fix(deps): update dependencies (renov): all minor updates #5035
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
############################################################################## | |
############################################################################## | |
# | |
# NOTE! | |
# | |
# Please read the README.md file in this directory that defines what should | |
# be placed in this file. | |
# | |
############################################################################## | |
############################################################################## | |
name: PR Workflow | |
on: | |
pull_request: | |
branches: | |
- '**' | |
env: | |
CODECOV_UNIQUE_NAME: CODECOV_UNIQUE_NAME-${{ github.run_id }}-${{ github.run_number }} | |
jobs: | |
Code-Quality-Checks: | |
name: Check for linting, formatting, and type errors | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repository content | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 2 | |
persist-credentials: true | |
- name: Set up Node.js | |
uses: actions/setup-node@v4 | |
with: | |
node-version: '22.x' | |
- name: Count number of lines | |
run: | | |
chmod +x ./.github/workflows/countline.py | |
./.github/workflows/countline.py --lines 600 --exclude_files src/types/generatedGraphQLTypes.ts tests src/typeDefs/types.ts src/constants.ts src/typeDefs/inputs.ts | |
- name: Check for TSDoc comments | |
run: npm run check-tsdoc # Run the TSDoc check script | |
- name: Restore node_modules from cache | |
id: cache-npm | |
uses: actions/cache@v4 | |
env: | |
cache-name: cache-node-modules | |
with: | |
path: | | |
~/.npm | |
node_modules | |
key: ${{ runner.os }}-code-quality-checks-${{ env.cache-name }}-${{ hashFiles('**/package-lock.json') }} | |
restore-keys: | | |
${{ runner.os }}-code-quality-checks-${{ env.cache-name }}- | |
${{ runner.os }}-code-quality-checks- | |
${{ runner.os }}- | |
- name: Install Dependencies | |
run: npm ci | |
# Lint, but exclude typescript files in the .eslintignore file | |
# or else we'll get failures | |
- name: Get changed files | |
id: changed_files | |
uses: tj-actions/changed-files@v44 | |
with: | |
files: | | |
**.ts | |
'!src/types/**.ts' | |
- name: Run ESLint to check for linting errors in modified files | |
if: steps.changed_files.outputs.any_changed == 'true' | |
env: | |
CHANGED_FILES: ${{ steps.changed_files.outputs.all_changed_files }} | |
run: npx eslint ${CHANGED_FILES} --max-warnings=1500 | |
- name: Check for formatting errors | |
run: npm run format:check | |
- name: Run Typescript Type-Checker | |
run: npm run typecheck | |
- name: Check if the source and target branches are different | |
if: ${{ github.event.pull_request.base.ref == github.event.pull_request.head.ref }} | |
run: | | |
echo "Source Branch ${{ github.event.pull_request.head.ref }}" | |
echo "Target Branch ${{ github.event.pull_request.base.ref }}" | |
echo "Error: Source and Target Branches are the same. Please ensure they are different." | |
echo "Error: Close this PR and try again." | |
exit 1 | |
Check-Sensitive-Files: | |
if: ${{ github.actor != 'dependabot[bot]' && !contains(github.event.pull_request.labels.*.name, 'ignore-sensitive-files-pr') }} | |
name: Checks if sensitive files have been changed without authorization | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 2 | |
persist-credentials: true | |
- name: Get Changed Unauthorized files | |
id: changed-unauth-files | |
uses: tj-actions/changed-files@v44 | |
with: | |
files: | | |
.github/** | |
.husky/** | |
scripts/** | |
sample_data/** | |
.env.sample | |
.dockerignore | |
.node-version | |
tsconfig.json | |
.gitignore | |
.eslintrc.json | |
.eslintignore | |
.prettierrc.json | |
.prettierignore | |
vite.config.ts | |
CODEOWNERS | |
LICENSE | |
docker-compose.dev.yaml | |
docker-compose.prod.yaml | |
setup.ts | |
schema.graphql | |
.coderabbit.yaml | |
CODE_OF_CONDUCT.md | |
CONTRIBUTING.md | |
DOCUMENTATION.md | |
INSTALLATION.md | |
ISSUE_GUIDELINES.md | |
PR_GUIDELINES.md | |
README.md | |
- name: List all changed unauthorized files | |
if: steps.changed-unauth-files.outputs.any_changed == 'true' || steps.changed-unauth-files.outputs.any_deleted == 'true' | |
env: | |
CHANGED_UNAUTH_FILES: ${{ steps.changed-unauth-files.outputs.all_changed_files }} | |
run: | | |
for file in ${CHANGED_UNAUTH_FILES}; do | |
echo "$file is unauthorized to change/delete" | |
done | |
exit 1 | |
File-count-check: | |
if: ${{ github.actor != 'dependabot[bot]' }} | |
name: Checks if number of files changed is acceptable | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 2 | |
persist-credentials: true | |
- name: Get changed files | |
id: changed-files | |
uses: tj-actions/changed-files@v44 | |
- name: Echo number of changed files | |
env: | |
CHANGED_FILES_COUNT: ${{ steps.changed-files.outputs.all_changed_files_count }} | |
run: | | |
echo "Number of files changed: $CHANGED_FILES_COUNT" | |
- name: Check if the number of changed files is less than 100 | |
if: steps.changed-files.outputs.all_changed_files_count > 100 | |
env: | |
CHANGED_FILES_COUNT: ${{ steps.changed-files.outputs.all_changed_files_count }} | |
run: | | |
echo "Error: Too many files (greater than 100) changed in the pull request." | |
echo "Possible issues:" | |
echo "- Contributor may be merging into an incorrect branch." | |
echo "- Source branch may be incorrect please use develop as source branch." | |
exit 1 | |
Check-ESlint-Disable: | |
name: Check for eslint-disable | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Get changed files | |
id: changed-files | |
uses: tj-actions/changed-files@v45 | |
- name: Set up Python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: 3.9 | |
- name: Run Python script | |
run: | | |
python .github/workflows/eslint_disable_check.py --files ${{ steps.changed-files.outputs.all_changed_files }} | |
Check-Code-Coverage-Disable: | |
name: Check for code coverage disable | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Get changed files | |
id: changed-files | |
uses: tj-actions/changed-files@v45 | |
- name: Set up Python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: 3.9 | |
- name: Run Python script | |
run: | | |
python .github/workflows/code_coverage_disable_check.py --files ${{ steps.changed-files.outputs.all_changed_files }} | |
Test-Application: | |
name: Testing Application | |
runs-on: ubuntu-latest | |
needs: [Code-Quality-Checks, Check-ESlint-Disable, Check-Code-Coverage-Disable] | |
strategy: | |
matrix: | |
node-version: [22.x] | |
services: | |
mongo: | |
image: mongo:4.4 | |
options: >- | |
--health-cmd mongo | |
--health-interval 10s | |
--health-timeout 5s | |
--health-retries 10 | |
ports: | |
- 27017:27017 | |
redis: | |
image: redis:6.2 | |
options: >- | |
--health-cmd "redis-cli ping" | |
--health-interval 10s | |
--health-timeout 5s | |
--health-retries 10 | |
ports: | |
- 6379:6379 | |
env: | |
MONGO_DB_URL: mongodb://localhost:27017/talawa-test-db | |
REDIS_HOST: localhost | |
REDIS_PORT: 6379 | |
RECAPTCHA_SITE_KEY: ${{secrets.RECAPTCHA_SITE_KEY}} | |
RECAPTCHA_SECRET_KEY: ${{secrets.RECAPTCHA_SECRET_KEY}} | |
MAIL_USERNAME: ${{secrets.MAIL_USERNAME}} | |
MAIL_PASSWORD: ${{secrets.MAIL_PASSWORD}} | |
IS_SMTP: "" | |
SMTP_HOST: "" | |
SMTP_PASSWORD: "" | |
SMTP_USERNAME: "" | |
LAST_RESORT_SUPERADMIN_EMAIL: "[email protected]" | |
COLORIZE_LOGS: "true" | |
LOG_LEVEL: "info" | |
# ACCESS_TOKEN_SECRET: ${{ secrets.ACCESS_TOKEN_SECRET }} | |
# REFRESH_TOKEN_SECRET: ${{ secrets.REFRESH_TOKEN_SECRET }} | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Set up Node.js | |
uses: actions/setup-node@v4 | |
with: | |
node-version: '22.x' | |
- name: Generate Access Token Secret | |
run: echo "ACCESS_TOKEN_SECRET=$(openssl rand -hex 32)" >> $GITHUB_ENV | |
- name: Generate Refresh Token Secret | |
run: echo "REFRESH_TOKEN_SECRET=$(openssl rand -hex 32)" >> $GITHUB_ENV | |
- name: Set up SERVER_PORT env | |
run: echo "SERVER_PORT=4000" >> $GITHUB_ENV | |
- name: Set up Node.js ${{ matrix.node-version }} | |
uses: actions/setup-node@v4 | |
- name: Install dependencies | |
run: npm ci | |
- name: Sleep for 10s | |
uses: juliangruber/sleep-action@v2 | |
with: | |
time: 10s | |
- name: Create a videos directory | |
run: mkdir -p videos | |
- name: Run the tests | |
run: npm run test | |
- name: Import Sample Data | |
run: npm run import:sample-data | |
- name: Present and upload coverage to Codecov as ${{env.CODECOV_UNIQUE_NAME}} | |
uses: codecov/codecov-action@v4 | |
with: | |
verbose: true | |
token: ${{ secrets.CODECOV_TOKEN }} | |
fail_ci_if_error: false | |
name: '${{env.CODECOV_UNIQUE_NAME}}' | |
- name: Test acceptable level of code coverage | |
uses: VeryGoodOpenSource/very_good_coverage@v2 | |
with: | |
path: './coverage/lcov.info' | |
min_coverage: 95.0 | |
Docker-Check: | |
name: Docker Check | |
needs: Test-Application | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Set up Node.js | |
uses: actions/setup-node@v4 | |
with: | |
node-version: '22.x' | |
- name: Cache Node.js dependencies | |
uses: actions/cache@v4 | |
with: | |
path: | | |
~/.npm | |
node_modules | |
key: ${{ runner.os }}-docker-check-${{ hashFiles('**/package-lock.json') }} | |
restore-keys: | | |
${{ runner.os }}-docker-check- | |
- name: Install Docker Compose | |
run: | | |
sudo apt-get update | |
sudo apt-get install -y docker-compose | |
- name: Check if Talawa API starts in Docker | |
run: | | |
# Ensure no containers are running | |
docker-compose -f docker-compose.dev.yaml down -v || true | |
# Verify docker-compose file exists | |
chmod +x .github/workflows/scripts/docker_file_check.sh | |
./.github/workflows/scripts/docker_file_check.sh | |
# Start containers | |
if ! timeout 300 docker-compose -f docker-compose.dev.yaml up -d --build; then | |
echo "Failed to start containers" | |
docker-compose -f docker-compose.dev.yaml logs | |
exit 1 | |
fi | |
# Wait for MongoDB and Redis to be ready | |
echo "Waiting for MongoDB..." | |
timeout=30 | |
until docker-compose -f docker-compose.dev.yaml exec -T mongo mongosh --eval "db.runCommand({ ping: 1 }).ok">/dev/null 2>&1 || [ $timeout -eq 0 ]; do | |
echo "Waiting for MongoDB to be ready..." | |
sleep 1 | |
((timeout--)) | |
done | |
if [ $timeout -eq 0 ]; then | |
echo "Error: MongoDB failed to start within timeout" | |
echo "Fetching MongoDB logs..." | |
docker-compose -f docker-compose.dev.yaml logs mongodb | |
echo "Shutting down MongoDB..." | |
docker-compose -f docker-compose.dev.yaml down -v | |
exit 1 | |
else | |
echo "MongoDB is ready!" | |
fi | |
echo "Waiting for Redis..." | |
timeout=30 | |
until docker-compose -f docker-compose.dev.yaml exec -T redis-stack-server redis-cli ping >/dev/null 2>&1 || [ $timeout -eq 0 ]; do | |
sleep 1 | |
((timeout--)) | |
done | |
if [ $timeout -eq 0 ]; then | |
echo "Error: Redis failed to start within timeout" | |
echo "Fetching Redis logs..." | |
docker-compose -f docker-compose.dev.yaml logs redis-stack-server | |
echo "Shutting down Redis..." | |
docker-compose -f docker-compose.dev.yaml down -v | |
exit 1 | |
else | |
echo "Redis is ready!" | |
fi | |
# Wait for TALAWA API to be healthy | |
timeout=60 | |
until docker-compose -f docker-compose.dev.yaml exec -T talawa-api-dev curl -v -X OPTIONS "http://talawa-api-dev:4000/graphql" 2>&1 || [ $timeout -eq 0 ]; do | |
echo "Waiting for API to start... ($timeout seconds remaining)" | |
sleep 1 | |
((timeout--)) | |
done | |
if [ $timeout -eq 0 ]; then | |
echo "Error: API failed to start within timeout" | |
docker-compose -f docker-compose.dev.yaml logs | |
docker-compose -f docker-compose.dev.yaml down -v | |
exit 1 | |
fi | |
echo "API started successfully" | |
# Ensure cleanup runs even if the script fails | |
cleanup() { | |
local exit_code=$? | |
echo "Cleaning up containers..." | |
if ! docker-compose -f docker-compose.dev.yaml down -v; then | |
echo "Warning: Failed to cleanup containers" | |
fi | |
exit $exit_code | |
} | |
trap cleanup EXIT | |
env: | |
HEALTH_CHECK_URL: http://localhost:4000 | |
COMPOSE_PROJECT_NAME: pr-${{ github.event.pull_request.number }} | |
MONGO_DB_URL: mongodb://mongo:27017?replicaSet=rs0 | |
REDIS_HOST: redis-stack-server | |
REDIS_PORT: 6379 | |
ACCESS_TOKEN_SECRET: ${{ secrets.GITHUB_TOKEN }}_${{ github.run_id }}_${{ github.run_number }} | |
REFRESH_TOKEN_SECRET: ${{ secrets.GITHUB_TOKEN }}_${{ github.run_id }}_${{ github.run_attempt }} | |
LAST_RESORT_SUPERADMIN_EMAIL: "[email protected]" | |
COLORIZE_LOGS: "true" | |
LOG_LEVEL: "info" | |
RECAPTCHA_SITE_KEY: ${{secrets.RECAPTCHA_SITE_KEY}} | |
RECAPTCHA_SECRET_KEY: ${{secrets.RECAPTCHA_SECRET_KEY}} | |
MAIL_USERNAME: ${{secrets.MAIL_USERNAME}} | |
MAIL_PASSWORD: ${{secrets.MAIL_PASSWORD}} | |
Test-Builds: | |
name: Test Development and Production Builds | |
runs-on: ubuntu-latest | |
needs: Test-Application | |
strategy: | |
matrix: | |
node-version: [22.x] | |
services: | |
mongo: | |
image: mongo:4.4 | |
options: >- | |
--health-cmd mongo | |
--health-interval 10s | |
--health-timeout 5s | |
--health-retries 10 | |
ports: | |
- 27017:27017 | |
redis: | |
image: redis:6.2 | |
options: >- | |
--health-cmd "redis-cli ping" | |
--health-interval 10s | |
--health-timeout 5s | |
--health-retries 10 | |
ports: | |
- 6379:6379 | |
env: | |
MONGO_DB_URL: mongodb://localhost:27017/talawa-test-db | |
REDIS_HOST: localhost | |
REDIS_PORT: 6379 | |
LAST_RESORT_SUPERADMIN_EMAIL: "[email protected]" | |
COLORIZE_LOGS: "true" | |
LOG_LEVEL: "info" | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Set up Node.js | |
uses: actions/setup-node@v4 | |
with: | |
node-version: ${{ matrix.node-version }} | |
- name: Install dependencies | |
run: npm ci | |
- name: Generate Secrets | |
run: | | |
echo "Generating secrets..." | |
{ | |
echo "ACCESS_TOKEN_SECRET=$(openssl rand -hex 32)" | |
echo "REFRESH_TOKEN_SECRET=$(openssl rand -hex 32)" | |
echo "SERVER_PORT=4000" | |
} >> "$GITHUB_ENV" | |
- name: Check MongoDB and Redis Availability | |
run: | | |
echo "Checking MongoDB and Redis availability..." | |
for i in {1..10}; do | |
if nc -z localhost 27017 && nc -z localhost 6379; then | |
echo "MongoDB and Redis are available!" | |
break | |
fi | |
echo "Waiting for MongoDB and Redis..." | |
sleep 5 | |
done | |
- name: Test Development Build | |
run: | | |
echo "Testing development build..." | |
NODE_ENV=development npm run dev & | |
DEV_PID=$! | |
sleep 10 | |
if curl -f http://localhost:4000 | jq -e '. == {"talawa-version":"v1","status":"healthy"}' > /dev/null; then | |
echo "Development server is up and healthy" | |
else | |
echo "Development server is down" | |
kill $DEV_PID | |
exit 1 | |
fi | |
- name: Check Apollo Server for development | |
run: | | |
echo "Checking Apollo server for development..." | |
if curl -f 'http://localhost:4000/graphql?query=%7B__typename%7D' \ | |
-H 'Apollo-Require-Preflight: true' | jq -e '. == {"data":{"__typename":"Query"}}' > /dev/null; then | |
echo "Apollo server is up and healthy" | |
else | |
echo "Apollo server is down" | |
exit 1 | |
fi | |
echo "Stopping development server..." | |
kill -9 $DEV_PID || echo "Process already stopped." | |
- name: Generate SSL Certificates for Production | |
run: | | |
echo "Generating SSL certificates for production..." | |
npm run generate:ssl-private-key | |
- name: Build Production Build | |
run: | | |
echo "Building production build..." | |
NODE_ENV=production npm run build | |
- name: Test Production Build | |
run: | | |
echo "Testing production build..." | |
lsof -ti:4000 | xargs -r kill -9 || echo "No process was using port 4000." | |
NODE_ENV=production SERVER_PORT=4001 npm run prod & | |
PROD_PID=$! | |
echo "Waiting for server to stabilize..." | |
sleep 10 | |
if curl -f -k https://localhost:4001 | jq -e '. == {"talawa-version":"v1","status":"healthy"}' > /dev/null; then | |
echo "Production server is up and healthy." | |
else | |
echo "Production server is down. Cleaning up..." | |
kill -9 $PROD_PID || echo "Process already stopped." | |
exit 1 | |
fi | |
- name: Check Apollo Server for Production | |
run: | | |
echo "Checking Apollo server for production..." | |
if curl -f -k 'https://localhost:4001/graphql?query=%7B__typename%7D' \ | |
-H 'Apollo-Require-Preflight: true' | jq -e '. == {"data":{"__typename":"Query"}}' > /dev/null; then | |
echo "Apollo server is up and healthy" | |
else | |
echo "Apollo server is down" | |
exit 1 | |
fi | |
echo "Stopping production server..." | |
kill -9 $PROD_PID || echo "Process already stopped." | |
- name: Clean Up Resources | |
if: always() | |
run: | | |
echo "Cleaning up background processes and temporary files..." | |
pkill -f "npm run dev" || echo "No dev process found." | |
pkill -f "npm run prod" || echo "No prod process found." | |
rm -f key.pem cert.pem | |
JSDocs: | |
if: ${{ github.actor != 'dependabot[bot]' }} | |
name: 'JSDocs comments and pipeline' | |
runs-on: ubuntu-latest | |
needs: Test-Application | |
steps: | |
- uses: actions/checkout@v4 | |
- name: 'Check whether comments exists for JSDocs' | |
run: | | |
chmod +x ./.github/workflows/check-jsdocs-comment.py | |
./.github/workflows/check-jsdocs-comment.py | |
- name: 'Run JSDocs' | |
if: env.RUN_JSDOCS == 'True' | |
run: echo "Run JSdocs :${{ env.RUN_JSDOCS }}" | |
Branch-check: | |
if: ${{ github.actor != 'dependabot[bot]' }} | |
name: "Base branch check" | |
runs-on: ubuntu-latest | |
steps: | |
- name: "Check if base branch is develop" | |
if: github.event.pull_request.base.ref != 'develop' | |
run: | | |
echo "PR is not against develop branch. Please refer PR_GUIDELINES.md" | |
echo "Error: Close this PR and try again." | |
exit 1 | |
Validate-Coderabbit: | |
name: Validate CodeRabbit Approval | |
runs-on: ubuntu-latest | |
if: github.actor != 'dependabot[bot]' | |
needs: [Test-Builds] | |
steps: | |
- name: Checkout Repository | |
uses: actions/checkout@v4 | |
- name: Validate CodeRabbit.ai Approval | |
run: | | |
chmod +x $GITHUB_WORKSPACE/.github/workflows/scripts/validate-coderabbit.sh | |
$GITHUB_WORKSPACE/.github/workflows/scripts/validate-coderabbit.sh | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
PR_NUMBER: ${{ github.event.pull_request.number }} | |
GITHUB_REPOSITORY: ${{ github.repository }} | |