Skip to content

fix(deps): update dependencies (renov): all minor updates #5035

fix(deps): update dependencies (renov): all minor updates

fix(deps): update dependencies (renov): all minor updates #5035

Workflow file for this run

##############################################################################
##############################################################################
#
# NOTE!
#
# Please read the README.md file in this directory that defines what should
# be placed in this file.
#
##############################################################################
##############################################################################
name: PR Workflow
on:
pull_request:
branches:
- '**'
env:
CODECOV_UNIQUE_NAME: CODECOV_UNIQUE_NAME-${{ github.run_id }}-${{ github.run_number }}
jobs:
Code-Quality-Checks:
name: Check for linting, formatting, and type errors
runs-on: ubuntu-latest
steps:
- name: Checkout repository content
uses: actions/checkout@v4
with:
fetch-depth: 2
persist-credentials: true
- name: Set up Node.js
uses: actions/setup-node@v4
with:
node-version: '22.x'
- name: Count number of lines
run: |
chmod +x ./.github/workflows/countline.py
./.github/workflows/countline.py --lines 600 --exclude_files src/types/generatedGraphQLTypes.ts tests src/typeDefs/types.ts src/constants.ts src/typeDefs/inputs.ts
- name: Check for TSDoc comments
run: npm run check-tsdoc # Run the TSDoc check script
- name: Restore node_modules from cache
id: cache-npm
uses: actions/cache@v4
env:
cache-name: cache-node-modules
with:
path: |
~/.npm
node_modules
key: ${{ runner.os }}-code-quality-checks-${{ env.cache-name }}-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-code-quality-checks-${{ env.cache-name }}-
${{ runner.os }}-code-quality-checks-
${{ runner.os }}-
- name: Install Dependencies
run: npm ci
# Lint, but exclude typescript files in the .eslintignore file
# or else we'll get failures
- name: Get changed files
id: changed_files
uses: tj-actions/changed-files@v44
with:
files: |
**.ts
'!src/types/**.ts'
- name: Run ESLint to check for linting errors in modified files
if: steps.changed_files.outputs.any_changed == 'true'
env:
CHANGED_FILES: ${{ steps.changed_files.outputs.all_changed_files }}
run: npx eslint ${CHANGED_FILES} --max-warnings=1500
- name: Check for formatting errors
run: npm run format:check
- name: Run Typescript Type-Checker
run: npm run typecheck
- name: Check if the source and target branches are different
if: ${{ github.event.pull_request.base.ref == github.event.pull_request.head.ref }}
run: |
echo "Source Branch ${{ github.event.pull_request.head.ref }}"
echo "Target Branch ${{ github.event.pull_request.base.ref }}"
echo "Error: Source and Target Branches are the same. Please ensure they are different."
echo "Error: Close this PR and try again."
exit 1
Check-Sensitive-Files:
if: ${{ github.actor != 'dependabot[bot]' && !contains(github.event.pull_request.labels.*.name, 'ignore-sensitive-files-pr') }}
name: Checks if sensitive files have been changed without authorization
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 2
persist-credentials: true
- name: Get Changed Unauthorized files
id: changed-unauth-files
uses: tj-actions/changed-files@v44
with:
files: |
.github/**
.husky/**
scripts/**
sample_data/**
.env.sample
.dockerignore
.node-version
tsconfig.json
.gitignore
.eslintrc.json
.eslintignore
.prettierrc.json
.prettierignore
vite.config.ts
CODEOWNERS
LICENSE
docker-compose.dev.yaml
docker-compose.prod.yaml
setup.ts
schema.graphql
.coderabbit.yaml
CODE_OF_CONDUCT.md
CONTRIBUTING.md
DOCUMENTATION.md
INSTALLATION.md
ISSUE_GUIDELINES.md
PR_GUIDELINES.md
README.md
- name: List all changed unauthorized files
if: steps.changed-unauth-files.outputs.any_changed == 'true' || steps.changed-unauth-files.outputs.any_deleted == 'true'
env:
CHANGED_UNAUTH_FILES: ${{ steps.changed-unauth-files.outputs.all_changed_files }}
run: |
for file in ${CHANGED_UNAUTH_FILES}; do
echo "$file is unauthorized to change/delete"
done
exit 1
File-count-check:
if: ${{ github.actor != 'dependabot[bot]' }}
name: Checks if number of files changed is acceptable
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 2
persist-credentials: true
- name: Get changed files
id: changed-files
uses: tj-actions/changed-files@v44
- name: Echo number of changed files
env:
CHANGED_FILES_COUNT: ${{ steps.changed-files.outputs.all_changed_files_count }}
run: |
echo "Number of files changed: $CHANGED_FILES_COUNT"
- name: Check if the number of changed files is less than 100
if: steps.changed-files.outputs.all_changed_files_count > 100
env:
CHANGED_FILES_COUNT: ${{ steps.changed-files.outputs.all_changed_files_count }}
run: |
echo "Error: Too many files (greater than 100) changed in the pull request."
echo "Possible issues:"
echo "- Contributor may be merging into an incorrect branch."
echo "- Source branch may be incorrect please use develop as source branch."
exit 1
Check-ESlint-Disable:
name: Check for eslint-disable
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Get changed files
id: changed-files
uses: tj-actions/changed-files@v45
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: 3.9
- name: Run Python script
run: |
python .github/workflows/eslint_disable_check.py --files ${{ steps.changed-files.outputs.all_changed_files }}
Check-Code-Coverage-Disable:
name: Check for code coverage disable
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Get changed files
id: changed-files
uses: tj-actions/changed-files@v45
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: 3.9
- name: Run Python script
run: |
python .github/workflows/code_coverage_disable_check.py --files ${{ steps.changed-files.outputs.all_changed_files }}
Test-Application:
name: Testing Application
runs-on: ubuntu-latest
needs: [Code-Quality-Checks, Check-ESlint-Disable, Check-Code-Coverage-Disable]
strategy:
matrix:
node-version: [22.x]
services:
mongo:
image: mongo:4.4
options: >-
--health-cmd mongo
--health-interval 10s
--health-timeout 5s
--health-retries 10
ports:
- 27017:27017
redis:
image: redis:6.2
options: >-
--health-cmd "redis-cli ping"
--health-interval 10s
--health-timeout 5s
--health-retries 10
ports:
- 6379:6379
env:
MONGO_DB_URL: mongodb://localhost:27017/talawa-test-db
REDIS_HOST: localhost
REDIS_PORT: 6379
RECAPTCHA_SITE_KEY: ${{secrets.RECAPTCHA_SITE_KEY}}
RECAPTCHA_SECRET_KEY: ${{secrets.RECAPTCHA_SECRET_KEY}}
MAIL_USERNAME: ${{secrets.MAIL_USERNAME}}
MAIL_PASSWORD: ${{secrets.MAIL_PASSWORD}}
IS_SMTP: ""
SMTP_HOST: ""
SMTP_PASSWORD: ""
SMTP_USERNAME: ""
LAST_RESORT_SUPERADMIN_EMAIL: "[email protected]"
COLORIZE_LOGS: "true"
LOG_LEVEL: "info"
# ACCESS_TOKEN_SECRET: ${{ secrets.ACCESS_TOKEN_SECRET }}
# REFRESH_TOKEN_SECRET: ${{ secrets.REFRESH_TOKEN_SECRET }}
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Set up Node.js
uses: actions/setup-node@v4
with:
node-version: '22.x'
- name: Generate Access Token Secret
run: echo "ACCESS_TOKEN_SECRET=$(openssl rand -hex 32)" >> $GITHUB_ENV
- name: Generate Refresh Token Secret
run: echo "REFRESH_TOKEN_SECRET=$(openssl rand -hex 32)" >> $GITHUB_ENV
- name: Set up SERVER_PORT env
run: echo "SERVER_PORT=4000" >> $GITHUB_ENV
- name: Set up Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v4
- name: Install dependencies
run: npm ci
- name: Sleep for 10s
uses: juliangruber/sleep-action@v2
with:
time: 10s
- name: Create a videos directory
run: mkdir -p videos
- name: Run the tests
run: npm run test
- name: Import Sample Data
run: npm run import:sample-data
- name: Present and upload coverage to Codecov as ${{env.CODECOV_UNIQUE_NAME}}
uses: codecov/codecov-action@v4
with:
verbose: true
token: ${{ secrets.CODECOV_TOKEN }}
fail_ci_if_error: false
name: '${{env.CODECOV_UNIQUE_NAME}}'
- name: Test acceptable level of code coverage
uses: VeryGoodOpenSource/very_good_coverage@v2
with:
path: './coverage/lcov.info'
min_coverage: 95.0
Docker-Check:
name: Docker Check
needs: Test-Application
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Set up Node.js
uses: actions/setup-node@v4
with:
node-version: '22.x'
- name: Cache Node.js dependencies
uses: actions/cache@v4
with:
path: |
~/.npm
node_modules
key: ${{ runner.os }}-docker-check-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-docker-check-
- name: Install Docker Compose
run: |
sudo apt-get update
sudo apt-get install -y docker-compose
- name: Check if Talawa API starts in Docker
run: |
# Ensure no containers are running
docker-compose -f docker-compose.dev.yaml down -v || true
# Verify docker-compose file exists
chmod +x .github/workflows/scripts/docker_file_check.sh
./.github/workflows/scripts/docker_file_check.sh
# Start containers
if ! timeout 300 docker-compose -f docker-compose.dev.yaml up -d --build; then
echo "Failed to start containers"
docker-compose -f docker-compose.dev.yaml logs
exit 1
fi
# Wait for MongoDB and Redis to be ready
echo "Waiting for MongoDB..."
timeout=30
until docker-compose -f docker-compose.dev.yaml exec -T mongo mongosh --eval "db.runCommand({ ping: 1 }).ok">/dev/null 2>&1 || [ $timeout -eq 0 ]; do
echo "Waiting for MongoDB to be ready..."
sleep 1
((timeout--))
done
if [ $timeout -eq 0 ]; then
echo "Error: MongoDB failed to start within timeout"
echo "Fetching MongoDB logs..."
docker-compose -f docker-compose.dev.yaml logs mongodb
echo "Shutting down MongoDB..."
docker-compose -f docker-compose.dev.yaml down -v
exit 1
else
echo "MongoDB is ready!"
fi
echo "Waiting for Redis..."
timeout=30
until docker-compose -f docker-compose.dev.yaml exec -T redis-stack-server redis-cli ping >/dev/null 2>&1 || [ $timeout -eq 0 ]; do
sleep 1
((timeout--))
done
if [ $timeout -eq 0 ]; then
echo "Error: Redis failed to start within timeout"
echo "Fetching Redis logs..."
docker-compose -f docker-compose.dev.yaml logs redis-stack-server
echo "Shutting down Redis..."
docker-compose -f docker-compose.dev.yaml down -v
exit 1
else
echo "Redis is ready!"
fi
# Wait for TALAWA API to be healthy
timeout=60
until docker-compose -f docker-compose.dev.yaml exec -T talawa-api-dev curl -v -X OPTIONS "http://talawa-api-dev:4000/graphql" 2>&1 || [ $timeout -eq 0 ]; do
echo "Waiting for API to start... ($timeout seconds remaining)"
sleep 1
((timeout--))
done
if [ $timeout -eq 0 ]; then
echo "Error: API failed to start within timeout"
docker-compose -f docker-compose.dev.yaml logs
docker-compose -f docker-compose.dev.yaml down -v
exit 1
fi
echo "API started successfully"
# Ensure cleanup runs even if the script fails
cleanup() {
local exit_code=$?
echo "Cleaning up containers..."
if ! docker-compose -f docker-compose.dev.yaml down -v; then
echo "Warning: Failed to cleanup containers"
fi
exit $exit_code
}
trap cleanup EXIT
env:
HEALTH_CHECK_URL: http://localhost:4000
COMPOSE_PROJECT_NAME: pr-${{ github.event.pull_request.number }}
MONGO_DB_URL: mongodb://mongo:27017?replicaSet=rs0
REDIS_HOST: redis-stack-server
REDIS_PORT: 6379
ACCESS_TOKEN_SECRET: ${{ secrets.GITHUB_TOKEN }}_${{ github.run_id }}_${{ github.run_number }}
REFRESH_TOKEN_SECRET: ${{ secrets.GITHUB_TOKEN }}_${{ github.run_id }}_${{ github.run_attempt }}
LAST_RESORT_SUPERADMIN_EMAIL: "[email protected]"
COLORIZE_LOGS: "true"
LOG_LEVEL: "info"
RECAPTCHA_SITE_KEY: ${{secrets.RECAPTCHA_SITE_KEY}}
RECAPTCHA_SECRET_KEY: ${{secrets.RECAPTCHA_SECRET_KEY}}
MAIL_USERNAME: ${{secrets.MAIL_USERNAME}}
MAIL_PASSWORD: ${{secrets.MAIL_PASSWORD}}
Test-Builds:
name: Test Development and Production Builds
runs-on: ubuntu-latest
needs: Test-Application
strategy:
matrix:
node-version: [22.x]
services:
mongo:
image: mongo:4.4
options: >-
--health-cmd mongo
--health-interval 10s
--health-timeout 5s
--health-retries 10
ports:
- 27017:27017
redis:
image: redis:6.2
options: >-
--health-cmd "redis-cli ping"
--health-interval 10s
--health-timeout 5s
--health-retries 10
ports:
- 6379:6379
env:
MONGO_DB_URL: mongodb://localhost:27017/talawa-test-db
REDIS_HOST: localhost
REDIS_PORT: 6379
LAST_RESORT_SUPERADMIN_EMAIL: "[email protected]"
COLORIZE_LOGS: "true"
LOG_LEVEL: "info"
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Set up Node.js
uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node-version }}
- name: Install dependencies
run: npm ci
- name: Generate Secrets
run: |
echo "Generating secrets..."
{
echo "ACCESS_TOKEN_SECRET=$(openssl rand -hex 32)"
echo "REFRESH_TOKEN_SECRET=$(openssl rand -hex 32)"
echo "SERVER_PORT=4000"
} >> "$GITHUB_ENV"
- name: Check MongoDB and Redis Availability
run: |
echo "Checking MongoDB and Redis availability..."
for i in {1..10}; do
if nc -z localhost 27017 && nc -z localhost 6379; then
echo "MongoDB and Redis are available!"
break
fi
echo "Waiting for MongoDB and Redis..."
sleep 5
done
- name: Test Development Build
run: |
echo "Testing development build..."
NODE_ENV=development npm run dev &
DEV_PID=$!
sleep 10
if curl -f http://localhost:4000 | jq -e '. == {"talawa-version":"v1","status":"healthy"}' > /dev/null; then
echo "Development server is up and healthy"
else
echo "Development server is down"
kill $DEV_PID
exit 1
fi
- name: Check Apollo Server for development
run: |
echo "Checking Apollo server for development..."
if curl -f 'http://localhost:4000/graphql?query=%7B__typename%7D' \
-H 'Apollo-Require-Preflight: true' | jq -e '. == {"data":{"__typename":"Query"}}' > /dev/null; then
echo "Apollo server is up and healthy"
else
echo "Apollo server is down"
exit 1
fi
echo "Stopping development server..."
kill -9 $DEV_PID || echo "Process already stopped."
- name: Generate SSL Certificates for Production
run: |
echo "Generating SSL certificates for production..."
npm run generate:ssl-private-key
- name: Build Production Build
run: |
echo "Building production build..."
NODE_ENV=production npm run build
- name: Test Production Build
run: |
echo "Testing production build..."
lsof -ti:4000 | xargs -r kill -9 || echo "No process was using port 4000."
NODE_ENV=production SERVER_PORT=4001 npm run prod &
PROD_PID=$!
echo "Waiting for server to stabilize..."
sleep 10
if curl -f -k https://localhost:4001 | jq -e '. == {"talawa-version":"v1","status":"healthy"}' > /dev/null; then
echo "Production server is up and healthy."
else
echo "Production server is down. Cleaning up..."
kill -9 $PROD_PID || echo "Process already stopped."
exit 1
fi
- name: Check Apollo Server for Production
run: |
echo "Checking Apollo server for production..."
if curl -f -k 'https://localhost:4001/graphql?query=%7B__typename%7D' \
-H 'Apollo-Require-Preflight: true' | jq -e '. == {"data":{"__typename":"Query"}}' > /dev/null; then
echo "Apollo server is up and healthy"
else
echo "Apollo server is down"
exit 1
fi
echo "Stopping production server..."
kill -9 $PROD_PID || echo "Process already stopped."
- name: Clean Up Resources
if: always()
run: |
echo "Cleaning up background processes and temporary files..."
pkill -f "npm run dev" || echo "No dev process found."
pkill -f "npm run prod" || echo "No prod process found."
rm -f key.pem cert.pem
JSDocs:
if: ${{ github.actor != 'dependabot[bot]' }}
name: 'JSDocs comments and pipeline'
runs-on: ubuntu-latest
needs: Test-Application
steps:
- uses: actions/checkout@v4
- name: 'Check whether comments exists for JSDocs'
run: |
chmod +x ./.github/workflows/check-jsdocs-comment.py
./.github/workflows/check-jsdocs-comment.py
- name: 'Run JSDocs'
if: env.RUN_JSDOCS == 'True'
run: echo "Run JSdocs :${{ env.RUN_JSDOCS }}"
Branch-check:
if: ${{ github.actor != 'dependabot[bot]' }}
name: "Base branch check"
runs-on: ubuntu-latest
steps:
- name: "Check if base branch is develop"
if: github.event.pull_request.base.ref != 'develop'
run: |
echo "PR is not against develop branch. Please refer PR_GUIDELINES.md"
echo "Error: Close this PR and try again."
exit 1
Validate-Coderabbit:
name: Validate CodeRabbit Approval
runs-on: ubuntu-latest
if: github.actor != 'dependabot[bot]'
needs: [Test-Builds]
steps:
- name: Checkout Repository
uses: actions/checkout@v4
- name: Validate CodeRabbit.ai Approval
run: |
chmod +x $GITHUB_WORKSPACE/.github/workflows/scripts/validate-coderabbit.sh
$GITHUB_WORKSPACE/.github/workflows/scripts/validate-coderabbit.sh
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
PR_NUMBER: ${{ github.event.pull_request.number }}
GITHUB_REPOSITORY: ${{ github.repository }}