name: Tools and deps update on: schedule: # Run once a week at 00:05 AM UTC on Sunday. - cron: 5 0 * * 0 workflow_dispatch: inputs: id: description: The ID of the job to run required: true default: all type: choice options: - all - acorn - acorn-walk - ada - amaro - brotli - c-ares - cjs-module-lexer - corepack - doc - github_reporter - googletest - gyp-next - histogram - icu # - libuv - llhttp - minimatch - nbytes - nghttp2 - nghttp3 - ngtcp2 - postject - root-certificates - simdjson - simdutf - sqlite - undici - uvwasi - zlib env: PYTHON_VERSION: '3.12' permissions: contents: read jobs: tools-deps-update: if: github.repository == 'nodejs/node' runs-on: ubuntu-latest strategy: fail-fast: false # Prevent other jobs from aborting if one fails matrix: include: - id: acorn subsystem: deps label: dependencies run: | ./tools/dep_updaters/update-acorn.sh > temp-output cat temp-output tail -n1 temp-output | grep "NEW_VERSION=" >> "$GITHUB_ENV" || true rm temp-output - id: acorn-walk subsystem: deps label: dependencies run: | ./tools/dep_updaters/update-acorn-walk.sh > temp-output cat temp-output tail -n1 temp-output | grep "NEW_VERSION=" >> "$GITHUB_ENV" || true rm temp-output - id: ada subsystem: deps label: dependencies run: | ./tools/dep_updaters/update-ada.sh > temp-output cat temp-output tail -n1 temp-output | grep "NEW_VERSION=" >> "$GITHUB_ENV" || true rm temp-output - id: amaro subsystem: deps label: dependencies, strip-types run: | ./tools/dep_updaters/update-amaro.sh > temp-output cat temp-output tail -n1 temp-output | grep "NEW_VERSION=" >> "$GITHUB_ENV" || true rm temp-output - id: brotli subsystem: deps label: dependencies, zlib run: | ./tools/dep_updaters/update-brotli.sh > temp-output cat temp-output tail -n1 temp-output | grep "NEW_VERSION=" >> "$GITHUB_ENV" || true rm temp-output - id: c-ares subsystem: deps label: dependencies, cares run: | ./tools/dep_updaters/update-c-ares.sh > temp-output cat temp-output tail -n1 temp-output | grep "NEW_VERSION=" >> "$GITHUB_ENV" || true rm temp-output - id: cjs-module-lexer subsystem: deps label: dependencies run: | ./tools/dep_updaters/update-cjs-module-lexer.sh > temp-output cat temp-output tail -n1 temp-output | grep "NEW_VERSION=" >> "$GITHUB_ENV" || true rm temp-output - id: corepack subsystem: deps label: dependencies run: | make corepack-update echo "NEW_VERSION=$(node deps/corepack/dist/corepack.js --version)" >> $GITHUB_ENV - id: doc subsystem: tools label: tools run: | cd tools/doc npm ci NEW_VERSION=$(npm outdated --parseable | cut -d: -f4 | xargs) if [ "$NEW_VERSION" != "" ]; then echo "NEW_VERSION=new version" >> $GITHUB_ENV rm -rf package-lock.json node_modules # Include $NEW_VERSION to explicitly update the package.json # entry for the dependency and also so that semver-major updates # are not skipped. npm install --ignore-scripts $NEW_VERSION npm install --ignore-scripts fi - id: github_reporter subsystem: tools label: tools run: | ./tools/dep_updaters/update-github-reporter.sh > temp-output cat temp-output tail -n1 temp-output | grep "NEW_VERSION=" >> "$GITHUB_ENV" || true rm temp-output - id: googletest subsystem: deps label: dependencies, test run: | ./tools/dep_updaters/update-googletest.sh > temp-output cat temp-output tail -n1 temp-output | grep "NEW_VERSION=" >> "$GITHUB_ENV" || true rm temp-output - id: gyp-next subsystem: tools label: tools, gyp run: | ./tools/dep_updaters/update-gyp-next.sh > temp-output cat temp-output tail -n1 temp-output | grep "NEW_VERSION=" >> "$GITHUB_ENV" || true rm temp-output - id: histogram subsystem: deps label: dependencies run: | ./tools/dep_updaters/update-histogram.sh > temp-output cat temp-output tail -n1 temp-output | grep "NEW_VERSION=" >> "$GITHUB_ENV" || true rm temp-output - id: icu subsystem: deps label: dependencies, test, icu run: | ./tools/dep_updaters/update-icu.sh > temp-output cat temp-output tail -n1 temp-output | grep "NEW_VERSION=" >> "$GITHUB_ENV" || true rm temp-output # libuv update was disabled because of Feb 14, 2024 security release # modified the bundled version of libuv, we cannot automatically update # libuv without potentially undoing those changes. # - id: libuv # subsystem: deps # label: dependencies # run: | # ./tools/dep_updaters/update-libuv.sh > temp-output # cat temp-output # tail -n1 temp-output | grep "NEW_VERSION=" >> "$GITHUB_ENV" || true # rm temp-output - id: llhttp subsystem: deps label: dependencies run: | ./tools/dep_updaters/update-llhttp.sh > temp-output cat temp-output tail -n1 temp-output | grep "NEW_VERSION=" >> "$GITHUB_ENV" || true rm temp-output - id: minimatch subsystem: deps label: dependencies run: | ./tools/dep_updaters/update-minimatch.sh > temp-output cat temp-output tail -n1 temp-output | grep "NEW_VERSION=" >> "$GITHUB_ENV" || true rm temp-output - id: nbytes subsystem: deps label: dependencies run: | ./tools/dep_updaters/update-nbytes.sh > temp-output cat temp-output tail -n1 temp-output | grep "NEW_VERSION=" >> "$GITHUB_ENV" || true rm temp-output - id: nghttp2 subsystem: deps label: dependencies run: | ./tools/dep_updaters/update-nghttp2.sh > temp-output cat temp-output tail -n1 temp-output | grep "NEW_VERSION=" >> "$GITHUB_ENV" || true rm temp-output - id: nghttp3 subsystem: deps label: dependencies run: | ./tools/dep_updaters/update-nghttp3.sh > temp-output cat temp-output tail -n1 temp-output | grep "NEW_VERSION=" >> "$GITHUB_ENV" || true rm temp-output - id: ngtcp2 subsystem: deps label: dependencies run: | ./tools/dep_updaters/update-ngtcp2.sh > temp-output cat temp-output tail -n1 temp-output | grep "NEW_VERSION=" >> "$GITHUB_ENV" || true rm temp-output - id: postject subsystem: deps,test label: test run: | ./tools/dep_updaters/update-postject.sh > temp-output cat temp-output tail -n1 temp-output | grep "NEW_VERSION=" >> "$GITHUB_ENV" || true rm temp-output - id: root-certificates subsystem: crypto label: crypto, notable-change run: | node ./tools/dep_updaters/update-root-certs.mjs -v -f "$GITHUB_ENV" - id: simdjson subsystem: deps label: dependencies run: | ./tools/dep_updaters/update-simdjson.sh > temp-output cat temp-output tail -n1 temp-output | grep "NEW_VERSION=" >> "$GITHUB_ENV" || true rm temp-output - id: simdutf subsystem: deps label: dependencies run: | ./tools/dep_updaters/update-simdutf.sh > temp-output cat temp-output tail -n1 temp-output | grep "NEW_VERSION=" >> "$GITHUB_ENV" || true rm temp-output - id: sqlite subsystem: deps label: dependencies, sqlite run: | ./tools/dep_updaters/update-sqlite.sh > temp-output cat temp-output tail -n1 temp-output | grep "NEW_VERSION=" >> "$GITHUB_ENV" || true rm temp-output - id: undici subsystem: deps label: dependencies run: | ./tools/dep_updaters/update-undici.sh > temp-output cat temp-output tail -n1 temp-output | grep "NEW_VERSION=" >> "$GITHUB_ENV" || true rm temp-output - id: uvwasi subsystem: deps label: dependencies run: | ./tools/dep_updaters/update-uvwasi.sh > temp-output cat temp-output tail -n1 temp-output | grep "NEW_VERSION=" >> "$GITHUB_ENV" || true rm temp-output - id: zlib subsystem: deps label: dependencies, zlib run: | ./tools/dep_updaters/update-zlib.sh > temp-output cat temp-output tail -n1 temp-output | grep "NEW_VERSION=" >> "$GITHUB_ENV" || true rm temp-output steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 if: github.event_name == 'schedule' || inputs.id == 'all' || inputs.id == matrix.id with: persist-credentials: false - name: Set up Python ${{ env.PYTHON_VERSION }} if: matrix.id == 'icu' && (github.event_name == 'schedule' || inputs.id == 'all' || inputs.id == matrix.id) uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: python-version: ${{ env.PYTHON_VERSION }} - run: ${{ matrix.run }} if: github.event_name == 'schedule' || inputs.id == 'all' || inputs.id == matrix.id env: GITHUB_TOKEN: ${{ secrets.GH_USER_TOKEN }} - name: Generate commit message if not set if: env.COMMIT_MSG == '' && (github.event_name == 'schedule' || inputs.id == 'all' || inputs.id == matrix.id) run: | echo "COMMIT_MSG=${{ matrix.subsystem }}: update ${{ matrix.id }} to ${{ env.NEW_VERSION }}" >> "$GITHUB_ENV" - uses: gr2m/create-or-update-pull-request-action@86ec1766034c8173518f61d2075cc2a173fb8c97 # v1.9.4 if: github.event_name == 'schedule' || inputs.id == 'all' || inputs.id == matrix.id # Creates a PR or update the Action's existing PR, or # no-op if the base branch is already up-to-date. env: GITHUB_TOKEN: ${{ secrets.GH_USER_TOKEN }} with: author: Node.js GitHub Bot body: This is an automated update of ${{ matrix.id }} to ${{ env.NEW_VERSION }}. branch: actions/tools-update-${{ matrix.id }} # Custom branch *just* for this Action. commit-message: ${{ env.COMMIT_MSG }} labels: ${{ matrix.label }} title: '${{ matrix.subsystem }}: update ${{ matrix.id }} to ${{ env.NEW_VERSION }}' update-pull-request-title-and-body: true