Update deps (#361)

.github/workflows/draft-release.yml

@@ -21,4 +21,4 @@ jobs:
       version_strategy: '${{ github.event.inputs.version_strategy }}'
     # secrets must be explicitly passed to reusable workflows https://docs.github.com/en/enterprise-cloud@latest/actions/using-workflows/reusing-workflows#using-inputs-and-secrets-in-a-reusable-workflow
     secrets:
-      ACTIONS_BOT_TOKEN: '${{ secrets.ACTIONS_BOT_TOKEN }}'
+      ACTIONS_BOT_TOKEN: '${{ secrets.ACTIONS_BOT_TOKEN }}'

.github/workflows/integration.yml

@@ -21,36 +21,35 @@ permissions:
 
 jobs:
   integration:
-    if: ${{ contains(fromJSON('["push", "workflow_dispatch"]'), github.event_name) || github.repository == github.event.pull_request.head.repo.full_name && github.actor != 'dependabot[bot]' }}
     runs-on: 'ubuntu-latest'
 
     steps:
-    - uses: 'actions/checkout@v4'
-
-    - uses: 'actions/setup-node@v4'
-      with:
-        node-version: '20.x'
-
-    - name: 'npm build'
-      run: 'npm ci && npm run build'
-
-    - uses: 'google-github-actions/auth@v2'
-      with:
-        workload_identity_provider: '${{ vars.WIF_PROVIDER_NAME }}'
-        service_account: '${{ vars.SERVICE_ACCOUNT_EMAIL }}'
-
-    - name: 'Create files'
-      run: |-
-        mkdir -p test
-        touch test/test1.txt
-        touch test/test2.txt
-
-    - id: 'upload'
-      name: 'Upload files'
-      uses: './'
-      with:
-        path: './test'
-        destination: '${{ vars.BUCKET_NAME }}/testprefix'
-
-    - name: 'Get output'
-      run: 'echo "${{ steps.upload.outputs.uploaded }}"'
+      - uses: 'actions/checkout@v4'
+
+      - uses: 'actions/setup-node@v4'
+        with:
+          node-version: '20.x'
+
+      - name: 'npm build'
+        run: 'npm ci && npm run build'
+
+      - uses: 'google-github-actions/auth@v2'
+        with:
+          workload_identity_provider: '${{ vars.WIF_PROVIDER_NAME }}'
+          service_account: '${{ vars.SERVICE_ACCOUNT_EMAIL }}'
+
+      - name: 'Create files'
+        run: |-
+          mkdir -p test
+          touch test/test1.txt
+          touch test/test2.txt
+
+      - id: 'upload'
+        name: 'Upload files'
+        uses: './'
+        with:
+          path: './test'
+          destination: '${{ vars.BUCKET_NAME }}/testprefix'
+
+      - name: 'Get output'
+        run: 'echo "${{ steps.upload.outputs.uploaded }}"'

.github/workflows/release.yml

@@ -8,6 +8,7 @@ on:
 
 jobs:
   release:
-    if: "startsWith(github.event.head_commit.message, 'Release: v')"
+    if: |-
+      ${{ startsWith(github.event.head_commit.message, 'Release: v') }}
     name: 'Release'
     uses: 'google-github-actions/.github/.github/workflows/release.yml@v0'

.github/workflows/unit.yml

@@ -27,37 +27,37 @@ jobs:
       fail-fast: false
       matrix:
         os:
-        - 'ubuntu-latest'
-        - 'windows-latest'
-        - 'macos-latest'
+          - 'ubuntu-latest'
+          - 'windows-latest'
+          - 'macos-latest'
 
     steps:
-    - uses: 'actions/checkout@v4'
-
-    - uses: 'actions/setup-node@v4'
-      with:
-        node-version: '20.x'
-
-    - name: 'npm build'
-      run: 'npm ci && npm run build'
-
-    - name: 'npm lint'
-      # There's no need to run the linter for each operating system, since it
-      # will find the same thing 3x and clog up the PR review.
-      if: ${{ matrix.os == 'ubuntu-latest' }}
-      run: 'npm run lint'
-
-    # Only authenticate if this is a full CI run.
-    - uses: 'google-github-actions/auth@v2'
-      with:
-        workload_identity_provider: '${{ vars.WIF_PROVIDER_NAME }}'
-        service_account: '${{ vars.SERVICE_ACCOUNT_EMAIL }}'
-      if: ${{ github.event_name == 'push' || github.repository == github.event.pull_request.head.repo.full_name && github.actor != 'dependabot[bot]' }}
-
-    # The secrets will only be injected in pushes to main or from maintainers.
-    # If they aren't present, the associated steps are skipped.
-    - name: 'npm test'
-      run: 'npm run test'
-      env:
-        UPLOAD_CLOUD_STORAGE_TEST_BUCKET: '${{ vars.BUCKET_NAME }}'
-        UPLOAD_CLOUD_STORAGE_TEST_PROJECT: '${{ vars.PROJECT_ID }}'
+      - uses: 'actions/checkout@v4'
+
+      - uses: 'actions/setup-node@v4'
+        with:
+          node-version: '20.12.x' # https://github.com/nodejs/node/issues/53033
+
+      - name: 'npm build'
+        run: 'npm ci && npm run build'
+
+      - name: 'npm lint'
+        # There's no need to run the linter for each operating system, since it
+        # will find the same thing 3x and clog up the PR review.
+        if: ${{ matrix.os == 'ubuntu-latest' }}
+        run: 'npm run lint'
+
+      # Only authenticate if this is a full CI run.
+      - if: ${{ github.event_name == 'push' || github.repository == github.event.pull_request.head.repo.full_name }}
+        uses: 'google-github-actions/auth@v2'
+        with:
+          workload_identity_provider: '${{ vars.WIF_PROVIDER_NAME }}'
+          service_account: '${{ vars.SERVICE_ACCOUNT_EMAIL }}'
+
+      # The secrets will only be injected in pushes to main or from maintainers.
+      # If they aren't present, the associated steps are skipped.
+      - name: 'npm test'
+        run: 'npm run test'
+        env:
+          UPLOAD_CLOUD_STORAGE_TEST_BUCKET: '${{ vars.BUCKET_NAME }}'
+          UPLOAD_CLOUD_STORAGE_TEST_PROJECT: '${{ vars.PROJECT_ID }}'