Checks whether all dependencies in the package.json are fixed.
You can use a specific version of this action. The latest published version is v1.0.13. You can also use latest to always get the latest version.
{
"dependencies": {
"lodash": "4.7.0", // accepted
"lodash": "=4.7.0", // accepted
"lodash": "latest", // not accepted
"lodash": ">4.7.0", // not accepted
"lodash": "^4.7.0", // not accepted
"lodash": "~4.7.0" // not accepted
}
}check-dependencies:
runs-on: ubuntu-latest
steps:
- name: Checkout latest code
uses: actions/checkout@v4
- name: Use Node.js 16.x
uses: actions/[email protected]
with:
node-version: 16.x
- name: Check dependencies
uses: tangro/[email protected]
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITHUB_CONTEXT: ${{ toJson(github) }}Attention Do not forget to pass the
GITHUB_TOKENandGITHUB_CONTEXTto thetangro/actions-fixed-dependenciesaction. Hint You do not need anpm installstep. This speeds up the job significantly
Steps this example job will perform
- Check out the latest code
- Use node v12
- (this action) Check the dependencies
The action will read the contents of the package.json and scan the dependencies and devDependencies by default. You can disable checking dependencies and devDependencies in the arguments.
The action will set a status to the commit to pending under the context Tangro CI/fixed-dependencies. When it finishes it will set the result as the description of the status.
It is also possible that the action posts a comment with the result to the commit. You have to set post-comment to true.
check-dependencies:
runs-on: ubuntu-latest
steps:
- name: Checkout latest code
uses: actions/checkout@v4
- name: Use Node.js 16.x
uses: actions/[email protected]
with:
node-version: 16.x
- name: Check dependencies
uses: tangro/[email protected]
with:
check-dev-dependencies: false
post-comment: true
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITHUB_CONTEXT: ${{ toJson(github) }}This config will skip checking the dev dependencies and will post a comment when the dependency check failed
You can also publish the test results to a static file server. The action will write the results into dependencies/index.html.
You can publish the results with our custom deploy actions
check-dependencies:
runs-on: ubuntu-latest
steps:
- name: Checkout latest code
uses: actions/checkout@v4
- name: Use Node.js 16.x
uses: actions/[email protected]
with:
node-version: 16.x
- name: Check dependencies
uses: tangro/[email protected]
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITHUB_CONTEXT: ${{ toJson(github) }}
- name: Zip license check result
if: always()
run: |
cd dependencies
zip --quiet --recurse-paths ../dependencies.zip *
- name: Deploy dependencies result
if: always()
uses: tangro/[email protected]
with:
context: auto
zip-file: dependencies.zip
deploy-url: ${{secrets.DEPLOY_URL}}
project: fixed-dependencies
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITHUB_CONTEXT: ${{ toJson(github) }}
DEPLOY_PASSWORD: ${{ secrets.DEPLOY_PASSWORD }}
DEPLOY_USER: ${{ secrets.DEPLOY_USER }}Attention Do not forget to use the correct
DEPLOY_URLand provide all the tokens the actions need.
Follow the guide of the tangro-actions-template
-
npm run update-readme- Run this script to update the README with the latest versions.You do not have to run this script, since it is run automatically by the release action
-
npm run update-dependencies- Run this script to update all the dependencies