba7a8b5e04f76d2c8 # v2.3.4
with:
github-token: ${{ secrets.github_token }}
flag-name: run-${{ matrix.os }}-node@${{ matrix.node-version }}
path-to-lcov: ${{ github.workspace }}/coverage/lcov.info
parallel: true
posttest:
name: Post-Test
needs: test
runs-on: ubuntu-latest
steps:
- name: Coveralls Finish
uses: coverallsapp/github-action@cfd0633edbd2411b532b808ba7a8b5e04f76d2c8 # v2.3.4
with:
github-token: ${{ secrets.github_token }}
parallel-finished: true
commit-lint:
name: Commit Lint
runs-on: ubuntu-latest
if: ${{ github.event.pull_request }}
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 0
- name: Use Node.js 20
uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
with:
node-version: 20
- name: Bootstrap project
run: npm ci --ignore-scripts
- name: Verify commit linting
run: npx commitlint --from origin/master --to HEAD --verbose
codeql:
name: CodeQL
runs-on: ubuntu-latest
permissions:
# See: https://github.com/github/codeql-action/blob/008b2cc71c4cf3401f45919d8eede44a65b4a322/README.md#usage
security-events: write
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Initialize CodeQL
uses: github/codeql-action/init@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3.27.4
with:
languages: 'javascript'
config-file: ./.github/codeql/codeql-config.yaml
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3.27.4