diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 00000000..f83bc431 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,12 @@ +# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates +version: 2 +updates: + - package-ecosystem: 'github-actions' + directory: '.github/workflows' + schedule: + interval: 'daily' + - package-ecosystem: 'npm' + directory: '/' + schedule: + interval: 'weekly' + day: 'monday' diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml deleted file mode 100644 index 827969fe..00000000 --- a/.github/workflows/release.yml +++ /dev/null @@ -1,29 +0,0 @@ -# See https://docs.github.com/en/actions/publishing-packages/publishing-nodejs-packages -name: release -on: - workflow_dispatch: - inputs: - version: - type: string - required: true - description: 'Version to release. Released package is based on the version suffix: -web, -common, -node' -# TODO: trigger on release, currently it's just manual dispatch -# release: -# types: [created] -jobs: - build: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - # Setup .npmrc file to publish to npm - - uses: actions/setup-node@v3 - with: - node-version: '16.x' - registry-url: 'https://registry.npmjs.org' - - run: npm config set access public - - run: npm i --ignore-scripts - - name: Build package and prepare package.json - run: NODE_OPTIONS="-r ts-node/register" node .build/build_and_prepare.ts ${{ github.event.inputs.version }} - - run: npm publish --access public - env: - NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 74c25a21..74a0b57c 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -1,5 +1,6 @@ name: 'tests' +permissions: {} on: workflow_dispatch: push: @@ -222,7 +223,6 @@ jobs: web-integration-tests-cloud-smt: needs: node-unit-tests runs-on: ubuntu-latest - permissions: write-all steps: - uses: actions/checkout@main