snyk

[IGNORE] regenerate package lock for snyk updates #3

	name: snyk
	on:
	pull_request:
	branches:
	- main
	push:
	branches:
	- snyk-fix-*
	- snyk-upgrade-*
	merge_group:

	jobs:
	build:
	name: 'regenerate lockfile'
	runs-on: ubuntu-latest
	if: startsWith(github.head_ref, 'snyk-') \|\| startsWith(github.ref_name, 'snyk-')
	steps:
	- name: checkout
	uses: actions/checkout@v4
	with:
	token: ${{ secrets.GITHUB_TOKEN }}
	fetch-depth: 0

	- uses: perses/github-actions@v0.10.0
	- uses: ./.github/perses-ci/actions/setup_environment
	with:
	enable_npm: true
	- name: install dependencies
	run: npm install

	- name: check for lockfile changes
	id: lockfile-changes
	run: \|
	if git diff --quiet package-lock.json; then
	echo "has_changes=false" >> $GITHUB_OUTPUT
	else
	echo "has_changes=true" >> $GITHUB_OUTPUT
	fi

	- name: commit lockfile changes
	if: steps.lockfile-changes.outputs.has_changes == 'true'
	run: \|
	git config --local user.email "41898282+github-actions[bot]@users.noreply.github.com"
	git config --local user.name "github-actions[bot]"
	git add package-lock.json
	git commit -S -m "[IGNORE] update package-lock.json"
	git push

Provide feedback