chore(js): update vendored libraries #2405
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright © Michal Čihař <michal@weblate.org> | |
| # | |
| # SPDX-License-Identifier: CC0-1.0 | |
| name: yarn update | |
| on: | |
| push: | |
| branches: | |
| - renovate/** | |
| - main | |
| - stable | |
| paths: | |
| - .github/workflows/yarn-update.yml | |
| - scripts/yarn-update | |
| - scripts/yarn/* | |
| - client/* | |
| schedule: | |
| - cron: 30 5 * * 0 | |
| workflow_dispatch: | |
| pull_request: | |
| paths: | |
| - .github/workflows/yarn-update.yml | |
| - scripts/yarn-update | |
| - scripts/yarn/* | |
| - client/* | |
| permissions: | |
| contents: read | |
| jobs: | |
| yarn-update: | |
| permissions: | |
| contents: write | |
| if: startsWith(github.repository, 'WeblateOrg/') | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| if: github.event_name != 'pull_request' && github.repository_owner == 'WeblateOrg' | |
| with: | |
| token: ${{ secrets.WEBLATE_CI_TOKEN }} | |
| persist-credentials: true | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| if: github.event_name != 'pull_request' && github.repository_owner != 'WeblateOrg' | |
| with: | |
| persist-credentials: true | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| if: github.event_name == 'pull_request' | |
| with: | |
| persist-credentials: false | |
| - uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 | |
| with: | |
| path: ~/.cache/pre-commit | |
| key: ${{ runner.os }}-pre-commit-${{ hashFiles('.pre-commit-config.yaml') }} | |
| - uses: astral-sh/setup-uv@6ee6290f1cbc4156c0bdd66691b2c144ef8df19a # v7.4.0 | |
| with: | |
| enable-cache: false | |
| version: 0.10.9 | |
| - name: Set up Python | |
| uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 | |
| with: | |
| python-version: '3.14' | |
| - working-directory: ./client | |
| run: | | |
| yarn install --check-files | |
| yarn build | |
| - name: Lockfile maintenance | |
| if: github.event_name == 'schedule' || github.event_name == 'workflow_dispatch' | |
| working-directory: ./client | |
| run: | | |
| yarn upgrade | |
| yarn install | |
| yarn build | |
| - name: Update SBOM | |
| working-directory: ./client | |
| run: | | |
| npm sbom --omit dev --sbom-format cyclonedx --sbom-type application > ../docs/specs/sbom/partial/javascript.json | |
| ../scripts/reproducible-sbom.py ../docs/specs/sbom/partial/javascript.json | |
| - name: Merge SBOM | |
| env: | |
| # renovate: datasource=github-releases depName=CycloneDX/cyclonedx-cli versioning=loose | |
| CYCLONEDX_CLI_VERSION: v0.30.0 | |
| run: | | |
| curl -L "https://github.com/CycloneDX/cyclonedx-cli/releases/download/$CYCLONEDX_CLI_VERSION/cyclonedx-linux-x64" > /tmp/cyclonedx-linux-x64 | |
| chmod +x /tmp/cyclonedx-linux-x64 | |
| /tmp/cyclonedx-linux-x64 merge --input-files docs/specs/sbom/partial/* --output-file docs/specs/sbom/sbom.json | |
| ./scripts/reproducible-sbom.py docs/specs/sbom/sbom.json | |
| - name: Commit or create pull request | |
| uses: ./.github/actions/auto-commit | |
| with: | |
| message: 'chore(js): update vendored libraries' | |
| pr-branch: create-pull-request/yarn-update | |
| pr-labels: | | |
| dependencies | |
| github-token: ${{ secrets.WEBLATE_CI_TOKEN }} |