[Snyk] Security upgrade supertest from 6.2.4 to 7.0.0 #49
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "Backend tests" | |
# any branch is useful for testing before a PR is submitted | |
on: [push, pull_request] | |
permissions: | |
contents: read | |
jobs: | |
withoutpluginsLinux: | |
# run on pushes to any branch | |
# run on PRs from external forks | |
if: | | |
(github.event_name != 'pull_request') | |
|| (github.event.pull_request.head.repo.id != github.event.pull_request.base.repo.id) | |
name: Linux without plugins | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
node: [14, 16, 18] | |
steps: | |
- | |
name: Checkout repository | |
uses: actions/checkout@v3 | |
- | |
uses: actions/setup-node@v3 | |
with: | |
node-version: ${{ matrix.node }} | |
cache: 'npm' | |
cache-dependency-path: | | |
src/package-lock.json | |
src/bin/doc/package-lock.json | |
- | |
name: Install libreoffice | |
run: | | |
sudo add-apt-repository -y ppa:libreoffice/ppa | |
sudo apt update | |
sudo apt install -y --no-install-recommends libreoffice libreoffice-pdfimport | |
- | |
name: Install all dependencies and symlink for ep_etherpad-lite | |
run: src/bin/installDeps.sh | |
- | |
name: Run the backend tests | |
run: cd src && npm test | |
withpluginsLinux: | |
# run on pushes to any branch | |
# run on PRs from external forks | |
if: | | |
(github.event_name != 'pull_request') | |
|| (github.event.pull_request.head.repo.id != github.event.pull_request.base.repo.id) | |
name: Linux with Plugins | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
node: [14, 16, 18] | |
steps: | |
- | |
name: Checkout repository | |
uses: actions/checkout@v3 | |
- | |
uses: actions/setup-node@v3 | |
with: | |
node-version: ${{ matrix.node }} | |
cache: 'npm' | |
cache-dependency-path: | | |
src/package-lock.json | |
src/bin/doc/package-lock.json | |
- | |
name: Install libreoffice | |
run: | | |
sudo add-apt-repository -y ppa:libreoffice/ppa | |
sudo apt update | |
sudo apt install -y --no-install-recommends libreoffice libreoffice-pdfimport | |
- | |
name: Install Etherpad plugins | |
# The --legacy-peer-deps flag is required to work around a bug in npm v7: | |
# https://github.com/npm/cli/issues/2199 | |
run: > | |
npm install --no-save --legacy-peer-deps | |
ep_align | |
ep_author_hover | |
ep_cursortrace | |
ep_font_size | |
ep_hash_auth | |
ep_headings2 | |
ep_image_upload | |
ep_markdown | |
ep_readonly_guest | |
ep_set_title_on_pad | |
ep_spellcheck | |
ep_subscript_and_superscript | |
ep_table_of_contents | |
# Etherpad core dependencies must be installed after installing the | |
# plugin's dependencies, otherwise npm will try to hoist common | |
# dependencies by removing them from src/node_modules and installing them | |
# in the top-level node_modules. As of v6.14.10, npm's hoist logic appears | |
# to be buggy, because it sometimes removes dependencies from | |
# src/node_modules but fails to add them to the top-level node_modules. | |
# Even if npm correctly hoists the dependencies, the hoisting seems to | |
# confuse tools such as `npm outdated`, `npm update`, and some ESLint | |
# rules. | |
- | |
name: Install all dependencies and symlink for ep_etherpad-lite | |
run: src/bin/installDeps.sh | |
- | |
name: Run the backend tests | |
run: cd src && npm test | |
withoutpluginsWindows: | |
# run on pushes to any branch | |
# run on PRs from external forks | |
if: | | |
(github.event_name != 'pull_request') | |
|| (github.event.pull_request.head.repo.id != github.event.pull_request.base.repo.id) | |
name: Windows without plugins | |
runs-on: windows-latest | |
steps: | |
- | |
name: Checkout repository | |
uses: actions/checkout@v3 | |
- | |
uses: actions/setup-node@v3 | |
with: | |
node-version: 14 | |
cache: 'npm' | |
cache-dependency-path: | | |
src/package-lock.json | |
src/bin/doc/package-lock.json | |
- | |
name: Install all dependencies and symlink for ep_etherpad-lite | |
run: src/bin/installOnWindows.bat | |
- | |
name: Fix up the settings.json | |
run: | | |
powershell -Command "(gc settings.json.template) -replace '\"max\": 10', '\"max\": 10000' | Out-File -encoding ASCII settings.json.holder" | |
powershell -Command "(gc settings.json.holder) -replace '\"points\": 10', '\"points\": 1000' | Out-File -encoding ASCII settings.json" | |
- | |
name: Run the backend tests | |
run: cd src && npm test | |
withpluginsWindows: | |
# run on pushes to any branch | |
# run on PRs from external forks | |
if: | | |
(github.event_name != 'pull_request') | |
|| (github.event.pull_request.head.repo.id != github.event.pull_request.base.repo.id) | |
name: Windows with Plugins | |
runs-on: windows-latest | |
steps: | |
- | |
name: Checkout repository | |
uses: actions/checkout@v3 | |
- | |
uses: actions/setup-node@v3 | |
with: | |
node-version: 14 | |
cache: 'npm' | |
cache-dependency-path: | | |
src/package-lock.json | |
src/bin/doc/package-lock.json | |
- | |
name: Install Etherpad plugins | |
# The --legacy-peer-deps flag is required to work around a bug in npm | |
# v7: https://github.com/npm/cli/issues/2199 | |
run: > | |
npm install --no-save --legacy-peer-deps | |
ep_align | |
ep_author_hover | |
ep_cursortrace | |
ep_font_size | |
ep_hash_auth | |
ep_headings2 | |
ep_image_upload | |
ep_markdown | |
ep_readonly_guest | |
ep_set_title_on_pad | |
ep_spellcheck | |
ep_subscript_and_superscript | |
ep_table_of_contents | |
# Etherpad core dependencies must be installed after installing the | |
# plugin's dependencies, otherwise npm will try to hoist common | |
# dependencies by removing them from src/node_modules and installing them | |
# in the top-level node_modules. As of v6.14.10, npm's hoist logic appears | |
# to be buggy, because it sometimes removes dependencies from | |
# src/node_modules but fails to add them to the top-level node_modules. | |
# Even if npm correctly hoists the dependencies, the hoisting seems to | |
# confuse tools such as `npm outdated`, `npm update`, and some ESLint | |
# rules. | |
- | |
name: Install all dependencies and symlink for ep_etherpad-lite | |
run: src/bin/installOnWindows.bat | |
- | |
name: Fix up the settings.json | |
run: | | |
powershell -Command "(gc settings.json.template) -replace '\"max\": 10', '\"max\": 10000' | Out-File -encoding ASCII settings.json.holder" | |
powershell -Command "(gc settings.json.holder) -replace '\"points\": 10', '\"points\": 1000' | Out-File -encoding ASCII settings.json" | |
- | |
name: Run the backend tests | |
run: cd src && npm test |