Skip to content

chore(deps): update ruby on rails packages to v8.1.3 #4708

chore(deps): update ruby on rails packages to v8.1.3

chore(deps): update ruby on rails packages to v8.1.3 #4708

Workflow file for this run

# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
# This workflow will download a prebuilt Ruby version, install dependencies and run tests with Rake
# For more information see: https://github.com/marketplace/actions/setup-ruby-jruby-and-truffleruby
name: Audit
on:
pull_request:
branches:
- master
- staging
jobs:
audit:
runs-on: ubuntu-latest
services:
postgres:
image: postgres
env:
POSTGRES_PASSWORD: postgres
ports:
- 5432:5432
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
steps:
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
- uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
with:
path: vendor/bundle
key: ${{ runner.os }}-gems-${{ hashFiles('**/Gemfile.lock') }}
restore-keys: |
${{ runner.os }}-gems-
- name: Set up Ruby
uses: ruby/setup-ruby@9eb537ca036ebaed86729dcb9309076e4c5c3b74 # v1.314.0
with:
ruby-version: 4.0.5
- name: Bundle install
run: |
bundle config path vendor/bundle
bundle install --jobs 4 --retry 3
- name: Read Node.js version to install from `.nvmrc`
run: echo "##[set-output name=NVMRC;]$(cat .nvmrc)"
id: nvm
- name: Install required Node.js version
uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
with:
node-version: "${{ steps.nvm.outputs.NVMRC }}"
- name: Get Yarn cache directory path
id: yarn-cache
run: echo "::set-output name=dir::$(yarn cache dir)"
- name: Setup cache key and directory for node_modules cache
uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
with:
path: ${{ steps.yarn-cache.outputs.dir }}
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
- name: Yarn install
run: yarn --frozen-lockfile
- if: ${{ github.actor != 'dependabot[bot]' && github.actor != 'renovate[bot]' }}
name: Yarn audit
run: npx audit-ci --config .audit-ci.json
- if: ${{ github.actor != 'dependabot[bot]' && github.actor != 'renovate[bot]' }}
name: Bundler Audit
run: bundle exec bundle-audit check --update