security: fix vulnerable dependencies #1123

Workflow file for this run

.github/workflows/npm-publish.yml at ad744a6

	---
	name: Publish to npm (if applicable)
	on:
	pull_request:
	types: [closed]
	workflow_dispatch:
	inputs:
	npm_tag:
	description: 'NPM tag for prerelease'
	default: 'next'

	jobs:
	publish:
	name: Publish to npm
	runs-on: ubuntu-latest
	environment: npm-publish
	if: github.event_name == 'pull_request' && github.event.pull_request.merged == true && contains( github.event.pull_request.labels.*.name, '[ Type ] NPM version update' ) && startsWith( github.head_ref, 'release/')
	permissions:
	contents: write
	id-token: write
	pull-requests: write
	steps:
	- uses: Automattic/vip-actions/npm-publish@c8022b66e78461df4f802b935dc0dbb8399f96bc # v0.7.4
	with:
	GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	USE_TRUSTED_PUBLISHING: 'true'
	PROVENANCE: 'true'
	CONVENTIONAL_COMMITS: 'true'

	changelog:
	name: Publish docs changelog
	permissions:
	contents: read
	pull-requests: read
	uses: ./.github/workflows/changelog.yml
	needs: publish
	secrets:
	CHANGELOG_DOCS_POST_TOKEN: ${{ secrets.CHANGELOG_DOCS_POST_TOKEN }}

	publish-docs:
	name: Publish cli command reference docs
	permissions:
	contents: read
	uses: ./.github/workflows/publish-docs.yml
	needs: publish
	secrets:
	DOCS_SECRET_TOKEN: ${{ secrets.DOCS_SECRET_TOKEN }}

	publish-prerelease:
	name: Publish prerelease
	runs-on: ubuntu-latest
	environment: npm-publish
	if: github.event_name == 'workflow_dispatch'
	permissions:
	contents: write
	id-token: write
	pull-requests: write
	steps:
	- uses: Automattic/vip-actions/npm-publish-prerelease@c8022b66e78461df4f802b935dc0dbb8399f96bc # v0.7.4
	with:
	GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	USE_TRUSTED_PUBLISHING: 'true'
	PROVENANCE: 'true'
	NPM_TAG: ${{ inputs.npm_tag }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

security: fix vulnerable dependencies #1123

Workflow file

security: fix vulnerable dependencies #1123

Uh oh!

Workflow file for this run