Skip to content

chore: 1.2.x fix CVE-2024-21534 #15474

chore: 1.2.x fix CVE-2024-21534

chore: 1.2.x fix CVE-2024-21534 #15474

Workflow file for this run

name: Pull Request
on: pull_request
env:
TURBO_SCM_BASE: ${{ github.event.pull_request.base.sha }}
TURBO_SCM_HEAD: ${{ github.sha }}
# enforce only one action can run at a time for a given PR, and
# when updating a PR, actions in progress will be cancelled to start a fresh one
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
build:
name: Build with Node.js ${{ matrix.node-version }}
runs-on: ubuntu-latest
strategy:
matrix:
node-version: [18, 20]
steps:
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
with:
fetch-depth: 0
- name: Setup Node.js
uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4
with:
node-version: ${{ matrix.node-version }}
registry-url: 'https://registry.npmjs.org'
cache: 'yarn'
- name: Setup local Turbo cache
uses: dtinth/setup-github-actions-caching-for-turbo@cc723b4600e40a6b8815b65701d8614b91e2669e # v1
- name: Install dependencies
run: |
yarn install --frozen-lockfile
- name: Build packages
uses: ./.github/actions/build
with:
args: --affected
test:
name: Test with Node.js ${{ matrix.node-version }}
runs-on: ubuntu-latest
strategy:
matrix:
node-version: [18, 20]
steps:
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
with:
fetch-depth: 0
- name: Setup Node.js
uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4
with:
node-version: ${{ matrix.node-version }}
registry-url: 'https://registry.npmjs.org'
cache: 'yarn'
- name: Setup local Turbo cache
uses: dtinth/setup-github-actions-caching-for-turbo@cc723b4600e40a6b8815b65701d8614b91e2669e # v1
- name: Install dependencies
run: |
yarn install --frozen-lockfile
- name: Verify changesets
if: ${{ !(github.actor == 'janus-idp[bot]' || github.actor == 'github-actions[bot]') }}
run: |
yarn changeset status --since=${{ github.event.pull_request.base.sha }}
- name: Test packages
uses: ./.github/actions/test
with:
args: --affected