Bugfix/refactor pnpm update

.github/workflows/codeql-analysis.yml

@@ -7,7 +7,7 @@ on:
     # The branches below must be a subset of the branches above
     branches: [master, devel]
   schedule:
-    - cron: '0 17 * * 2'
+    - cron: "0 17 * * 2"
 
 jobs:
   analyze:
@@ -19,29 +19,28 @@ jobs:
       matrix:
         # Override automatic language detection by changing the below list
         # Supported options are ['csharp', 'cpp', 'go', 'java', 'javascript', 'python']
-        language: ['python', 'javascript']
+        language: ["python", "javascript"]
         # Learn more...
         # https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection
 
     steps:
-    - name: Checkout repository
-      uses: actions/checkout@v3
-      with:
-        # We must fetch at least the immediate parents so that if this is
-        # a pull request then we can checkout the head.
-        fetch-depth: 2
-
-    # Initializes the CodeQL tools for scanning.
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v2
-      with:
-        languages: ${{ matrix.language }}
-
-    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
-    # If this step fails, then you should remove it and run the build manually (see below)
-    - name: Autobuild
-      uses: github/codeql-action/autobuild@v2
-
-
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v2
+      - name: Checkout repository
+        uses: actions/checkout@v3
+        with:
+          # We must fetch at least the immediate parents so that if this is
+          # a pull request then we can checkout the head.
+          fetch-depth: 2
+
+      # Initializes the CodeQL tools for scanning.
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          languages: ${{ matrix.language }}
+
+      # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+      # If this step fails, then you should remove it and run the build manually (see below)
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v2
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2

.github/workflows/dependency-auto-merge.yml

@@ -22,7 +22,7 @@ jobs:
         with:
           github-token: "${{ secrets.GITHUB_TOKEN }}"
       - name: Enable auto-merge for Dependabot PRs
-        if:  ${{ steps.metadata.outputs.package-ecosystem == 'pip' || steps.metadata.outputs.package-ecosystem == 'github_actions' }}
+        if: ${{ steps.metadata.outputs.package-ecosystem == 'pip' || steps.metadata.outputs.package-ecosystem == 'github_actions' }}
         run: gh pr review --approve "$PR_URL" && gh pr merge --auto --merge "$PR_URL"
         env:
           PR_URL: ${{github.event.pull_request.html_url}}

.github/workflows/dependency-review.yml

@@ -4,7 +4,7 @@
 #
 # Source repository: https://github.com/actions/dependency-review-action
 # Public documentation: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement
-name: 'Dependency Review'
+name: "Dependency Review"
 on: [pull_request]
 
 permissions:
@@ -14,9 +14,9 @@ jobs:
   dependency-review:
     runs-on: ubuntu-latest
     steps:
-      - name: 'Checkout Repository'
+      - name: "Checkout Repository"
         uses: actions/checkout@v3
-      - name: 'Dependency Review'
+      - name: "Dependency Review"
         uses: actions/dependency-review-action@v3
         with:
           fail-on-severity: moderate

.github/workflows/docs.yml

@@ -1,27 +1,31 @@
 name: Documentation check
 
-on: [pull_request]
+on:
+  push:
+    branches:
+      - "dependabot/**"
+  pull_request:
 
 jobs:
   style_check:
     strategy:
       max-parallel: 4
       matrix:
         os: [ubuntu-latest]
-        python-version: ['3.10']
-      
+        python-version: ["3.10"]
+
     runs-on: ${{ matrix.os }}
 
     steps:
-    - uses: actions/checkout@v3
-    - name: Set up Python ${{ matrix.python-version }}
-      uses: actions/setup-python@v4
-      with:
-        python-version: ${{ matrix.python-version }}
-    - name: Install dependencies
-      run: |
-        python -m pip install --upgrade pip
-        pip install tox tox-gh-actions
-    - name: Test documentation
-      run: |
-        tox -e docs
+      - uses: actions/checkout@v3
+      - name: Set up Python ${{ matrix.python-version }}
+        uses: actions/setup-python@v4
+        with:
+          python-version: ${{ matrix.python-version }}
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          pip install tox tox-gh-actions
+      - name: Test documentation
+        run: |
+          tox -e docs

.github/workflows/e2etests.yml

@@ -1,5 +1,9 @@
 name: End-to-end tests
-on: [pull_request]
+on:
+  push:
+    branches:
+      - "dependabot/**"
+  pull_request:
 
 jobs:
   cypress-e2e-headless:
@@ -47,7 +51,7 @@ jobs:
         uses: actions/setup-node@v3
         with:
           node-version: ${{ matrix.node }}
-          cache: 'pnpm'
+          cache: "pnpm"
           cache-dependency-path: swift_browser_ui_frontend/pnpm-lock.yaml
       - name: Build Frontend
         run: |

.github/workflows/eslint.yml

@@ -1,14 +1,17 @@
 name: Javascript ESLint check
 
-on: [pull_request]
-
+on:
+  push:
+    branches:
+      - "dependabot/**"
+  pull_request:
 
 jobs:
   build:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        node: ['18']
+        node: ["18"]
     name: Node ${{ matrix.node }} eslint check
     steps:
       - uses: actions/checkout@v3
@@ -19,7 +22,7 @@ jobs:
         uses: actions/setup-node@v3
         with:
           node-version: ${{ matrix.node }}
-          cache: 'pnpm'
+          cache: "pnpm"
           cache-dependency-path: swift_browser_ui_frontend/pnpm-lock.yaml
       - name: Install dependencies
         run: |
@@ -29,4 +32,3 @@ jobs:
         run: |
           pushd swift_browser_ui_frontend
           pnpm run lint
-

.github/workflows/pnpm-dependabot.yml

@@ -4,9 +4,21 @@ name: Dependabot
 on: pull_request_target
 permissions: read-all
 jobs:
-  update-lockfile:
+  fetch-dependabot-metadata:
     runs-on: ubuntu-latest
     if: ${{ github.actor == 'dependabot[bot]' }}
+    outputs:
+      package-ecosystem: ${{ steps.metadata.outputs.package-ecosystem }}
+    steps:
+      - name: Dependabot metadata
+        id: metadata
+        uses: dependabot/fetch-metadata@v1.3.6
+        with:
+          github-token: "${{ secrets.GITHUB_TOKEN }}"
+  update-lockfile:
+    runs-on: ubuntu-latest
+    needs: [fetch-dependabot-metadata]
+    if: needs.fetch-dependabot-metadata.outputs.package-ecosystem == 'npm_and_yarn'
     permissions:
       pull-requests: write
       contents: write
@@ -17,8 +29,10 @@ jobs:
       - uses: actions/checkout@v3
         with:
           ref: ${{ github.event.pull_request.head.ref }}
-      - run: pnpm i --lockfile-only --prefix swift_browser_ui_frontend
-      - run: |
+      - name: Update pnpm lock file
+        run: pnpm i --lockfile-only --prefix swift_browser_ui_frontend
+      - name: Trigger update
+        run: |
           git config --global user.name github-actions[bot]
           git config --global user.email github-actions[bot]@users.noreply.github.com
           git add swift_browser_ui_frontend/pnpm-lock.yaml

.github/workflows/publish.yml

@@ -6,7 +6,7 @@ on:
   push:
     branches: [master, devel]
     tags:
-      - 'v*'
+      - "v*"
 
 jobs:
   push_to_registry:
@@ -18,7 +18,7 @@ jobs:
 
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v2
-      
+
       - name: Login to DockerHub
         if: github.event_name != 'pull_request'
         uses: docker/login-action@v2
@@ -35,7 +35,7 @@ jobs:
             type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', 'master') }}
             type=raw,value=stage,enable=${{ github.ref == format('refs/heads/{0}', 'devel') }}
             type=ref,event=tag
-      
+
       - name: Build and push
         uses: docker/build-push-action@v4
         with:

.github/workflows/spellcheck.yml

@@ -8,12 +8,12 @@ jobs:
       max-parallel: 4
       matrix:
         os: [ubuntu-latest]
-      
+
     runs-on: ${{ matrix.os }}
 
     steps:
-    - uses: actions/checkout@v3
-    - uses: rojopolis/spellcheck-github-actions@0.30.0
-      name: Spellcheck
-      with:
-        config_path: .github/config/.spellcheck.yml
+      - uses: actions/checkout@v3
+      - uses: rojopolis/spellcheck-github-actions@0.30.0
+        name: Spellcheck
+        with:
+          config_path: .github/config/.spellcheck.yml

.github/workflows/style.yml

@@ -1,37 +1,41 @@
 name: Python style check
 
-on: [pull_request]
+on:
+  push:
+    branches:
+      - "dependabot/**"
+  pull_request:
 
 jobs:
   style_check:
     strategy:
       max-parallel: 4
       matrix:
         os: [ubuntu-latest]
-        python-version: ['3.10']
-      
+        python-version: ["3.10"]
+
     runs-on: ${{ matrix.os }}
 
     steps:
-    - uses: actions/checkout@v3
-    - name: Setup node
-      uses: actions/setup-node@v3
-      with:
-        node-version: ${{ matrix.node }}
-    - uses: actions/checkout@v3
-    - name: Set up Python ${{ matrix.python-version }}
-      uses: actions/setup-python@v4
-      with:
-        python-version: ${{ matrix.python-version }}
-    - name: Install dependencies
-      run: |
-        python -m pip install --upgrade pip
-        pip install tox tox-gh-actions
-    - name: Test flake8 syntax with tox
-      run: tox -e flake8
-    - name: Test mypy typing with tox
-      run: tox -e mypy
-    - name: bandit static check
-      run: tox -e bandit
-    - name: black style check
-      run: tox -e black
+      - uses: actions/checkout@v3
+      - name: Setup node
+        uses: actions/setup-node@v3
+        with:
+          node-version: ${{ matrix.node }}
+      - uses: actions/checkout@v3
+      - name: Set up Python ${{ matrix.python-version }}
+        uses: actions/setup-python@v4
+        with:
+          python-version: ${{ matrix.python-version }}
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          pip install tox tox-gh-actions
+      - name: Test flake8 syntax with tox
+        run: tox -e flake8
+      - name: Test mypy typing with tox
+        run: tox -e mypy
+      - name: bandit static check
+        run: tox -e bandit
+      - name: black style check
+        run: tox -e black