Skip to content

fix(deps): update dependency ws to v8.17.1 [security] #5390

fix(deps): update dependency ws to v8.17.1 [security]

fix(deps): update dependency ws to v8.17.1 [security] #5390

name: Integration Tests
on:
push:
branches: [main]
pull_request:
branches: [main]
jobs:
integration:
name: Integration
runs-on: ${{ matrix.os }}
timeout-minutes: 40
strategy:
matrix:
os: [ubuntu-latest, macOS-latest, windows-latest]
# Pinning 20.x version as a temporary workaround due to this https://github.com/nodejs/node/issues/52884
node-version: ['18.14.0', '20.12.2', '22']
shard: ['1/4', '2/4', '3/4', '4/4']
exclude:
- os: macOS-latest
node-version: '18.14.0'
- os: windows-latest
node-version: '18.14.0'
- os: windows-latest
node-version: '22'
fail-fast: false
steps:
# Sets an output parameter if this is a release PR
- name: Check for release
id: release-check
# For windows we have to use $env:
run: |-
echo "IS_RELEASE=true" >> $GITHUB_OUTPUT
echo "IS_RELEASE=true" >> $env:GITHUB_OUTPUT
if: "${{ startsWith(github.head_ref, 'release-') }}"
# This improves Windows network performance, we need this since we open many ports in our tests
- name: Increase Windows port limit and reduce time wait delay
run: |
netsh int ipv4 set dynamicport tcp start=1025 num=64511
REG ADD HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TCPIP\Parameters /v TcpTimedWaitDelay /t REG_DWORD /d 30 /f
if: "${{ matrix.os == 'windows-latest' && !steps.release-check.outputs.IS_RELEASE }}"
- name: Git checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
if: '${{!steps.release-check.outputs.IS_RELEASE}}'
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node-version }}
cache: npm
check-latest: true
if: '${{!steps.release-check.outputs.IS_RELEASE}}'
- name: Install PNPM
run: |
corepack enable
corepack prepare pnpm@7.32.4 --activate
if: '${{!steps.release-check.outputs.IS_RELEASE}}'
- name: Setup Deno
uses: denoland/setup-deno@v1
if: '${{!steps.release-check.outputs.IS_RELEASE}}'
with:
deno-version: v1.x
- name: Install core dependencies
run: npm ci --no-audit
if: '${{!steps.release-check.outputs.IS_RELEASE}}'
- name: Generate self-signed certificates
run: npm run certs
if: '${{!steps.release-check.outputs.IS_RELEASE}}'
shell: bash
- name: Prepare tests
run: npm run test:init
if: '${{ !steps.release-check.outputs.IS_RELEASE }}'
- name: Tests
uses: nick-fields/retry@v3
if: '${{ !steps.release-check.outputs.IS_RELEASE }}'
with:
timeout_minutes: 15
max_attempts: 3
retry_on: error
command: npm run test:ci:vitest:integration -- --shard=${{ matrix.shard }}
env:
# GitHub secrets are not available when running on PR from forks
# We set a flag so we can skip tests that access Netlify API
NETLIFY_TEST_DISABLE_LIVE:
${{ github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork == true }}
NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_AUTH_TOKEN }}
# NETLIFY_TEST_GITHUB_TOKEN is used to avoid reaching GitHub API limits in exec-fetcher.js
NETLIFY_TEST_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# Changes the polling interval used by the file watcher
CHOKIDAR_INTERVAL: 20
CHOKIDAR_USEPOLLING: 1
- name: Get test coverage flags
id: test-coverage-flags
# For windows we have to use $env:
run: |-
os=${{ matrix.os }}
node=$(node --version)
echo "os=${os/-latest/}" >> $GITHUB_OUTPUT
echo "os=${os/-latest/}" >> $env:GITHUB_OUTPUT
echo "node=node_${node/.*.*/}" >> $GITHUB_OUTPUT
echo "node=node_${node/.*.*/}" >> $env:GITHUB_OUTPUT
shell: bash
if: '${{ !steps.release-check.outputs.IS_RELEASE }}'
- name: Sanitize shard for artefact name
id: sanitize-shard-name
run: echo "shard=$(echo '${{ matrix.shard }}' | tr '/' '-')" >> $GITHUB_OUTPUT
- name: Store npm error artefacts
uses: actions/upload-artifact@v4
if: always()
with:
name: npm-logs--${{ matrix.os }}--${{ matrix.node-version }}--${{ steps.sanitize-shard-name.outputs.shard }}
path: |
/home/runner/.npm/_logs/**/*
- uses: codecov/codecov-action@v4
continue-on-error: true
with:
flags: ${{ steps.test-coverage-flags.outputs.os }},${{ steps.test-coverage-flags.outputs.node }}
token: ${{ secrets.CODECOV_TOKEN }}
if: '${{ !steps.release-check.outputs.IS_RELEASE }}'