dependabot[bot]
ed0ba3f1dc
build(deps): bump actions/checkout from 5.0.0 to 6.0.0 ( #6928 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 5.0.0 to 6.0.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](08c6903cd8...1af3b93b68support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-01 13:13:45 +01:00
dependabot[bot]
8eace4603c
build(deps): bump github/codeql-action from 4.31.2 to 4.31.6 ( #6929 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 4.31.2 to 4.31.6.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](0499de31b9...fe4161a26asupport@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-01 13:12:52 +01:00
dependabot[bot]
30bae81027
build(deps): bump coverallsapp/github-action from 2.3.6 to 2.3.7 ( #6930 )
...
Bumps [coverallsapp/github-action](https://github.com/coverallsapp/github-action ) from 2.3.6 to 2.3.7.
- [Release notes](https://github.com/coverallsapp/github-action/releases )
- [Commits](648a8eb78e...5cbfd81b66support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-01 13:12:08 +01:00
dependabot[bot]
4453d83cca
build(deps): bump actions/upload-artifact from 4.6.2 to 5.0.0 ( #6868 )
...
ci / Lint (push) Has been cancelled
ci / Node.js ${{ matrix.node-version }} - ${{matrix.os}} (18, ubuntu-latest) (push) Has been cancelled
ci / Node.js ${{ matrix.node-version }} - ${{matrix.os}} (18, windows-latest) (push) Has been cancelled
ci / Node.js ${{ matrix.node-version }} - ${{matrix.os}} (19, ubuntu-latest) (push) Has been cancelled
ci / Node.js ${{ matrix.node-version }} - ${{matrix.os}} (19, windows-latest) (push) Has been cancelled
ci / Node.js ${{ matrix.node-version }} - ${{matrix.os}} (20, ubuntu-latest) (push) Has been cancelled
ci / Node.js ${{ matrix.node-version }} - ${{matrix.os}} (20, windows-latest) (push) Has been cancelled
ci / Node.js ${{ matrix.node-version }} - ${{matrix.os}} (21, ubuntu-latest) (push) Has been cancelled
ci / Node.js ${{ matrix.node-version }} - ${{matrix.os}} (21, windows-latest) (push) Has been cancelled
ci / Node.js ${{ matrix.node-version }} - ${{matrix.os}} (22, ubuntu-latest) (push) Has been cancelled
ci / Node.js ${{ matrix.node-version }} - ${{matrix.os}} (22, windows-latest) (push) Has been cancelled
ci / Node.js ${{ matrix.node-version }} - ${{matrix.os}} (23, ubuntu-latest) (push) Has been cancelled
ci / Node.js ${{ matrix.node-version }} - ${{matrix.os}} (23, windows-latest) (push) Has been cancelled
ci / Node.js ${{ matrix.node-version }} - ${{matrix.os}} (24, ubuntu-latest) (push) Has been cancelled
ci / Node.js ${{ matrix.node-version }} - ${{matrix.os}} (24, windows-latest) (push) Has been cancelled
ci / Node.js ${{ matrix.node-version }} - ${{matrix.os}} (25, ubuntu-latest) (push) Has been cancelled
ci / Node.js ${{ matrix.node-version }} - ${{matrix.os}} (25, windows-latest) (push) Has been cancelled
CodeQL / Analyze (actions) (push) Has been cancelled
CodeQL / Analyze (javascript) (push) Has been cancelled
legacy / Node.js ${{ matrix.node-version }} - ${{matrix.os}} (16, ubuntu-latest) (push) Has been cancelled
legacy / Node.js ${{ matrix.node-version }} - ${{matrix.os}} (16, windows-latest) (push) Has been cancelled
legacy / Node.js ${{ matrix.node-version }} - ${{matrix.os}} (17, ubuntu-latest) (push) Has been cancelled
legacy / Node.js ${{ matrix.node-version }} - ${{matrix.os}} (17, windows-latest) (push) Has been cancelled
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
ci / coverage (push) Has been cancelled
legacy / coverage (push) Has been cancelled
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-01 10:46:37 +01:00
dependabot[bot]
db507669ca
build(deps): bump github/codeql-action from 3.30.5 to 4.31.2 ( #6869 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-01 10:45:51 +01:00
dependabot[bot]
374fc1a0f9
build(deps): bump actions/setup-node from 5.0.0 to 6.0.0 ( #6870 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-01 10:45:07 +01:00
dependabot[bot]
1b196c8b82
build(deps): bump actions/download-artifact from 5.0.0 to 6.0.0 ( #6871 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-01 10:44:12 +01:00
Phillip Barta
64e7373d69
ci: add node.js 25 to test matrix ( #6843 )
2025-10-16 13:51:39 +02:00
dependabot[bot]
e4fb370ad8
build(deps): bump actions/download-artifact from 4.3.0 to 5.0.0 ( #6793 )
...
ci / Lint (push) Has been cancelled
ci / Node.js ${{ matrix.node-version }} - ${{matrix.os}} (18, ubuntu-latest) (push) Has been cancelled
ci / Node.js ${{ matrix.node-version }} - ${{matrix.os}} (18, windows-latest) (push) Has been cancelled
ci / Node.js ${{ matrix.node-version }} - ${{matrix.os}} (19, ubuntu-latest) (push) Has been cancelled
ci / Node.js ${{ matrix.node-version }} - ${{matrix.os}} (19, windows-latest) (push) Has been cancelled
ci / Node.js ${{ matrix.node-version }} - ${{matrix.os}} (20, ubuntu-latest) (push) Has been cancelled
ci / Node.js ${{ matrix.node-version }} - ${{matrix.os}} (20, windows-latest) (push) Has been cancelled
ci / Node.js ${{ matrix.node-version }} - ${{matrix.os}} (21, ubuntu-latest) (push) Has been cancelled
ci / Node.js ${{ matrix.node-version }} - ${{matrix.os}} (21, windows-latest) (push) Has been cancelled
ci / Node.js ${{ matrix.node-version }} - ${{matrix.os}} (22, ubuntu-latest) (push) Has been cancelled
ci / Node.js ${{ matrix.node-version }} - ${{matrix.os}} (22, windows-latest) (push) Has been cancelled
ci / Node.js ${{ matrix.node-version }} - ${{matrix.os}} (23, ubuntu-latest) (push) Has been cancelled
ci / Node.js ${{ matrix.node-version }} - ${{matrix.os}} (23, windows-latest) (push) Has been cancelled
ci / Node.js ${{ matrix.node-version }} - ${{matrix.os}} (24, ubuntu-latest) (push) Has been cancelled
ci / Node.js ${{ matrix.node-version }} - ${{matrix.os}} (24, windows-latest) (push) Has been cancelled
CodeQL / Analyze (actions) (push) Has been cancelled
CodeQL / Analyze (javascript) (push) Has been cancelled
legacy / Node.js ${{ matrix.node-version }} - ${{matrix.os}} (16, ubuntu-latest) (push) Has been cancelled
legacy / Node.js ${{ matrix.node-version }} - ${{matrix.os}} (16, windows-latest) (push) Has been cancelled
legacy / Node.js ${{ matrix.node-version }} - ${{matrix.os}} (17, ubuntu-latest) (push) Has been cancelled
legacy / Node.js ${{ matrix.node-version }} - ${{matrix.os}} (17, windows-latest) (push) Has been cancelled
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
ci / coverage (push) Has been cancelled
legacy / coverage (push) Has been cancelled
Bumps [actions/download-artifact](https://github.com/actions/download-artifact ) from 4.3.0 to 5.0.0.
- [Release notes](https://github.com/actions/download-artifact/releases )
- [Commits](d3f86a106a...634f93cb29support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-10-03 14:44:02 +02:00
dependabot[bot]
60d4c16cc9
build(deps): bump actions/setup-node from 4.4.0 to 5.0.0 ( #6794 )
...
Bumps [actions/setup-node](https://github.com/actions/setup-node ) from 4.4.0 to 5.0.0.
- [Release notes](https://github.com/actions/setup-node/releases )
- [Commits](49933ea528...a0853c2454support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-10-03 14:43:54 +02:00
dependabot[bot]
9e6760e186
build(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 ( #6795 )
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.4.2 to 2.4.3.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](05b42c6244...4eaacf0543support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-10-03 14:43:45 +02:00
dependabot[bot]
ffa89f2ccf
build(deps): bump github/codeql-action from 3.29.7 to 3.30.5 ( #6796 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.29.7 to 3.30.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](51f77329af...3599b3baa1support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-10-03 14:40:08 +02:00
dependabot[bot]
b9b9f52b2f
build(deps): bump actions/checkout from 4.2.2 to 5.0.0 ( #6797 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.2.2 to 5.0.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](11bd71901b...08c6903cd8support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-10-03 14:34:25 +02:00
dependabot[bot]
2eb42059f3
build(deps): bump github/codeql-action from 3.29.2 to 3.29.5 ( #6675 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.29.2 to 3.29.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](181d5eefc2...51f77329afsupport@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: bjohansebas <103585995+bjohansebas@users.noreply.github.com >
2025-09-14 09:39:32 -05:00
Sebastian Beltran
ef5f2e13ef
ci: run CI when the markdown changes ( #6632 )
2025-07-15 21:27:50 -05:00
dependabot[bot]
7a9311216a
build(deps): bump github/codeql-action from 3.28.18 to 3.29.2 ( #6618 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.28.18 to 3.29.2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](ff0a06e83c...181d5eefc2support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-07-09 10:27:41 +02:00
dependabot[bot]
a039e49175
build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 ( #6548 )
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.4.1 to 2.4.2.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](f49aabe0b5...05b42c6244support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-06-18 23:36:52 +02:00
dependabot[bot]
ffc562c7d1
build(deps): bump github/codeql-action from 3.28.16 to 3.28.18 ( #6549 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.28.16 to 3.28.18.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](28deaeda66...ff0a06e83csupport@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-06-18 23:36:20 +02:00
Shivam Sharma
fedd60e642
ci: allow manual triggering of workflow ( #6515 )
2025-05-28 19:16:44 -05:00
Mert Şişmanoğlu
99a0bd3354
ci: disable credential persistence for checkout actions ( #6522 )
...
Signed-off-by: Mert Şişmanoğlu <mertssmnoglu@gmail.com >
2025-05-28 18:55:05 -05:00
Phillip Barta
9784321e89
ci: update codeql config ( #6488 )
2025-05-09 15:29:27 +02:00
Phillip Barta
ee1ef41bd3
ci: add node.js 24 to test matrix ( #6504 )
2025-05-07 21:08:25 -05:00
dependabot[bot]
1ca803dd55
build(deps): bump actions/download-artifact from 4.2.1 to 4.3.0 ( #6496 )
...
Bumps [actions/download-artifact](https://github.com/actions/download-artifact ) from 4.2.1 to 4.3.0.
- [Release notes](https://github.com/actions/download-artifact/releases )
- [Commits](95815c38cf...d3f86a106asupport@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-05-05 23:02:23 +02:00
dependabot[bot]
73555815b9
build(deps): bump actions/setup-node from 4.3.0 to 4.4.0 ( #6497 )
...
Bumps [actions/setup-node](https://github.com/actions/setup-node ) from 4.3.0 to 4.4.0.
- [Release notes](https://github.com/actions/setup-node/releases )
- [Commits](cdca7365b2...49933ea528support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-05-05 23:02:09 +02:00
dependabot[bot]
a1161b4686
build(deps): bump github/codeql-action from 3.28.13 to 3.28.16 ( #6498 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.28.13 to 3.28.16.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](1b549b9259...28deaeda66support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-05-05 23:01:58 +02:00
dependabot[bot]
fa40ecfe76
build(deps): bump github/codeql-action from 3.28.11 to 3.28.13 ( #6429 )
2025-04-04 21:53:14 -05:00
Phillip9587
7b44e1d850
ci: use full SHAs for github action versions
...
Ref: https://github.com/expressjs/security-wg/issues/2
2025-03-27 15:46:29 +01:00
dependabot[bot]
29d09803c1
build(deps): bump ossf/scorecard-action from 2.4.0 to 2.4.1 ( #6397 )
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.4.0 to 2.4.1.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](62b2cac7ed...f49aabe0b5support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-03-18 17:12:20 +01:00
dependabot[bot]
1d63162dbf
build(deps): bump github/codeql-action from 3.24.7 to 3.28.11 ( #6398 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.24.7 to 3.28.11.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v3.24.7...6bb031afdd8eb862ea3fc1848194185e076637e5 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-03-18 17:11:59 +01:00
Sebastian Beltran
4a2175dfc9
fix dependabot config ( #6392 )
2025-03-16 17:44:57 -05:00
Ulises Gascón
0bb00e1906
ci: add dependabot ( #5435 )
...
Co-authored-by: Shivam Sharma <meshivam81@gmail.com >
Co-authored-by: Sebastian Beltran <bjohansebas@gmail.com >
2025-03-11 22:50:59 +01:00
Phillip Barta
ae6a4621bc
fix(ci): updated scorecard actions ( #6322 )
2025-02-05 11:40:08 -06:00
Phillip Barta
8d39345902
fix(ci): fix npm install --include typo ( #6324 )
2025-02-05 11:25:48 -06:00
Phillip Barta
a5cb681eb8
ci: updated github actions ci workflow ( #6314 )
2025-02-05 13:27:59 +01:00
Ulises Gascón
ff86319ed5
ci: add support for OSSF scorecard reporting ( #5431 )
2025-01-15 07:39:30 +01:00
Hamir Mahal
1c5cf0fead
refactor: remove Invalid action input
2025-01-14 13:01:39 -06:00
Sebastian Beltran
ab02240336
build: Node.js 23.0 ( #6075 )
2024-10-20 19:25:56 +02:00
ctcpip
6c98f80b6a
🔧 update CI, remove unsupported versions, clean up
2024-09-09 21:49:35 -05:00
ctcpip
63992bb1d7
Merge branch 'ci/v5-node-lts' into 5-merge
2024-08-02 16:24:55 -05:00
ctcpip
ea49706052
Merge branch 'master' into 5-merge
2024-08-02 15:57:43 -05:00
ctcpip
9c756b0105
💚 remove node <11, all failing permanently now
2024-08-02 13:15:51 -05:00
Jon Church
f4bd86ed36
Replace Appveyor windows testing with GHA ( #5599 )
...
This PR moves us off of Appveyor for windows testing.
We are now doing windows/linux testing on GHA. With the exception of iojs, which we are only testing on Linux and have split out to it's own workflow.
We have also added npm-shrinkwrap.json to our gitignore, in order to not have to configure npm in CI to ignore it. If it's never checked in, it shouldn't exist in CI as you need to go out of your way to create it w/ npm.
2024-07-27 14:15:55 -04:00
ctcpip
c96c690dc0
Merge branch 'master' into 5.0
2024-07-25 16:55:48 -05:00
ctcpip
088856c3f8
💚 add legacy CI, clean up
2024-07-25 12:39:38 -05:00
Jon Church
4cf7eed927
remove minor version pinning from ci ( #5722 )
2024-06-26 18:23:19 -04:00
Jon Church
61421a8c0c
skip QUERY tests for Node 21 only, still not supported ( #5695 )
...
* skip QUERY tests for Node 21 only, still not supported
QUERY support has now landed in Node 22.2.0, but is still not supported
in 21.7.3
QUERY showed up in http.METHODS in 21.7.2. Only Node versions after that
will attempt to run tests for it, based on the way we dynamically test
members of the http.METHODS array from Node
* update CI to run on 21.7 and 22.2
2024-06-08 23:25:42 -04:00
Chris de Almeida
689073d657
✨ bring back query tests for node 21 ( #5690 )
2024-06-05 17:25:58 -04:00
Mert Can Altin
4b9cd2fd0e
add support Node.js@22 in the CI ( #5627 )
...
Co-authored-by: Mert Can Altin <mert.altin@trendyol.com >
2024-05-04 18:15:53 -04:00
Ulises Gascón
26e53f0fbc
ci: add CodeQL (SAST) ( #5433 )
...
PR-URL: https://github.com/expressjs/express/pull/5433
---------
Co-authored-by: Íñigo Marquínez Prado <25435858+inigomarquinez@users.noreply.github.com >
2024-04-17 15:13:07 +02:00
Ulises Gascón
e9bcdd399b
ci: adopt Node@18 as the minimum supported version
2024-04-11 19:16:20 +02:00
