From c3b899556aa27cc9e86dbab653da3b7d43a19491 Mon Sep 17 00:00:00 2001 From: MDLeom <43627182+curbengh@users.noreply.github.com> Date: Sun, 9 Oct 2022 07:58:57 +0000 Subject: [PATCH 1/3] chore(ga-deps): use latest minor version --- .github/workflows/linter.yml | 6 +++--- .github/workflows/snyk.yml | 4 ++-- .github/workflows/tester.yml | 14 +++++++------- 3 files changed, 12 insertions(+), 12 deletions(-) diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml index ea51b86..1a22a35 100644 --- a/.github/workflows/linter.yml +++ b/.github/workflows/linter.yml @@ -6,13 +6,13 @@ jobs: linter: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3.0.2 + - uses: actions/checkout@v3 - name: Use Node.js 14.x - uses: actions/setup-node@v3.2.0 + uses: actions/setup-node@v3 with: node-version: '14.x' - name: Cache NPM dependencies - uses: actions/cache@v3.0.2 + uses: actions/cache@v3 with: path: node_modules key: ${{ runner.os }}-npm-cache diff --git a/.github/workflows/snyk.yml b/.github/workflows/snyk.yml index 784f8d4..0f9fd93 100644 --- a/.github/workflows/snyk.yml +++ b/.github/workflows/snyk.yml @@ -12,9 +12,9 @@ jobs: security: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3.0.2 + - uses: actions/checkout@v3 - name: Use Node.js 16.x - uses: actions/setup-node@v3.2.0 + uses: actions/setup-node@v3 with: node-version: '16.x' - name: Install Dependencies diff --git a/.github/workflows/tester.yml b/.github/workflows/tester.yml index 10d77d9..954520a 100644 --- a/.github/workflows/tester.yml +++ b/.github/workflows/tester.yml @@ -11,13 +11,13 @@ jobs: node-version: ['14', '16', '18'] fail-fast: false steps: - - uses: actions/checkout@v3.0.2 + - uses: actions/checkout@v3 - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@v3.2.0 + uses: actions/setup-node@v3 with: node-version: ${{ matrix.node-version }} - name: Cache NPM dependencies - uses: actions/cache@v3.0.2 + uses: actions/cache@v3 with: path: node_modules key: ${{ runner.os }}-npm-cache @@ -35,13 +35,13 @@ jobs: os: [ubuntu-latest] node-version: ['14.x'] steps: - - uses: actions/checkout@v3.0.2 + - uses: actions/checkout@v3 - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@v3.2.0 + uses: actions/setup-node@v3 with: node-version: ${{ matrix.node-version }} - name: Cache NPM dependencies - uses: actions/cache@v3.0.2 + uses: actions/cache@v3 with: path: node_modules key: ${{ runner.os }}-npm-cache @@ -53,6 +53,6 @@ jobs: env: CI: true - name: Upload coverage report to Codecov - uses: codecov/codecov-action@v3.1.0 + uses: codecov/codecov-action@v3 with: fail_ci_if_error: true From 5453fc9ee05d0484803ba794ea10a44a78c07e7e Mon Sep 17 00:00:00 2001 From: MDLeom <43627182+curbengh@users.noreply.github.com> Date: Sun, 9 Oct 2022 07:59:47 +0000 Subject: [PATCH 2/3] chore(deps-dev): bump jest from 28.1.3 to 29.1.2 --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 5d90c6d..90043aa 100644 --- a/package.json +++ b/package.json @@ -32,7 +32,7 @@ }, "devDependencies": { "hexo": "^6.1.0", - "jest": "^28.0.3", + "jest": "^29.1.2", "standard": "^17.0.0" }, "keywords": [ From 777ffabd2b309dd6b9a26fc464ab00098a980ed5 Mon Sep 17 00:00:00 2001 From: MDLeom <43627182+curbengh@users.noreply.github.com> Date: Sun, 9 Oct 2022 08:00:56 +0000 Subject: [PATCH 3/3] ci: run snyk & semgrep weekly --- .github/workflows/semgrep.yml | 1 + .github/workflows/snyk.yml | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml index 072577c..1363a6b 100644 --- a/.github/workflows/semgrep.yml +++ b/.github/workflows/semgrep.yml @@ -8,6 +8,7 @@ on: paths: - .github/workflows/semgrep.yml schedule: + # Weekly - cron: '0 0 * * 0' jobs: semgrep: diff --git a/.github/workflows/snyk.yml b/.github/workflows/snyk.yml index 0f9fd93..86bba8b 100644 --- a/.github/workflows/snyk.yml +++ b/.github/workflows/snyk.yml @@ -2,8 +2,8 @@ name: Snyk on: schedule: - # Every day - - cron: '0 0 * * *' + # Weekly + - cron: '0 0 * * 0' pull_request: branches: - 'dependabot/github_actions/github/codeql-action**'