Skip to content

chore(deps): lock file maintenance (#6035) #105

chore(deps): lock file maintenance (#6035)

chore(deps): lock file maintenance (#6035) #105

---
name: Dedupe lockfile
on:
push:
branches: [next]
paths:
- 'pnpm-lock.yaml'
workflow_dispatch:
concurrency:
group: ${{ github.workflow }}-${{ github.ref_name }}
cancel-in-progress: true
permissions:
contents: read
jobs:
run:
name: Can pnpm-lock.yaml be deduped? 🤔
runs-on: ubuntu-latest
# workflow_dispatch always lets you select the branch ref, even though in this case we only ever want to run the action on `main` thus we need an if check
if: ${{ github.ref_name == 'next' }}
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: 18
- uses: pnpm/action-setup@v2
name: Install pnpm
id: pnpm-install
with:
version: 8
run_install: false
- name: Get pnpm store directory
id: pnpm-cache
shell: bash
run: |
echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT
- name: Cache node modules
id: cache-node-modules
uses: actions/cache@v4
env:
cache-name: cache-node-modules
with:
path: ${{ steps.pnpm-cache.outputs.STORE_PATH }}
key: ${{ runner.os }}-pnpm-store-${{ env.cache-name }}-${{ hashFiles('**/pnpm-lock.yaml') }}
restore-keys: |
v1-${{ runner.os }}-pnpm-store-${{ env.cache-name }}-
v1-${{ runner.os }}-pnpm-store-
v1-${{ runner.os }}-
- name: Install project dependencies
run: pnpm install --config.ignore-scripts=true
- run: pnpm dedupe --config.ignore-scripts=true
- uses: tibdex/github-app-token@3beb63f4bd073e61482598c45c71c1019b59b73a # v2
id: generate-token
with:
app_id: ${{ secrets.ECOSPARK_APP_ID }}
private_key: ${{ secrets.ECOSPARK_APP_PRIVATE_KEY }}
- uses: peter-evans/create-pull-request@b1ddad2c994a25fbc81a28b3ec0e368bb2021c50 # v6
with:
body: I ran `pnpm dedupe` 🧑‍💻
branch: actions/dedupe-if-needed
commit-message: 'chore(deps): dedupe pnpm-lock.yaml'
labels: 🤖 bot
title: 'chore(deps): dedupe pnpm-lock.yaml'
token: ${{ steps.generate-token.outputs.token }}