diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index a215e1fe7e..2f41a7a423 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -21,7 +21,7 @@ jobs: node-version: [20.x] steps: - name: Checkout non PR - uses: actions/checkout@v3 + uses: actions/checkout@v4.1.1 # Do not trigger a checkout when opening PRs from a fork (helps avoid # "pwn request". See https://docs.github.com/en/actions/reference/events-that-trigger-workflows#pull_request_target ) if: github.event_name != 'pull_request_target' @@ -29,14 +29,14 @@ jobs: fetch-depth: '0' - name: Checkout PR - uses: actions/checkout@v2 + uses: actions/checkout@v4.1.1 if: github.event_name == 'pull_request_target' with: ref: "refs/pull/${{ github.event.number }}/merge" fetch-depth: '0' - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@v3 + uses: actions/setup-node@v4.0.1 with: node-version: ${{ matrix.node-version }} - run: yarn install --frozen-lockfile diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index f604348843..e55b18e792 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -18,6 +18,6 @@ jobs: runs-on: ubuntu-latest steps: - name: 'Checkout Repository' - uses: actions/checkout@v3 + uses: actions/checkout@v4.1.1 - name: 'Dependency Review' uses: actions/dependency-review-action@v3 diff --git a/.github/workflows/release-prepare.yml b/.github/workflows/release-prepare.yml index cbbe2f5b83..707743db23 100644 --- a/.github/workflows/release-prepare.yml +++ b/.github/workflows/release-prepare.yml @@ -13,10 +13,10 @@ jobs: node-version: [20.x] runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4.1.1 - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@v3 + uses: actions/setup-node@v4.0.1 with: node-version: ${{ matrix.node-version }} diff --git a/.github/workflows/release-publish.yml b/.github/workflows/release-publish.yml index 5991447f2c..c5b6171cf4 100644 --- a/.github/workflows/release-publish.yml +++ b/.github/workflows/release-publish.yml @@ -37,16 +37,16 @@ jobs: run: if [ '${{ github.event.before }}' = '0000000000000000000000000000000000000000' ]; then echo "::warning title=Missing github.event.before::You are running this CD workflow on a newly created branch. Release won't be created..."; fi - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4.1.1 - - name: Set up Node.js - uses: actions/setup-node@v3 + - name: use node.js ${{ matrix.node-version }} + uses: actions/setup-node@v4.0.1 with: node-version: ${{ matrix.node-version }} registry-url: https://registry.npmjs.org/ # Needed for auth - name: yarn install --frozen-lockfile - uses: backstage/actions/yarn-install@v0.5.13 + uses: backstage/actions/yarn-install@v0.6.5 with: cache-prefix: ${{ runner.os }}-v${{ matrix.node-version }} @@ -76,9 +76,6 @@ jobs: - name: verify type dependencies run: yarn lint:type-deps - - name: test - run: | - yarn lerna -- run test -- --coverage --runInBand # A separate release build that is only run for commits that are the result of merging the "Version Packages" PR # We can't re-use the output from the above step, but we'll have a guaranteed node_modules cache and @@ -100,16 +97,16 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4.1.1 - - name: Set up Node.js - uses: actions/setup-node@v3 + - name: use node.js ${{ matrix.node-version }} + uses: actions/setup-node@v4.0.1 with: node-version: ${{ matrix.node-version }} registry-url: https://registry.npmjs.org/ # Needed for auth - name: yarn install --frozen-lockfile - uses: backstage/actions/yarn-install@v0.5.13 + uses: backstage/actions/yarn-install@v0.6.5 with: cache-prefix: ${{ runner.os }}-v${{ matrix.node-version }} @@ -123,10 +120,11 @@ jobs: - name: publish if: needs.build.outputs.needs_release == 'true' || github.event.inputs.publish_packages run: | + yarn config set -H 'npmAuthToken' "${{secrets.NPM_TOKEN}}" if [ -f ".changeset/pre.json" ]; then - yarn lerna -- publish from-package --yes --dist-tag next + yarn workspaces foreach -v --no-private npm publish --access public --tolerate-republish --tag next else - yarn lerna -- publish from-package --yes + yarn workspaces foreach -v --no-private npm publish --access public --tolerate-republish fi env: NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} diff --git a/.github/workflows/renovate-changesets.yml b/.github/workflows/renovate-changesets.yml index a9d74a814b..c24ac8b054 100644 --- a/.github/workflows/renovate-changesets.yml +++ b/.github/workflows/renovate-changesets.yml @@ -14,7 +14,7 @@ jobs: if: github.actor == 'renovate[bot]' steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4.1.1 with: fetch-depth: 2 ref: ${{ github.head_ref }} diff --git a/.github/workflows/renovate-validation.yml b/.github/workflows/renovate-validation.yml index bb08cbdc01..0d2667607b 100644 --- a/.github/workflows/renovate-validation.yml +++ b/.github/workflows/renovate-validation.yml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4.1.1 - name: Validate uses: rinchsan/renovate-config-validator@v0.0.12 with: diff --git a/.github/workflows/weekly-check-versions.yml b/.github/workflows/weekly-check-versions.yml index b834b95438..e740b677f9 100644 --- a/.github/workflows/weekly-check-versions.yml +++ b/.github/workflows/weekly-check-versions.yml @@ -8,7 +8,7 @@ jobs: create-pull-request: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v4.1.1 with: fetch-depth: '0'