taichi / actions-package-update Goto Github PK
View Code? Open in Web Editor NEWkeeps npm dependencies up-to-date by making pull requests from GitHub Actions or CI.
keeps npm dependencies up-to-date by making pull requests from GitHub Actions or CI.
Having multiple package updates in one pull request is hard to manage.
How about creating pull requests for each package, like Renovate?
Thank you.
The Action somehow managed to commit the env.sh
file containing the access token to Github.
https://github.com/Catrobat/Catblocks/blob/c81c15c6cb3d0db750c125a40000f5273aca2a0b/env.sh
Fortunately Github instantly blocked the Token.
For example:
steps:
- uses: ybiquitous/npm-audit-fix-action@v1
with:
labels: [dependencies, security]
Hey @taichi ๐๐ป
Would love to hear from you what do you think about implementing these two features to the opened PRs:
I was reading Github's documentation and it seems to be easy to implement.
Let me know, I'd be happy to contribute here ๐
Hello, I use this GitHub actions to update the dependencies on an old project. When I created the workflows, and I change the version of a dependency, I can see in my project an update that is done. example : 2.0.5 => 2.0.7
Name | Updating |
---|---|
nodemon | 2.0.7 |
But I don't have the information in the table
Table update dependencies problem
Do you have any idea ?
For projects with decent coverage I could just merge these PRs without doing any manual checking out and testing of the branch. When this bot creates the PRs Github actions aren't ran so my tests aren't run automatically. I'm not sure if there is a way around this or if it could be changed to run npm test
or something before creating the PRs.
I keep getting this:
[1590443623387] INFO (1 on 926fcaaa51cd): Start process.
[1590443623389] DEBUG (1 on 926fcaaa51cd): START makeBranch
[1590443623389] DEBUG (1 on 926fcaaa51cd): getFile /github/workspace/package.json
[1590443623393] DEBUG (1 on 926fcaaa51cd): BEGIN git fetch --prune origin
Error: Command failed with exit code 128: git fetch --prune origin
at makeError (/usr/local/share/.config/yarn/global/node_modules/execa/lib/error.js:56:11)
at handlePromise (/usr/local/share/.config/yarn/global/node_modules/execa/index.js:114:26)
at processTicksAndRejections (internal/process/task_queues.js:97:5)
at async h.makeBranch (/usr/local/share/.config/yarn/global/node_modules/actions-package-update/dist/index.js:12:1603)
at async h.run (/usr/local/share/.config/yarn/global/node_modules/actions-package-update/dist/index.js:12:633)
at async o (/usr/local/share/.config/yarn/global/node_modules/actions-package-update/dist/index.js:14:300) {
command: 'git fetch --prune origin',
exitCode: 128,
signal: undefined,
signalDescription: undefined,
stdout: '',
stderr: "fatal: unable to access 'https://github.com/naugtur/handsfreeyoutube/': Problem with the SSL CA cert (path? access rights?)",
failed: true,
timedOut: false,
isCanceled: false,
killed: false
}
Doesn't seem like something I misconfigured about the repo or access.
What am mI missing?
I want use email: github-actions[bot]@users.noreply.github.com.
but , this line that format: email don't allow [].
actions-package-update/src/config.ts
Line 42 in 5ab5dc4
I remove that, but test failed. because async test already broken.
I hope you accept it.
Hey!
I've been using this action for a while, and about one and a half months ago the action started to fail to try to use fsevents in a ubuntu env (it's supposed to try that only on mac).
Testings locally on a ubuntu machine I reached the conclusion the problem was that it was trying to run npm install
, instead of npm ci
.
I tried cloning the action repository to validate a fix before submitting a PR, but for some reason, it's not being able to run the new command (it continues to run the version from the original repository).
What I did was to change the uses: taichi/actions-package-update@master
to point to my repository, but it did not work.
Can you please share how this can be tested/validated?
Thanks!
No matter how you set this variable in a GitHub action, it's ignored (or possibly overwritten by GitHub). This means you can't run actions-package-update
in any folder other than the root.
You can verify this by creating a workflow step:
- name: Attempt to set GITHUB_WORKSPACE
env:
FOO: bar
GITHUB_WORKSPACE: ./foo
run: printenv
Observe that the output shows that the GITHUB_WORKSPACE
variable has not been changed:
Run printenv
printenv
shell: /bin/bash -e {0}
env:
FOO: bar
GITHUB_WORKSPACE: ./foo
# ...
FOO=bar
# ...
GITHUB_WORKSPACE=/home/runner/work/actions-package-update/actions-package-update
This is also the case if you use set-env
, because all that does is create an env
property for future steps as if you had put them into the workflow yourself.
To solve this you would need to create a different environment variable that we can use which GitHub will not ignore or clobber (WORKING_DIRECTORY
maybe?).
ci-yarn-upgrade display diff URL in PR, but actions-package-update does not display diff URL. Processing that generates diff URL is implemented, but it seems that it is not working because tags are not actually acquired. Are there any plans to make the function of displaying diff URL work?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.