Skip to content
Test

style: apply xo patches #3056

Sign in to view logs

style: apply xo patches

style: apply xo patches #3056

Workflow file for this run

.github/workflows/test.yml at fd7c12e
name: Test
on:
push:
branches:
- renovate/**
pull_request:
branches:
- main
- alpha
workflow_call:
secrets:
SONAR_TOKEN:
required: true
permissions:
contents: read
jobs:
# prevent duplicate checks on Renovate PRs
prevent-duplicate-checks:
runs-on: ubuntu-latest
steps:
- uses: insurgent-lab/is-in-pr-action@129df59687402c4a9c81a9a9e88d7448cdbba541 # v0.2.0
id: isInPR
outputs:
should-run: ${{ !(steps.isInPR.outputs.result == 'true' && startsWith(github.ref, 'refs/heads/renovate/')) }}
test_matrix:
strategy:
matrix:
node-version: [18, 20, 22]
os: [ubuntu-latest, macos-latest, windows-latest]
runs-on: ${{ matrix.os }}
timeout-minutes: 10
needs: prevent-duplicate-checks
if: ${{ needs.prevent-duplicate-checks.outputs.should-run == 'true' }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
api.github.com:443
github.com:443
nodejs.org:443
registry.npmjs.org:443
storage.googleapis.com:443
tuf-repo-cdn.sigstore.dev:443
- name: Checkout code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
with:
node-version: ${{ matrix.node-version }}
cache: npm
- name: Install packages
run: npm ci
- name: Audit npm signatures
run: npm audit signatures
- name: Check codestyle compliance
run: npm run lint
- name: Run tests
run: npm run test:ava
- name: Run nested tests
run: npm run test:nested
- name: Run fuzzing regression tests
run: npm run test:fuzz:regression
- name: Run fuzz tests
if: "!(matrix.os == 'windows-latest' && matrix.node-version == '22')"
run: npm run test:fuzz
- name: Run TypeScript type definition tests
run: npm run test:tsd
- name: Upload coverage report
if: strategy.job-index == 0
uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
with:
name: coverage-report
path: coverage/lcov.info
sonarcloud:
runs-on: ubuntu-latest
needs:
- prevent-duplicate-checks
- test_matrix
if: ${{ needs.prevent-duplicate-checks.outputs.should-run == 'true' }}
permissions:
pull-requests: read
steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
*.amazonaws.com:443
github.com:443
sonarcloud.io:443
*.sonarcloud.io:443
*.sonarsource.com:443
- name: Checkout code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 0
- name: Download coverage report
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: coverage-report
path: coverage/
- name: Run SonarCloud scan
uses: SonarSource/sonarcloud-github-action@02ef91109b2d589e757aefcfb2854c2783fd7b19 # v4.0.0
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
# separate job to set as required status check in branch protection
required_check:
runs-on: ubuntu-latest
needs:
- test_matrix
- sonarcloud
if: always()
steps:
- name: All required jobs and matrix versions passed
if: ${{ !(contains(needs.*.result, 'failure')) }}
run: exit 0
- name: Some required jobs or matrix versions failed
if: ${{ contains(needs.*.result, 'failure') }}
run: exit 1