This commit is contained in:
parent
eda8393b4b
commit
f4495c4e41
10 changed files with 135 additions and 2 deletions
60
.forgejo/workflows/deploy.yml
Normal file
60
.forgejo/workflows/deploy.yml
Normal file
|
|
@ -0,0 +1,60 @@
|
||||||
|
on:
|
||||||
|
push:
|
||||||
|
branches:
|
||||||
|
- master
|
||||||
|
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
deploy:
|
||||||
|
runs-on: arch
|
||||||
|
steps:
|
||||||
|
- name: Check out repository code
|
||||||
|
uses: actions/checkout@v3
|
||||||
|
- name: Deply if new version
|
||||||
|
run: |
|
||||||
|
echo ""
|
||||||
|
echo "Checking following projects:"
|
||||||
|
for f in *; do
|
||||||
|
[ -d "$f" ] && [ ! -L "$f" ] && [ ! "$f" = "base" ] && echo " * $f";
|
||||||
|
done
|
||||||
|
echo ""
|
||||||
|
|
||||||
|
echo "//registry.npmjs.org/:_authToken=${{ secrets.npmtoken }}" > ~/.npmrc
|
||||||
|
|
||||||
|
for f in *; do
|
||||||
|
[ ! -d "$f" ] || [ -L "$f" ] || [ "$f" = "base" ] && continue;
|
||||||
|
|
||||||
|
echo ""
|
||||||
|
echo "------------------------------------"
|
||||||
|
echo ""
|
||||||
|
echo "checking $f";
|
||||||
|
cd $f
|
||||||
|
|
||||||
|
CURR_VER="$(cat package.json | jq -r .name)_v$(cat package.json | jq -r .version)"
|
||||||
|
CURR_NAME="$(cat package.json | jq -r .name) v$(cat package.json | jq -r .version)"
|
||||||
|
|
||||||
|
echo "Checking https://git.nfp.is/api/v1/repos/${{ github.repository }}/releases for name ${CURR_NAME}"
|
||||||
|
|
||||||
|
if curl -s -X GET -H "Authorization: token ${{ secrets.deploytoken }}" https://git.nfp.is/api/v1/repos/${{ github.repository }}/releases | grep -o "\"name\":\"${CURR_NAME}\"" > /dev/null; then
|
||||||
|
echo "Skipping ${{ github.job }} since $CURR_NAME already exists";
|
||||||
|
cd ..
|
||||||
|
continue;
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "New release ${CURR_VER} found, beginning publishing"
|
||||||
|
|
||||||
|
cp ../LICENSE ./
|
||||||
|
cp ../README.md ./
|
||||||
|
|
||||||
|
echo "Creating ${CURR_VER} release on forgejo"
|
||||||
|
curl \
|
||||||
|
-X POST \
|
||||||
|
-H "Authorization: token ${{ secrets.deploytoken }}" \
|
||||||
|
-H "Content-Type: application/json" \
|
||||||
|
https://git.nfp.is/api/v1/repos/${{ github.repository }}/releases \
|
||||||
|
-d "{\"tag_name\":\"${CURR_VER}\",\"name\":\"${CURR_NAME}\",\"body\":\"Automatic release from CI from ${{ github.sha }} :\n\n${{ github.event.head_commit.message }}\"}" | jq
|
||||||
|
|
||||||
|
echo "Publishing new version to npm"
|
||||||
|
npm publish
|
||||||
|
cd ..
|
||||||
|
done
|
||||||
|
|
@ -1,3 +1,6 @@
|
||||||
# lodash-no-cve
|
# lodash.template/lodash.pick
|
||||||
|
|
||||||
Individual methods from lodash exposed except now with fixed audit
|
Both of npm's `lodash.template` and `lodash.pick` have CVE that makes audit angry.
|
||||||
|
Unfortunately neither have been updated.
|
||||||
|
|
||||||
|
This package provides either of `lodash.template` or `lodash.pick` with the latest version of lodash to fix audit errors.
|
||||||
|
|
|
||||||
1
pick/.npmrc
Normal file
1
pick/.npmrc
Normal file
|
|
@ -0,0 +1 @@
|
||||||
|
package-lock=false
|
||||||
3
pick/index.d.ts
vendored
Normal file
3
pick/index.d.ts
vendored
Normal file
|
|
@ -0,0 +1,3 @@
|
||||||
|
import _ from 'lodash'
|
||||||
|
|
||||||
|
export default _.pick
|
||||||
3
pick/index.js
Normal file
3
pick/index.js
Normal file
|
|
@ -0,0 +1,3 @@
|
||||||
|
const _ = require('lodash')
|
||||||
|
|
||||||
|
module.exports = _.pick
|
||||||
28
pick/package.json
Normal file
28
pick/package.json
Normal file
|
|
@ -0,0 +1,28 @@
|
||||||
|
{
|
||||||
|
"name": "lodash.pick.nocve",
|
||||||
|
"version": "4.17.21",
|
||||||
|
"description": "The lodash method _.pick exported as node.js module but without cve",
|
||||||
|
"main": "index.js",
|
||||||
|
"scripts": {
|
||||||
|
"test": "echo \"Error: no test specified\" && exit 1"
|
||||||
|
},
|
||||||
|
"repository": {
|
||||||
|
"type": "git",
|
||||||
|
"url": "https://git.nfp.is/TheThing/lodash-no-cve.git"
|
||||||
|
},
|
||||||
|
"keywords": [
|
||||||
|
"lodash",
|
||||||
|
"lodash.pick"
|
||||||
|
],
|
||||||
|
"author": "Jonatan Nilsson",
|
||||||
|
"license": "WTFPL",
|
||||||
|
"files": [
|
||||||
|
"index.js",
|
||||||
|
"index.d.ts",
|
||||||
|
"README.md",
|
||||||
|
"LICENSE"
|
||||||
|
],
|
||||||
|
"dependencies": {
|
||||||
|
"lodash": "4.17.21"
|
||||||
|
}
|
||||||
|
}
|
||||||
1
template/.npmrc
Normal file
1
template/.npmrc
Normal file
|
|
@ -0,0 +1 @@
|
||||||
|
package-lock=false
|
||||||
3
template/index.d.ts
vendored
Normal file
3
template/index.d.ts
vendored
Normal file
|
|
@ -0,0 +1,3 @@
|
||||||
|
import _ from 'lodash'
|
||||||
|
|
||||||
|
export default _.template
|
||||||
3
template/index.js
Normal file
3
template/index.js
Normal file
|
|
@ -0,0 +1,3 @@
|
||||||
|
const _ = require('lodash')
|
||||||
|
|
||||||
|
module.exports = _.template
|
||||||
28
template/package.json
Normal file
28
template/package.json
Normal file
|
|
@ -0,0 +1,28 @@
|
||||||
|
{
|
||||||
|
"name": "lodash.template.nocve",
|
||||||
|
"version": "4.17.21",
|
||||||
|
"description": "The lodash method _.template exported as node.js module but without cve",
|
||||||
|
"main": "index.js",
|
||||||
|
"scripts": {
|
||||||
|
"test": "echo \"Error: no test specified\" && exit 1"
|
||||||
|
},
|
||||||
|
"repository": {
|
||||||
|
"type": "git",
|
||||||
|
"url": "https://git.nfp.is/TheThing/lodash-no-cve.git"
|
||||||
|
},
|
||||||
|
"keywords": [
|
||||||
|
"lodash",
|
||||||
|
"lodash.template"
|
||||||
|
],
|
||||||
|
"author": "Jonatan Nilsson",
|
||||||
|
"license": "WTFPL",
|
||||||
|
"files": [
|
||||||
|
"index.js",
|
||||||
|
"index.d.ts",
|
||||||
|
"README.md",
|
||||||
|
"LICENSE"
|
||||||
|
],
|
||||||
|
"dependencies": {
|
||||||
|
"lodash": "4.17.21"
|
||||||
|
}
|
||||||
|
}
|
||||||
Loading…
Reference in a new issue