Update NodeJS dependencies for security patches #334
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and Test Extension - CodeQL Development MCP Server | |
| on: | |
| pull_request: | |
| branches: ['main', 'next'] | |
| paths: | |
| - '.github/workflows/build-and-test-extension.yml' | |
| - '.node-version' | |
| - 'extensions/vscode/**' | |
| - 'server/dist/**' | |
| - 'server/ql/*/tools/src/**' | |
| - 'server/src/**' | |
| push: | |
| branches: ['main', 'next'] | |
| paths: | |
| - '.github/workflows/build-and-test-extension.yml' | |
| - '.node-version' | |
| - 'extensions/vscode/**' | |
| - 'server/dist/**' | |
| - 'server/ql/*/tools/src/**' | |
| - 'server/src/**' | |
| workflow_dispatch: | |
| permissions: | |
| contents: read | |
| jobs: | |
| build-and-test-extension: | |
| name: Build and Test Extension | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 | |
| - name: Setup Node.js environment | |
| uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6 | |
| with: | |
| cache: 'npm' | |
| node-version-file: '.node-version' | |
| - name: Install dependencies | |
| run: npm ci --include=optional | |
| - name: Build server (dependency) | |
| run: npm run build -w server | |
| - name: Run extension unit tests with coverage | |
| working-directory: extensions/vscode | |
| run: npm run test:coverage | |
| - name: Bundle extension and server | |
| working-directory: extensions/vscode | |
| run: | | |
| npm run clean | |
| npm run lint | |
| npm run bundle | |
| npm run bundle:server | |
| - name: Setup CodeQL environment for integration tests | |
| uses: ./.github/actions/setup-codeql-environment | |
| with: | |
| add-to-path: 'true' | |
| install-language-runtimes: 'false' | |
| - name: Cache VS Code for integration tests | |
| uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5 | |
| with: | |
| key: vscode-test-${{ runner.os }}-stable | |
| path: extensions/vscode/.vscode-test | |
| - name: Download VS Code for integration tests | |
| working-directory: extensions/vscode | |
| run: npm run download:vscode | |
| - name: Run Extension Host integration tests | |
| working-directory: extensions/vscode | |
| run: xvfb-run -a npm run test:integration | |
| - name: Verify VSIX packaging | |
| working-directory: extensions/vscode | |
| run: | | |
| VERSION=$(node -e "console.log(require('./package.json').version)") | |
| npx @vscode/vsce package --no-dependencies --out "codeql-development-mcp-server-v${VERSION}.vsix" | |
| - name: Verify VSIX contents | |
| working-directory: extensions/vscode | |
| run: | | |
| echo "## VSIX Contents" >> $GITHUB_STEP_SUMMARY | |
| echo '```' >> $GITHUB_STEP_SUMMARY | |
| npx @vscode/vsce ls --no-dependencies --tree 2>&1 | head -50 >> $GITHUB_STEP_SUMMARY | |
| echo '```' >> $GITHUB_STEP_SUMMARY | |
| - name: Check for uncommitted changes | |
| run: | | |
| if [ -n "$(git status --porcelain)" ]; then | |
| echo "❌ Uncommitted changes detected after build:" | |
| git status --porcelain | |
| git diff | |
| exit 1 | |
| else | |
| echo "✅ No uncommitted changes after build" | |
| fi | |
| - name: Summary | |
| run: | | |
| echo "## Build and Test Extension Summary" >> $GITHUB_STEP_SUMMARY | |
| echo "✅ ESLint checks completed" >> $GITHUB_STEP_SUMMARY | |
| echo "✅ Unit tests passed with coverage" >> $GITHUB_STEP_SUMMARY | |
| echo "✅ Extension bundled successfully" >> $GITHUB_STEP_SUMMARY | |
| echo "✅ Server bundled into extension" >> $GITHUB_STEP_SUMMARY | |
| echo "✅ Extension Host integration tests passed" >> $GITHUB_STEP_SUMMARY | |
| echo "✅ VSIX packaging verified" >> $GITHUB_STEP_SUMMARY | |
| echo "✅ No uncommitted changes detected" >> $GITHUB_STEP_SUMMARY |