Skip to content

[Snyk] Security upgrade axios from 0.24.0 to 1.6.4 #4187

[Snyk] Security upgrade axios from 0.24.0 to 1.6.4

[Snyk] Security upgrade axios from 0.24.0 to 1.6.4 #4187

name: MyCryptoBuilds
env:
AWS_S3_BUCKET: ${{ secrets.AWS_S3_BUCKET_MYCRYPTOBUILDS }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID_MYCRYPTOBUILDS }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY_MYCRYPTOBUILDS }}
AWS_REGION: 'us-east-2'
on:
pull_request:
branches:
- '*'
push:
branches:
- master
repository_dispatch:
types: [ok-to-test-command]
jobs:
myc-build:
environment: STAGING
runs-on: ubuntu-latest
steps:
# Fetch the PR number to use it with AWS
- name: Set PR_NUMBER
run: |
PR_NUMBER=$(echo $GITHUB_REF | awk 'BEGIN { FS = "/" } ; { print $3 }')
echo "PR_NUMBER=$PR_NUMBER" >> $GITHUB_ENV
# Define url as env var to be used by TestCafe.
- name: Set E2E_BASE_URL
if: github.ref != 'refs/heads/master' && github.event_name == 'pull_request'
run: |
E2E_BASE_URL=$( echo https://mycryptobuilds.com/pr/${PR_NUMBER}/# )
echo $E2E_BASE_URL
echo "E2E_BASE_URL=$E2E_BASE_URL" >> $GITHUB_ENV
# Define url as env var to be used by TestCafe.
- name: Set E2E_BASE_URL
if: github.ref == 'refs/heads/master' && github.event_name == 'push'
run: |
E2E_BASE_URL=$( echo https://mycryptobuilds.com/master/# )
echo $E2E_BASE_URL
echo "E2E_BASE_URL=$E2E_BASE_URL" >> $GITHUB_ENV
# Define url as env var to be used by TestCafe.
- name: Set E2E_BASE_URL
if: github.event_name == 'repository_dispatch'
run: |
E2E_BASE_URL=$( echo https://mycryptobuilds.com/pr/${{ github.event.client_payload.pull_request.number }}/# )
echo $E2E_BASE_URL
echo "E2E_BASE_URL=$E2E_BASE_URL" >> $GITHUB_ENV
- uses: actions/checkout@v2
if: github.event_name != 'repository_dispatch'
- uses: actions/checkout@v2
if: github.event_name == 'repository_dispatch'
with:
ref: 'refs/pull/${{ github.event.client_payload.pull_request.number }}/merge'
- name: Retrieve node version from .nvmrc
run: echo "##[set-output name=NVMRC;]$(cat package.json | grep '\"node\":' | sed 's/^ *//;s/ *$//;s/\"node\":\ \"//;s/\",//')"
id: nvm
- name: Setup node ${{ steps.nvm.outputs.NVMRC }}
uses: actions/setup-node@v1
with:
node-version: '${{ steps.nvm.outputs.NVMRC }}'
- name: Cache node modules
id: cache
uses: actions/cache@v2
with:
path: node_modules
## Check cache based on yarn.lock hashfile
key: ${{ runner.OS }}-build-${{ hashFiles('**/yarn.lock') }}
- name: Cache Hardhat network
uses: actions/cache@v2
with:
path: .cache/hardhat
key: ${{ runner.OS }}-build-${{ hashFiles('**/hardhat.config.ts') }}
- name: Install Dependencies
## If no cache is found, install dependencies
if: steps.cache.outputs.cache-hit != 'true'
run: yarn install --frozen-lockfile
- name: Set outputs
id: vars
run: echo "::set-output name=sha::$(git rev-parse HEAD)"
- name: yarn build:staging
run: yarn build:staging
if: github.event_name == 'pull_request'
env:
COMMIT_HASH: ${{ github.event.pull_request.head.sha }}
- name: yarn build:staging
run: yarn build:staging
if: github.event_name == 'repository_dispatch'
env:
COMMIT_HASH: ${{ github.event.client_payload.pull_request.head.sha }}
- name: yarn build:staging
run: yarn build:staging
if: github.event_name == 'push' && github.ref == 'refs/heads/master'
env:
COMMIT_HASH: ${{ steps.vars.outputs.sha }}
- name: S3 Sync - Downloadable Branch - push
uses: jakejarvis/[email protected]
if: github.event_name == 'push'
with:
args: --acl public-read --cache-control max-age=0 --follow-symlinks --delete --exclude '.git/*'
env:
DEST_DIR: ${GITHUB_REF##*/}
SOURCE_DIR: 'dist/web'
- name: S3 Sync - Downloadable Branch - repository_dispatch
uses: jakejarvis/[email protected]
if: github.event_name == 'repository_dispatch'
with:
args: --acl public-read --cache-control max-age=0 --follow-symlinks --delete --exclude '.git/*'
env:
DEST_DIR: ${{ github.event.client_payload.pull_request.head.ref }}
SOURCE_DIR: 'dist/web'
- name: S3 Sync - Downloadable Branch - pull_request
uses: jakejarvis/[email protected]
if: github.event_name == 'pull_request'
with:
args: --acl public-read --cache-control max-age=0 --follow-symlinks --delete --exclude '.git/*'
env:
DEST_DIR: ${{ github.head_ref }}
SOURCE_DIR: 'dist/web'
####
- name: S3 Sync - SHA Push
uses: jakejarvis/[email protected]
if: github.event_name == 'push'
with:
args: --acl public-read --cache-control max-age=0 --follow-symlinks --exclude '.git/*'
env:
DEST_DIR: ${GITHUB_SHA}
SOURCE_DIR: 'dist/web'
- name: S3 Sync - SHA Pull Request
uses: jakejarvis/[email protected]
if: github.event_name == 'pull_request'
with:
args: --acl public-read --cache-control max-age=0 --follow-symlinks --exclude '.git/*'
env:
DEST_DIR: ${{ github.event.pull_request.head.sha }}
SOURCE_DIR: 'dist/web'
- name: S3 Sync - SHA Repository Dispatch
uses: jakejarvis/[email protected]
if: github.event_name == 'repository_dispatch'
with:
args: --acl public-read --cache-control max-age=0 --follow-symlinks --exclude '.git/*'
env:
DEST_DIR: ${{ github.event.client_payload.pull_request.head.sha }}
SOURCE_DIR: 'dist/web'
####
- name: S3 Sync - Downloadable - PR Number
uses: jakejarvis/[email protected]
if: github.event_name == 'pull_request'
with:
args: --acl public-read --cache-control max-age=0 --follow-symlinks --delete --exclude '.git/*'
env:
DEST_DIR: 'pr/${PR_NUMBER}'
SOURCE_DIR: 'dist/web'
- name: S3 Sync - Downloadable - PR Number - Repository Dispatch
uses: jakejarvis/[email protected]
if: github.event_name == 'repository_dispatch'
with:
args: --acl public-read --cache-control max-age=0 --follow-symlinks --delete --exclude '.git/*'
env:
DEST_DIR: 'pr/${{ github.event.client_payload.pull_request.number }}'
SOURCE_DIR: 'dist/web'
- name: Mycrypto-bot trigger
if: github.event_name == 'pull_request'
run: aws sns publish --topic-arn ${{ secrets.SNS_TOPIC_MYCRYPTO_BOT }} --region us-east-2 --message $(echo $GITHUB_REF | awk 'BEGIN { FS = "/" } ; { print $3 }')
# Launch E2E tests. When in pull request it runs against the PR's mycryptobuilds url.
- name: E2E - run
run: yarn test:e2e:ci
env:
INFURA_API_KEY: ${{ secrets.INFURA_API_KEY }}
- name: Update PR status
uses: actions/github-script@v1
id: update-check-run
if: github.event_name == 'repository_dispatch'
env:
number: ${{ github.event.client_payload.pull_request.number }}
job: ${{ github.job }}
# Conveniently, job.status maps to https://developer.github.com/v3/checks/runs/#update-a-check-run
conclusion: ${{ job.status }}
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
const { data: pull } = await github.pulls.get({
...context.repo,
pull_number: process.env.number
});
const ref = pull.head.sha;
const { data: checks } = await github.checks.listForRef({
...context.repo,
ref
});
const check = checks.check_runs.filter(c => c.name === process.env.job);
const { data: result } = await github.checks.update({
...context.repo,
check_run_id: check[0].id,
status: 'completed',
conclusion: process.env.conclusion
});
return result;