chore(deps): update stefanzweifel/git-auto-commit-action action to v7… #1888
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright © Michal Čihař <michal@weblate.org> | |
| # | |
| # SPDX-License-Identifier: CC0-1.0 | |
| # This file is maintained in https://github.com/WeblateOrg/meta/ | |
| name: yarn update | |
| on: | |
| push: | |
| branches: | |
| - renovate/** | |
| - main | |
| paths: | |
| - .github/workflows/yarn-update.yml | |
| - scripts/yarn-update | |
| - scripts/yarn/* | |
| - client/* | |
| schedule: | |
| - cron: 30 5 * * 0 | |
| workflow_dispatch: | |
| pull_request: | |
| paths: | |
| - .github/workflows/yarn-update.yml | |
| - scripts/yarn-update | |
| - scripts/yarn/* | |
| - client/* | |
| permissions: | |
| contents: read | |
| jobs: | |
| yarn-update: | |
| permissions: | |
| contents: write | |
| if: startsWith(github.repository, 'WeblateOrg/') | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 | |
| if: github.event_name != 'pull_request' | |
| with: | |
| token: ${{ secrets.WEBLATE_CI_TOKEN }} | |
| persist-credentials: true | |
| - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 | |
| if: github.event_name == 'pull_request' | |
| with: | |
| persist-credentials: false | |
| - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 | |
| with: | |
| path: ~/.cache/pre-commit | |
| key: ${{ runner.os }}-pre-commit-${{ hashFiles('.pre-commit-config.yaml') }} | |
| - uses: astral-sh/setup-uv@681c641aba71e4a1c380be3ab5e12ad51f415867 # v7.1.6 | |
| with: | |
| enable-cache: false | |
| version: 0.9.18 | |
| - name: Set up Python | |
| uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 | |
| with: | |
| python-version: '3.14' | |
| - name: Lockfile maintenance | |
| if: github.event_name == 'schedule' || github.event_name == 'workflow_dispatch' | |
| run: | | |
| for dir in scripts/yarn client ; do | |
| if [ ! -d $dir ] ; then | |
| echo "Skipping $dir" | |
| continue | |
| fi | |
| pushd "$dir" | |
| yarn upgrade | |
| popd | |
| done | |
| - run: ./scripts/yarn-update | |
| if: hashFiles('scripts/yarn-update') != '' | |
| - run: | | |
| if [ -d client ] ; then | |
| cd client | |
| yarn install --check-files | |
| yarn build | |
| cd .. | |
| fi | |
| - name: Update SBOM | |
| if: hashFiles('docs/specs/sbom/partial/javascript.json') != '' | |
| working-directory: ./client | |
| run: | | |
| npm sbom --omit dev --sbom-format cyclonedx --sbom-type application > ../docs/specs/sbom/partial/javascript.json | |
| ../scripts/reproducible-sbom.py ../docs/specs/sbom/partial/javascript.json | |
| - name: Merge SBOM | |
| if: hashFiles('docs/specs/sbom/partial/python.json') != '' | |
| env: | |
| # renovate: datasource=github-releases depName=CycloneDX/cyclonedx-cli versioning=loose | |
| CYCLONEDX_CLI_VERSION: v0.29.2 | |
| run: | | |
| curl -L "https://github.com/CycloneDX/cyclonedx-cli/releases/download/$CYCLONEDX_CLI_VERSION/cyclonedx-linux-x64" > /tmp/cyclonedx-linux-x64 | |
| chmod +x /tmp/cyclonedx-linux-x64 | |
| /tmp/cyclonedx-linux-x64 merge --input-files docs/specs/sbom/partial/* --output-file docs/specs/sbom/sbom.json | |
| ./scripts/reproducible-sbom.py docs/specs/sbom/sbom.json | |
| - run: uv run --only-group pre-commit pre-commit run --all | |
| continue-on-error: true | |
| - run: git diff | |
| - uses: pre-commit-ci/lite-action@5d6cc0eb514c891a40562a58a8e71576c5c7fb43 # v1.1.0 | |
| if: github.event_name == 'pull_request' && github.actor != 'renovate[bot]' | |
| with: | |
| msg: 'chore(js): update vendored libraries' | |
| - name: Update current branch | |
| if: github.event_name == 'push' && github.ref_name != 'main' | |
| uses: stefanzweifel/git-auto-commit-action@04702edda442b2e678b25b537cec683a1493fcb9 # v7.1.0 | |
| with: | |
| commit_message: 'chore(js): update vendored libraries' | |
| - name: Create Pull Request | |
| id: cpr | |
| if: github.event_name == 'schedule' || github.event_name == 'workflow_dispatch' || github.ref_name == 'main' | |
| uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725 # v8.0.0 | |
| with: | |
| branch: create-pull-request/yarn-update | |
| title: 'chore(js): update vendored libraries' | |
| commit-message: 'chore(js): update vendored libraries' | |
| token: ${{ secrets.WEBLATE_CI_TOKEN }} | |
| labels: | | |
| dependencies | |
| - name: Enable Pull Request Automerge | |
| if: steps.cpr.outputs.pull-request-operation && steps.cpr.outputs.pull-request-operation != 'none' | |
| run: gh pr merge --rebase --auto "$PR_NUMBER" | |
| env: | |
| GH_TOKEN: ${{ secrets.WEBLATE_CI_TOKEN }} | |
| PR_NUMBER: ${{ steps.cpr.outputs.pull-request-number }} |