Skip to content
ForgeRock Pull Request CI

chore(deps): update dependency body-parser to v2.2.1 [security] #2309

Sign in to view logs

chore(deps): update dependency body-parser to v2.2.1 [security]

chore(deps): update dependency body-parser to v2.2.1 [security] #2309

Workflow file for this run

.github/workflows/ci.yml at a9d8bc7
name: ForgeRock Pull Request CI
on:
pull_request:
env:
NX_CLOUD_ENCRYPTION_KEY: ${{ secrets.NX_CLOUD_ENCRYPTION_KEY }}
NX_CLOUD_ACCESS_TOKEN: ${{ secrets.PR_NX_CLOUD_ACCESS_TOKEN }} # Read Only
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
CI: true
# recommended to set a concurrency group
concurrency:
group: preview-pages-${{ github.ref }}
cancel-in-progress: true
jobs:
pr:
if: ${{github.event.pull_request.head.repo.full_name == github.repository}}
runs-on: ubuntu-latest
timeout-minutes: 20
permissions:
pull-requests: write
contents: write
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
token: ${{ secrets.GH_TOKEN }}
- name: Setup Project
uses: ./.github/actions/setup
with:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
- run: npx nx-cloud fix-ci
if: always()
- uses: codecov/codecov-action@v5
with:
directory: ./packages/
token: ${{ secrets.CODECOV_TOKEN }}
- name: Ensure builds run
run: pnpm nx run-many -t build --no-agents
- run: pnpm pkg-pr-new publish './packages/*' './packages/sdk-effects/*' --packageManager=pnpm
- name: build docs
run: pnpm generate-docs
- name: preview-docs
uses: rajyan/preview-pages@v1
with:
source-dir: docs
pr-comment: 'none'
- name: Update comment
uses: marocchino/sticky-pull-request-comment@v2
with:
message: Deployed ${{ github.sha }} to https://ForgeRock.github.io/ping-javascript-sdk/pr-${{ github.event.number }}/${{github.sha}} branch gh-pages in ForgeRock/ping-javascript-sdk
- name: Download baseline bundle sizes
uses: dawidd6/action-download-artifact@v3
with:
workflow: publish.yml
branch: main
name: bundle-size-baseline
path: .
if_no_artifact_found: warn
continue-on-error: true
- name: Calculate bundle sizes
id: bundle-analysis
run: |
# Make script executable
chmod +x ./scripts/bundle-sizes.sh
# Check if baseline exists
if [ -f "previous_sizes.json" ]; then
echo "✅ Using baseline size data from main branch"
echo "Baseline data preview:"
cat previous_sizes.json | head -5
else
echo "⚠️ No baseline size data found - this will be the first measurement"
fi
# Run the bundle size calculation
./scripts/bundle-sizes.sh
- name: Upload current stats as artifact
uses: actions/upload-artifact@v5
with:
name: bundle-size-stats-pr-${{ github.event.pull_request.number }}
path: |
stats.txt
bundle_size_report.md
retention-days: 7
- name: Find bundle size comment
id: find-comment
uses: peter-evans/find-comment@v4
with:
issue-number: ${{ github.event.pull_request.number }}
comment-author: 'github-actions[bot]'
body-includes: <!-- This comment was auto-generated by GitHub Actions to display bundle size statistics -->
- name: Create or update bundle size comment
uses: peter-evans/create-or-update-comment@v5
with:
comment-id: ${{ steps.find-comment.outputs.comment-id }}
issue-number: ${{ github.event.pull_request.number }}
edit-mode: replace
body: |
<!-- This comment was auto-generated by GitHub Actions to display bundle size statistics -->
## 📦 Bundle Size Analysis
${{ steps.bundle-analysis.outputs.stats }}
### Legend
🆕 New package
🔺 Size increased
🔻 Size decreased
➖ No change
<details>
<summary>ℹ️ How bundle sizes are calculated</summary>
- **Current Size**: Total gzipped size of all files in the package's `dist` directory
- **Baseline**: Comparison against the latest build from the `main` branch
- **Files included**: All build outputs except source maps and TypeScript build cache
- **Exclusions**: `.map`, `.tsbuildinfo`, and `.d.ts.map` files
</details>
---
<sub>🔄 Updated automatically on each push to this PR</sub>