Skip to content

Upgrading some dependencies with vulnerability issues #767

Upgrading some dependencies with vulnerability issues

Upgrading some dependencies with vulnerability issues #767

Workflow file for this run

name: Low Dependencies
on:
push:
pull_request:
schedule:
- cron: '0 0 * * 0'
jobs:
locked:
name: Node ${{ matrix.node-versions }} - ${{ matrix.os }}
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest, windows-2019]
node-versions: ['18', '20', '22']
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Node ${{matrix.node-versions}}
uses: actions/setup-node@v4
with:
node-version: ${{matrix.node-versions}}
- name: Remove Lock File
run: rm yarn.lock
- name: Force Lowest Dependencies
run: node ./scripts/force-lowest-dependencies
# We have some tests that need to "git checkout" package.json file.
# Commit them prevent the tests from re-using the locked dependencies.
- name: Commit Changes, to preserve a clean working directory
run: |
git config --global user.email ""
git config --global user.name "Symfony"
git commit -am "Force Lowest Dependencies"
- name: Install Yarn Dependencies
run: yarn install
- name: Show Installed Versions
run: yarn list --depth=0
- name: Run Tests
run: yarn test