Skip to content

chore: bump version from 1.8.1 to 1.8.2 🎉 #247

chore: bump version from 1.8.1 to 1.8.2 🎉

chore: bump version from 1.8.1 to 1.8.2 🎉 #247

name: NPM Dependency Health Check
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
schedule:
- cron: '0 0 * * 1' # Run weekly on Mondays
jobs:
dependency-check:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '22' # or your preferred Node.js version
- name: Cache npm packages
uses: actions/cache@v4
with:
path: ~/.npm
key: ${{ runner.OS }}-node-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.OS }}-node-
- name: Install dependencies
run: npm ci
- name: Check for outdated dependencies
run: npm outdated --json > outdated.json || echo "{}" > outdated.json
- name: Run security audit
run: npm audit --json > audit.json || echo "{}" > audit.json
- name: Process and Output Dependency Health Results
if: always()
run: |
echo "# NPM Dependency Health Report" >> $GITHUB_STEP_SUMMARY
echo "## Outdated Packages:" >> $GITHUB_STEP_SUMMARY
if [ -s outdated.json ] && [ "$(cat outdated.json)" != "{}" ]; then
jq -r 'to_entries[] | "- \(.key) (\(.value.current) => \(.value.latest))"' outdated.json >> $GITHUB_STEP_SUMMARY
else
echo "No outdated packages found." >> $GITHUB_STEP_SUMMARY
fi
echo "## Security Vulnerabilities:" >> $GITHUB_STEP_SUMMARY
if [ -s audit.json ] && [ "$(jq '.vulnerabilities | length' audit.json)" != "0" ]; then
jq -r '.vulnerabilities | to_entries[] | "- \(.key) (\(.value.severity)): \(.value.title)"' audit.json >> $GITHUB_STEP_SUMMARY
else
echo "No security vulnerabilities detected." >> $GITHUB_STEP_SUMMARY
fi
echo "This report was automatically generated by the NPM Dependency Health Check workflow." >> $GITHUB_STEP_SUMMARY
- name: Check for Critical Issues
if: always()
run: |
VULNERABILITIES=$(jq '.vulnerabilities | length' audit.json)
OUTDATED=$(jq 'length' outdated.json)
if [ "$VULNERABILITIES" != "0" ] || [ "$OUTDATED" != "0" ]; then
echo "::warning::Dependency issues detected. Please check the workflow summary for details."
fi