Package.json: update vulnerable vite versions (#32040) #22260

Workflow file for this run

.github/workflows/build_all.yml at ef05ef0

	name: Build and pack DevExtreme npm packages

	on:
	pull_request:
	paths-ignore:
	- 'apps/*/.md'
	push:
	branches: [26_1]
	workflow_dispatch:
	inputs:
	SBOM:
	description: 'Build SBOM'
	required: false
	default: false
	type: boolean

	jobs:
	build:
	runs-on: devextreme-shr2

	steps:
	- name: Get sources
	uses: actions/checkout@v4

	- name: Use Node.js
	uses: actions/setup-node@v4
	with:
	node-version: '20'

	- uses: pnpm/action-setup@v4
	with:
	run_install: false

	- name: Get pnpm store directory
	shell: bash
	run: \|
	echo "STORE_PATH=$(pnpm store path --silent)" >> $GITHUB_ENV

	- uses: actions/cache@v4
	name: Setup pnpm cache
	with:
	path: \|
	${{ env.STORE_PATH }}
	.nx/cache
	key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }}
	restore-keys: \|
	${{ runner.os }}-pnpm-store

	- name: Install dependencies
	run: pnpm install --frozen-lockfile

	- name: Build npm packages
	run: pnpm run all:build

	- name: Upload build artifacts
	uses: actions/upload-artifact@v4
	with:
	name: devextreme-npm-packages
	path: \|
	artifacts/npm/*.tgz
	retention-days: 1

	- name: Build SBOMs
	if: ${{ github.event_name == 'push' \|\| github.event.inputs.SBOM == 'true' }}
	env:
	NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	run: \|
	pnpm set //npm.pkg.github.com/:_authToken="$NODE_AUTH_TOKEN";
	pnpm nx build sbom;

	- name: Upload SBOM artifacts
	if: ${{ github.event_name == 'push' \|\| github.event.inputs.SBOM == 'true' }}
	uses: actions/upload-artifact@v4
	with:
	name: sbom
	path: \|
	packages/sbom/dist/*/
	retention-days: 1

	custom_bundles:
	runs-on: devextreme-shr2
	needs: build

	steps:
	- name: Get sources
	uses: actions/checkout@v4

	- uses: pnpm/action-setup@v4
	with:
	run_install: false

	- name: Download npm packages
	uses: actions/download-artifact@v4
	with:
	name: devextreme-npm-packages
	path: npm

	- name: Move devextreme package
	run: mv ./npm/devextreme-2*.tgz ./e2e/devextreme-bundler/devextreme.tgz

	- name: Setup deps
	working-directory: ./e2e/devextreme-bundler
	run: \|
	pnpm install --filter devextreme-bundler-test --frozen-lockfile
	pnpm add --filter devextreme-bundler-test ./devextreme.tgz

	- name: Build bundle
	working-directory: ./e2e/devextreme-bundler
	run: \|
	npx devextreme-bundler-init custom-bundle
	npx devextreme-bundler custom-bundle

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Package.json: update vulnerable vite versions (#32040) #22260

Workflow file

Package.json: update vulnerable vite versions (#32040) #22260

Uh oh!

Workflow file for this run