snyk

[IGNORE] regenerate package lock for snyk updates #6

	name: snyk
	on:
	pull_request:
	branches:
	- main
	push:
	branches:
	- snyk-fix-*
	- snyk-upgrade-*
	merge_group:

	jobs:
	lockfile-update:
	name: 'regenerate lockfile'
	runs-on: ubuntu-latest
	permissions:
	contents: write
	if: startsWith(github.head_ref, 'snyk-') \|\| startsWith(github.ref_name, 'snyk-')
	outputs:
	lockfile-updated: ${{ steps.lockfile-changes.outputs.has_changes }}
	steps:
	- name: checkout
	uses: actions/checkout@v4
	with:
	token: ${{ secrets.GITHUB_TOKEN }}
	fetch-depth: 0

	- uses: perses/github-actions@v0.10.0
	- uses: ./.github/perses-ci/actions/setup_environment
	with:
	enable_npm: true
	- name: install dependencies
	run: npm install

	- name: check for lockfile changes
	id: lockfile-changes
	run: \|
	if git diff --quiet package-lock.json; then
	echo "has_changes=false" >> $GITHUB_OUTPUT
	else
	echo "has_changes=true" >> $GITHUB_OUTPUT
	fi

	- uses: stefanzweifel/git-auto-commit-action@v6
	if: steps.lockfile-changes.outputs.has_changes == 'true'
	with:
	commit_message: '[IGNORE] automated lockfile update'
	file_pattern: 'package-lock.json'
	commit_options: '--no-verify --signoff'

Provide feedback