Skip to content

Update dependency axios to v1.6.0 [SECURITY] #14711

Update dependency axios to v1.6.0 [SECURITY]

Update dependency axios to v1.6.0 [SECURITY] #14711

Workflow file for this run

name: ci
on:
push:
branches:
- main
pull_request:
types: [opened, reopened, synchronize, ready_for_review]
workflow_dispatch:
jobs:
test-unit:
strategy:
fail-fast: false
matrix:
runner: [ubuntu, windows, macos]
# Run on the most recently supported version of node for all bots.
node: [20]
include:
# Additionally, run the oldest supported version on Ubuntu. We don't
# need to run this on all platforms as we're only verifying we don't
# call any APIs not available in this version.
- runner: ubuntu
node: 18 # VS Code started using Node 18 in Aug 2023 in v1.82: https://code.visualstudio.com/updates/v1_82#_engineering
runs-on: ${{ matrix.runner }}-latest
timeout-minutes: 10
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: ${{ matrix.node }}
- uses: pnpm/action-setup@d882d12c64e032187b2edb46d3a0d003b7a43598 # SECURITY: pin third-party action hashes
- run: echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT
shell: bash
id: pnpm-cache
- name: Cache pnpm store
uses: actions/cache@v3
with:
path: ${{ steps.pnpm-cache.outputs.STORE_PATH }}
key: ${{ runner.os }}-${{ matrix.node }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }}
restore-keys: ${{ runner.os }}-${{ matrix.node }}-pnpm-store-
- run: pnpm install
- run: pnpm build
- run: pnpm run test:unit --run
env:
CODY_NODE_VERSION: ${{ matrix.node }}
test-integration:
strategy:
fail-fast: false
matrix:
runner: [ubuntu, windows, macos]
runs-on: ${{ matrix.runner }}-latest
timeout-minutes: 15
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version-file: .tool-versions
- uses: pnpm/action-setup@d882d12c64e032187b2edb46d3a0d003b7a43598 # SECURITY: pin third-party action hashes
- run: echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT
shell: bash
id: pnpm-cache
- name: Cache pnpm store
uses: actions/cache@v3
with:
path: ${{ steps.pnpm-cache.outputs.STORE_PATH }}
key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }}
restore-keys: ${{ runner.os }}-pnpm-store-
- run: pnpm install
- run: xvfb-run -a pnpm -C vscode run test:integration
if: matrix.runner == 'ubuntu'
- run: pnpm -C vscode run test:integration
if: github.ref == 'refs/heads/main' && (matrix.runner == 'windows' || matrix.runner == 'macos')
test-e2e:
strategy:
fail-fast: false
matrix:
include:
# only shard ubuntu
- runner: windows
- runner: ubuntu
shard: 1/5
- runner: ubuntu
shard: 2/5
- runner: ubuntu
shard: 3/5
- runner: ubuntu
shard: 4/5
- runner: ubuntu
shard: 5/5
runs-on: ${{ matrix.runner }}-latest
timeout-minutes: 15
permissions:
id-token: write
contents: read
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version-file: .tool-versions
- uses: pnpm/action-setup@d882d12c64e032187b2edb46d3a0d003b7a43598 # SECURITY: pin third-party action hashes
- id: auth
uses: google-github-actions/auth@v0
# Skip auth if PR is from a fork
if: ${{ !github.event.pull_request.head.repo.fork }}
with:
workload_identity_provider: ${{ secrets.DATA_TEAM_PROVIDER_NAME }}
service_account: ${{ secrets.DATA_TEAM_SA_EMAIL }}
- uses: google-github-actions/setup-gcloud@v0
- run: echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT
shell: bash
id: pnpm-cache
- name: Cache pnpm store
uses: actions/cache@v3
with:
path: ${{ steps.pnpm-cache.outputs.STORE_PATH }}
key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }}
restore-keys: ${{ runner.os }}-pnpm-store-
- run: pnpm install
- run: xvfb-run -a pnpm -C vscode run test:e2e --shard=${{ matrix.shard }}
if: matrix.runner == 'ubuntu'
- run: pnpm -C vscode run test:e2e
if: matrix.runner != 'ubuntu'
- uses: actions/upload-artifact@v3
if: ${{ failure() }}
with:
name: playwright-recordings ${{ matrix.runner }}
path: playwright/**/*.webm
# Use a single large mac for e2e tests as it runs in 4m instead of 6m (as of
# 2023-12-06)
#
# fixme(toolmantim): We should dedupe this Mac job with the above job using a
# matrix after Cody 1.0.0. It wasn't done beforehand because it requires
# updating the required status checks for merging PRs. Ideally it would just
# be https://github.com/sourcegraph/cody/blob/21a40be7297da70f310350e2557a069ea06326ce/.github/workflows/ci.yml#L76
test-e2e-macos:
runs-on: macos-latest-large
name: 'test-e2e (macos)'
timeout-minutes: 15
permissions:
id-token: write
contents: read
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version-file: .tool-versions
- uses: pnpm/action-setup@d882d12c64e032187b2edb46d3a0d003b7a43598 # SECURITY: pin third-party action hashes
- id: auth
uses: google-github-actions/auth@v0
# Skip auth if PR is from a fork
if: ${{ !github.event.pull_request.head.repo.fork }}
with:
workload_identity_provider: ${{ secrets.DATA_TEAM_PROVIDER_NAME }}
service_account: ${{ secrets.DATA_TEAM_SA_EMAIL }}
- uses: google-github-actions/setup-gcloud@v0
- run: echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT
shell: bash
id: pnpm-cache
- name: Cache pnpm store
uses: actions/cache@v3
with:
path: ${{ steps.pnpm-cache.outputs.STORE_PATH }}
key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }}
restore-keys: ${{ runner.os }}-pnpm-store-
- run: pnpm install
- run: pnpm -C vscode run test:e2e
- uses: actions/upload-artifact@v3
if: ${{ failure() }}
with:
name: playwright-recordings ${{ matrix.runner }}
path: playwright/**/*.webm
build:
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version-file: .tool-versions
- uses: pnpm/action-setup@d882d12c64e032187b2edb46d3a0d003b7a43598 # SECURITY: pin third-party action hashes
- run: echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT
shell: bash
id: pnpm-cache
- name: Cache pnpm store
uses: actions/cache@v3
with:
path: ${{ steps.pnpm-cache.outputs.STORE_PATH }}
key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }}
restore-keys: ${{ runner.os }}-pnpm-store-
- run: pnpm install
- run: pnpm exec biome ci --error-on-warnings .
- run: pnpm run build
- run: pnpm -C vscode run build
- run: CODY_RELEASE_TYPE=stable pnpm -C vscode run release:dry-run