chore: Bump deps

mauriciolauffer · Dec 5, 2023 · 9565ab2 · 9565ab2
1 parent 6c851d8
commit 9565ab2
Show file tree

Hide file tree

Showing 10 changed files with 374 additions and 228 deletions.
diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml
@@ -1 +1 @@
-github: verlok
+github: mauriciolauffer
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -0,0 +1,8 @@
+version: 2
+updates:
+  - package-ecosystem: "npm"
+    directory: "/"
+    schedule:
+      interval: "monthly"
+    allow:
+      - dependency-type: "production"
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -34,7 +34,7 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v3
+      uses: actions/checkout@v4
       with:
         persist-credentials: false
 

diff --git a/.github/workflows/npm-publish.yml b/.github/workflows/npm-publish.yml
@@ -12,12 +12,15 @@ jobs:
     permissions:
       id-token: write
     steps:
-      - uses: actions/checkout@v3
-      - uses: actions/setup-node@v3
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
         with:
           node-version: 20
           registry-url: https://registry.npmjs.org
           cache: npm
+      - run: npm i -g @ui5/cli --ignore-scripts
+      - run: npm ci --ignore-scripts
+      - run: npm run build
       - run: npm publish --provenance
         env:
           NODE_AUTH_TOKEN: ${{ secrets.NPM_SECRET }}
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -3,16 +3,17 @@ on:
   push:
     branches: [master]
 
-permissions:
-  contents: write
-  pull-requests: write
+permissions: read-all
 
 jobs:
   release:
     runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      pull-requests: write
     steps:
-      - uses: google-github-actions/release-please-action@v3
+      - uses: google-github-actions/release-please-action@v4
         with:
           token: ${{ secrets.GH_PAT }}
           release-type: node
-          package-name: ui5-task-minifier
+          package-name: openui5-validator
diff --git a/.github/workflows/scorecards-analysis.yml b/.github/workflows/scorecards-analysis.yml
@@ -3,7 +3,7 @@ on:
   # Only the default branch is supported.
   branch_protection_rule:
   schedule:
-    - cron: '10 5 * * 1'
+    - cron: '30 5 * * 1'
   push:
     branches: [ master ]
 
@@ -17,15 +17,16 @@ jobs:
     permissions:
       # Needed to upload the results to code-scanning dashboard.
       security-events: write
+      id-token: write
 
     steps:
       - name: "Checkout code"
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           persist-credentials: false
 
       - name: "Run analysis"
-        uses: ossf/scorecard-action@80e868c13c90f172d68d1f4501dee99e2479f7af # v2.1.3
+        uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1
         with:
           results_file: results.sarif
           results_format: sarif

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -1,5 +1,4 @@
 name: test
-
 on:
   push:
     branches: [ master ]
@@ -13,16 +12,14 @@ jobs:
     permissions:
       security-events: write
     steps:
-    - uses: actions/checkout@v3
-    - uses: actions/setup-node@v3
+    - uses: actions/checkout@v4
+      with:
+        persist-credentials: false
+    - uses: actions/setup-node@v4
       with:
-        node-version: 20
         cache: npm
-    - run: |
-        mkdir target
-        npm ci --ignore-scripts
-        npm run lint:ci
+    - run: npm ci --ignore-scripts
+    - run: npm run lint:ci
     - uses: github/codeql-action/upload-sarif@v2
       with:
-        sarif_file: target/eslint.sarif
-    - run: npm run test
+        sarif_file: ./eslint.sarif