Skip to content
This repository has been archived by the owner on Dec 10, 2024. It is now read-only.

chore(deps): Update react monorepo #1619

chore(deps): Update react monorepo

chore(deps): Update react monorepo #1619

Workflow file for this run

name: qa
on:
push:
branches: ['main']
pull_request:
branches: ['main']
jobs:
scan:
name: CQL and Snyk Scans
runs-on: ubuntu-latest
timeout-minutes: 480
permissions:
actions: read
contents: read
security-events: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: javascript-typescript
- uses: oven-sh/setup-bun@v2
with:
bun-version: latest
- uses: actions/cache@v4
with:
path: |
~/.bun
${{ github.workspace }}/.next/cache
# Generate a new cache whenever packages or source files change.
key: ${{ runner.os }}-bun-${{ hashFiles('**/bun.lockb') }}-${{ hashFiles('**/*.js', '**/*.jsx', '**/*.ts', '**/*.tsx') }}
# If source files changed but packages didn't, rebuild from a prior cache.
restore-keys: |
${{ runner.os }}-bun-${{ hashFiles('**/bun.lockb') }}-
- name: install deps
run: bun i --frozen-lockfile
- name: Lint checks (also check for eslint incompat)
run: bun run lint
- name: Build
run: bun run build
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
with:
category: /language:javascript-typescript
- name: Run Snyk Security Scan
uses: snyk/actions/node@master
continue-on-error: true
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
args: --sarif-file-output=snyk.sarif
- name: Upload result to GitHub Code Scanning
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: snyk.sarif
codacy:
permissions:
contents: read
security-events: write
actions: read
name: Codacy Analysis
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Run Codacy Analysis CLI
uses: codacy/codacy-analysis-cli-action@v4
with:
project-token: ${{ secrets.CODACY_PROJECT_TOKEN }}
upload: true
gh-code-scanning-compat: true
max-allowed-issues: 2147483647