ci(deps): bump github/codeql-action from 3.27.1 to 3.27.3 #964
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # In TypeScript actions, `dist/` is a special directory. When you reference | |
| # an action with the `uses:` property, `dist/index.js` is the code that will be | |
| # run. For this project, the `dist/index.js` file is transpiled from other | |
| # source files. This workflow ensures the `dist/` directory contains the | |
| # expected transpiled code. | |
| # | |
| # If this workflow is run from a feature branch, it will act as an additional CI | |
| # check and fail if the checked-in `dist/` directory does not match what is | |
| # expected from the build. | |
| name: Check Transpiled JavaScript | |
| on: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| permissions: | |
| contents: read | |
| jobs: | |
| check-dist: | |
| name: Check dist/ | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| id: checkout | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| - name: Install pnpm | |
| uses: pnpm/action-setup@fe02b34f77f8bc703788d5817da081398fad5dd2 # v4.0.0 | |
| - name: Setup Node.js | |
| id: setup-node | |
| uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 | |
| with: | |
| cache: pnpm | |
| - name: Install Dependencies | |
| id: install | |
| run: pnpm install --frozen-lockfile | |
| - name: Build dist/ Directory | |
| id: build | |
| run: pnpm run bundle | |
| # This will fail the workflow if the PR wasn't created by Dependabot. | |
| - name: Compare Directories | |
| id: diff | |
| run: | | |
| if [ "$(git diff --ignore-space-at-eol --text dist/ | wc -l)" -gt "0" ]; then | |
| echo "Detected uncommitted changes after build. See status below:" | |
| git diff --ignore-space-at-eol --text dist/ | |
| exit 1 | |
| fi | |
| # If `dist/` was different than expected, and this was not a Dependabot | |
| # PR, upload the expected version as a workflow artifact. | |
| - if: ${{ failure() && steps.diff.outcome == 'failure' }} | |
| name: Upload Artifact | |
| id: upload | |
| uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 | |
| with: | |
| name: dist | |
| path: dist/ |