From 70c83d3def662e2a09d1adbf617af33d21e91155 Mon Sep 17 00:00:00 2001 From: kyteinsky Date: Thu, 9 Jul 2026 17:23:07 +0530 Subject: [PATCH 1/2] feat: add release relay gh workflow Signed-off-by: kyteinsky --- .github/workflows/release-relay.yml | 38 +++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 .github/workflows/release-relay.yml diff --git a/.github/workflows/release-relay.yml b/.github/workflows/release-relay.yml new file mode 100644 index 00000000..08908315 --- /dev/null +++ b/.github/workflows/release-relay.yml @@ -0,0 +1,38 @@ +# This workflow is provided via the organization template repository +# +# https://github.com/nextcloud/.github +# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization +# +# SPDX-FileCopyrightText: 2026 Nextcloud GmbH and Nextcloud contributors +# SPDX-License-Identifier: MIT + +name: Notify release-relay on release + +on: + release: + types: [published] + +permissions: + contents: read + +jobs: + notify: + name: Dispatch release to release-relay + runs-on: ubuntu-latest + + # Only allowed to run on nextcloud-releases repositories + if: ${{ github.repository_owner == 'nextcloud-releases' }} + + steps: + - name: Check actor permission + uses: skjnldsv/check-actor-permission@69e92a3c4711150929bca9fcf34448c5bf5526e7 # v3.0 + with: + require: write + + - name: Dispatch to release-relay + uses: peter-evans/repository-dispatch@28959ce8df70de7be546dd1250a005dd32156697 # v4.0.1 + with: + token: ${{ secrets.DISPATCH_PAT }} + repository: nextcloud-gmbh/release-relay + event-type: app-tagged + client-payload: '{"app": "${{ github.repository }}", "tag": "${{ github.event.release.tag_name }}"}' From 916ee07fc786cdeadf26e6ae1b4adcb8711bd632 Mon Sep 17 00:00:00 2001 From: kyteinsky Date: Thu, 9 Jul 2026 17:23:22 +0530 Subject: [PATCH 2/2] feat: npm audit fix gh workflow Signed-off-by: kyteinsky --- .github/workflows/npm-audit-fix.yml | 85 +++++++++++++++++++++++++++++ 1 file changed, 85 insertions(+) create mode 100644 .github/workflows/npm-audit-fix.yml diff --git a/.github/workflows/npm-audit-fix.yml b/.github/workflows/npm-audit-fix.yml new file mode 100644 index 00000000..470fb72e --- /dev/null +++ b/.github/workflows/npm-audit-fix.yml @@ -0,0 +1,85 @@ +# This workflow is provided via the organization template repository +# +# https://github.com/nextcloud/.github +# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization +# +# SPDX-FileCopyrightText: 2023-2024 Nextcloud GmbH and Nextcloud contributors +# SPDX-License-Identifier: MIT + +name: Npm audit fix and compile + +on: + workflow_dispatch: + schedule: + # At 2:30 on Sundays + - cron: '30 2 * * 0' + +permissions: + contents: read + +jobs: + build: + runs-on: ubuntu-latest + + strategy: + fail-fast: false + matrix: + branches: + - ${{ github.event.repository.default_branch }} + - 'stable34' + - 'stable33' + - 'stable32' + + name: npm-audit-fix-${{ matrix.branches }} + + steps: + - name: Checkout + id: checkout + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 + with: + persist-credentials: false + ref: ${{ matrix.branches }} + continue-on-error: true + + - name: Read package.json node and npm engines version + uses: skjnldsv/read-package-engines-version-actions@06d6baf7d8f41934ab630e97d9e6c0bc9c9ac5e4 # v3 + id: versions + with: + fallbackNode: '^24' + fallbackNpm: '^11.3' + + - name: Set up node ${{ steps.versions.outputs.nodeVersion }} + uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 + with: + node-version: ${{ steps.versions.outputs.nodeVersion }} + + - name: Set up npm ${{ steps.versions.outputs.npmVersion }} + run: npm i -g 'npm@${{ steps.versions.outputs.npmVersion }}' + + - name: Fix npm audit + id: npm-audit + uses: nextcloud-libraries/npm-audit-action@1b1728b2b4a7a78d69de65608efcf4db0e3e42d0 # v0.2.0 + + - name: Run npm ci and npm run build + if: steps.checkout.outcome == 'success' + env: + CYPRESS_INSTALL_BINARY: 0 + run: | + npm ci + npm run build --if-present + + - name: Create Pull Request + if: steps.checkout.outcome == 'success' + uses: peter-evans/create-pull-request@5f6978faf089d4d20b00c7766989d076bb2fc7f1 # v8.1.1 + with: + token: ${{ secrets.COMMAND_BOT_PAT }} + commit-message: 'fix(deps): Fix npm audit' + committer: GitHub + author: nextcloud-command + signoff: true + branch: automated/noid/${{ matrix.branches }}-fix-npm-audit + title: '[${{ matrix.branches }}] Fix npm audit' + body: ${{ steps.npm-audit.outputs.markdown }} + labels: | + dependencies + 3. to review