From a39e230f169c0fed940afae58b321da50334fc8d Mon Sep 17 00:00:00 2001 From: raj pandey Date: Fri, 14 Jul 2023 13:39:50 +0530 Subject: [PATCH 1/3] Updated actions version to latest, added auto generate release notes and version bump --- .github/workflows/codeql-analysis.yml | 2 +- .github/workflows/jira.yml | 2 +- .github/workflows/release.yml | 15 +++++++++++---- .github/workflows/sast-scan.yml | 2 +- .github/workflows/secrets-scan.yml | 2 +- package-lock.json | 4 ++-- package.json | 2 +- 7 files changed, 18 insertions(+), 11 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 3566f96..ef4bb17 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -34,7 +34,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v3.5.3 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/jira.yml b/.github/workflows/jira.yml index 5ddf87a..c4f9d9f 100644 --- a/.github/workflows/jira.yml +++ b/.github/workflows/jira.yml @@ -7,7 +7,7 @@ jobs: if: ${{ github.actor == 'dependabot[bot]' || github.actor == 'snyk-bot' || contains(github.event.pull_request.head.ref, 'snyk-fix-') || contains(github.event.pull_request.head.ref, 'snyk-upgrade-')}} runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3.5.3 - name: Login into JIRA uses: atlassian/gajira-login@master env: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index fe11a63..8da2a7d 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -6,15 +6,22 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - uses: actions/setup-node@v1 + - uses: actions/checkout@v3.5.3 + - uses: actions/setup-node@v3.7.0 with: - node-version: "16.x" + node-version: "18.x" - name: Installing dependencies run: npm install - name: Build run: npm run build-ts - name: Publishing datasync asset store filesystem - uses: JS-DevTools/npm-publish@v1 + id: publish-to-npm + uses: JS-DevTools/npm-publish@v2.2.1 with: token: ${{ secrets.NPM_TOKEN }} + - name: github-release + id: github-release + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: gh release create v${{ steps.publish-to-npm.outputs.version }} --title "Release ${{ steps.publish-to-npm.outputs.version }}" --generate-notes + diff --git a/.github/workflows/sast-scan.yml b/.github/workflows/sast-scan.yml index f931630..1c735ec 100644 --- a/.github/workflows/sast-scan.yml +++ b/.github/workflows/sast-scan.yml @@ -6,6 +6,6 @@ jobs: security: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3.5.3 - name: Horusec Scan run: docker run -v /var/run/docker.sock:/var/run/docker.sock -v $(pwd):/src horuszup/horusec-cli:latest horusec start -p /src -P $(pwd) \ No newline at end of file diff --git a/.github/workflows/secrets-scan.yml b/.github/workflows/secrets-scan.yml index 1e8f176..24377a5 100644 --- a/.github/workflows/secrets-scan.yml +++ b/.github/workflows/secrets-scan.yml @@ -6,6 +6,6 @@ jobs: security: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3.5.3 - name: Gittyleaks uses: gupy-io/gittyleaks-action@v0.1 \ No newline at end of file diff --git a/package-lock.json b/package-lock.json index fe8a74b..9001523 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "@contentstack/datasync-asset-store-filesystem", - "version": "2.0.1", + "version": "2.0.2", "lockfileVersion": 2, "requires": true, "packages": { "": { "name": "@contentstack/datasync-asset-store-filesystem", - "version": "2.0.1", + "version": "2.0.2", "license": "MIT", "dependencies": { "debug": "^4.3.4", diff --git a/package.json b/package.json index f5d7f11..163d1fe 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@contentstack/datasync-asset-store-filesystem", - "version": "2.0.1", + "version": "2.0.2", "description": "Fillesystem asset store for DataSync libraries. Stores Contentstack asset-files in filesystem", "main": "./dist", "types": "./typings", From e2b914feb3ac3fe17582f4937a3a7868d7dbacf1 Mon Sep 17 00:00:00 2001 From: raj pandey Date: Tue, 25 Jul 2023 15:42:41 +0530 Subject: [PATCH 2/3] Version bump removed --- package-lock.json | 4 ++-- package.json | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/package-lock.json b/package-lock.json index 9001523..fe8a74b 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "@contentstack/datasync-asset-store-filesystem", - "version": "2.0.2", + "version": "2.0.1", "lockfileVersion": 2, "requires": true, "packages": { "": { "name": "@contentstack/datasync-asset-store-filesystem", - "version": "2.0.2", + "version": "2.0.1", "license": "MIT", "dependencies": { "debug": "^4.3.4", diff --git a/package.json b/package.json index 163d1fe..f5d7f11 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@contentstack/datasync-asset-store-filesystem", - "version": "2.0.2", + "version": "2.0.1", "description": "Fillesystem asset store for DataSync libraries. Stores Contentstack asset-files in filesystem", "main": "./dist", "types": "./typings", From 37fb79b0985180cfd2089110adba15e55804835b Mon Sep 17 00:00:00 2001 From: raj pandey Date: Tue, 25 Jul 2023 15:44:03 +0530 Subject: [PATCH 3/3] Removed Secrets Scan --- .github/workflows/secrets-scan.yml | 11 ----------- 1 file changed, 11 deletions(-) delete mode 100644 .github/workflows/secrets-scan.yml diff --git a/.github/workflows/secrets-scan.yml b/.github/workflows/secrets-scan.yml deleted file mode 100644 index 24377a5..0000000 --- a/.github/workflows/secrets-scan.yml +++ /dev/null @@ -1,11 +0,0 @@ -name: Secrets Scan -on: - pull_request: - types: [opened, synchronize, reopened] -jobs: - security: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3.5.3 - - name: Gittyleaks - uses: gupy-io/gittyleaks-action@v0.1 \ No newline at end of file