Bump the production-dependencies group with 2 updates (#89) #178

	# Melinda node tests

	name: Melinda node tests

	on: push

	jobs:
	build-node-versions:
	name: Node version matrix
	runs-on: ubuntu-latest

	strategy:
	matrix:
	node-version: [16.x, 18.x, 20.x]
	# See supported Node.js release schedule at https://nodejs.org/en/about/releases/

	steps:
	- name: Checkout the code
	uses: actions/checkout@v4
	- name: Use Node.js ${{ matrix.node-version }}
	uses: actions/setup-node@v4
	with:
	node-version: ${{ matrix.node-version }}
	cache: 'npm'
	env:
	NPM_CONFIG_IGNORE_SCRIPTS: true
	- run: npm audit --package-lock-only --production --audit-level=moderate
	- run: npm ci
	- run: npm test
	- run: npm run build --if-present

	license-scan:
	name: License compliance check
	runs-on: ubuntu-latest

	steps:
	- uses: actions/checkout@v4
	- uses: mikaelvesavuori/license-compliance-action@v1.0.2
	with:
	exclude_pattern: /^@natlibfi/

	njsscan:
	name: Njsscan check
	runs-on: ubuntu-latest

	steps:
	- name: Checkout the code
	uses: actions/checkout@v4
	- name: nodejsscan scan
	id: njsscan
	uses: ajinabraham/njsscan-action@master
	with:
	args: '.'

	publish:
	runs-on: ubuntu-latest
	needs: [build-node-versions, njsscan]
	if: contains(github.ref, 'refs/tags/')

	steps:
	- uses: actions/checkout@v4
	# Setup .npmrc file to publish to npm
	- uses: actions/setup-node@v4
	with:
	node-version: '18.x'
	registry-url: 'https://registry.npmjs.org'
	- run: npm ci
	- run: npm publish
	env:
	NODE_AUTH_TOKEN: ${{ secrets.ESLINT_CONFIG_MELINDA_BACKEND_NPM_TOKEN }}

Provide feedback