Skip to content

Bump github/codeql-action from 3.27.0 to 3.27.9 in the github-actions group across 1 directory #4996

Bump github/codeql-action from 3.27.0 to 3.27.9 in the github-actions group across 1 directory

Bump github/codeql-action from 3.27.0 to 3.27.9 in the github-actions group across 1 directory #4996

Workflow file for this run

name: CI
on:
pull_request:
branches:
- v2
# Ensure scripts are run with pipefail. See:
# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference
defaults:
run:
shell: bash
jobs:
tests:
strategy:
fail-fast: false
matrix:
os:
- ubuntu-latest
- windows-latest
- macos-latest
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
with:
node-version: "18.x"
- uses: pnpm/action-setup@fe02b34f77f8bc703788d5817da081398fad5dd2 # v4.0.0
- run: pnpm install
# Grab localizations
- run: pnpm docs-sync pull microsoft/TypeScript-Website-localizations#main 1
# Build the packages
- run: pnpm bootstrap
- run: pnpm build
# Verify it compiles
- run: pnpm build-site
- uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
if: github.event_name == 'pull_request' && matrix.os == 'ubuntu-latest'
with:
name: site
path: packages/typescriptlang-org/public
# Run all the package's tests
- run: pnpm test
# danger for PR builds
- if: github.event_name == 'pull_request' && github.event.pull_request.base.repo.id == github.event.pull_request.head.repo.id && matrix.os == 'ubuntu-latest'
run: "pnpm danger ci"
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- run: |
git add .
if ! git diff --staged --exit-code --quiet; then
echo "This PR is missing some generated changes. Please update locally or merge the patch artifact."
echo ""
git diff --staged
git diff --staged > missing.patch
exit 1
fi
name: Check for uncommitted changes
id: check-diff
if: github.event_name == 'pull_request'
- name: Upload diff artifact
if: ${{ failure() && steps.check-diff.conclusion == 'failure' }}
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
with:
name: missing.patch
path: missing.patch
changesets:
name: changesets
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 0
- uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
with:
node-version: 'lts/*'
- uses: pnpm/action-setup@fe02b34f77f8bc703788d5817da081398fad5dd2 # v4.0.0
- run: pnpm install
- name: Check for missing changesets
run: |
PR_CHANGESETS=$(ls .changeset | (grep -v -E 'README\.md|config\.json' || true) | wc -l)
MAIN_CHANGESETS=$(git ls-tree -r origin/v2 .changeset | (grep -v -E 'README\.md|config\.json' || true) | wc -l)
# If the PR has no changesets, but main has changesets, assume this is PR is a versioning PR and exit
if [[ $PR_CHANGESETS -eq 0 && $MAIN_CHANGESETS -gt 0 ]]; then
echo "This PR is a versioning PR, exiting"
exit 0
fi
# git switch -c changesets-temp
# git checkout origin/v2 -- <ignored files>
pnpm changeset status --since=origin/v2
required:
runs-on: ubuntu-latest
if: ${{ always() }}
needs:
- tests
- changesets
steps:
- name: Check required jobs
env:
NEEDS: ${{ toJson(needs) }}
run: |
! echo $NEEDS | jq -e 'to_entries[] | { job: .key, result: .value.result } | select(.result != "success")'