fix: update dependency @angular/compiler to v21.0.3 #4943
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow is used to augment the capabilities of the renovate GitHub app by running a full | |
| # `nx migrate` when renovate opens a PR to change the version of @nx/workspace. | |
| # | |
| # You will therefore also notice that in the renovate configuration, we ignore any packages which | |
| # Nx will manage for us as part of `nx migrate` such as the remaining @nx/* packages. | |
| name: Nx Migrate | |
| on: | |
| # NOTE: Never use pull_request_target here because that would populate secrets for forks | |
| # Renovate creates branches directly on the main repo and acts like a trusted contributor | |
| pull_request: | |
| branches: [main] | |
| paths: | |
| - 'pnpm-workspace.yaml' | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.event.number || github.ref }} | |
| cancel-in-progress: true | |
| # Minimal permissions by default | |
| permissions: | |
| contents: read | |
| jobs: | |
| maybe_nx_migrate: | |
| # Only run if it was the renovate bot that triggered the workflow (otherwise we'll create a loop) | |
| if: contains('["renovate[bot]"]', github.actor) == true | |
| name: Run nx migrate if required | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v6 | |
| with: | |
| # To allow us to perform the git diff we need the git history | |
| fetch-depth: 0 | |
| # To ensure we can push from a different user (and therefore cause actions to rerun) | |
| persist-credentials: false | |
| - name: Check if @nx/workspace was changed as part of the latest commit on the PR | |
| id: relevant-packages-check | |
| uses: ./.github/actions/check-package-changes | |
| with: | |
| packages: | | |
| @nx/workspace:.catalog["@nx/workspace"] | |
| - uses: pnpm/action-setup@v4 | |
| if: ${{ steps.relevant-packages-check.outputs.was-changed == 'true' }} | |
| name: Install pnpm | |
| with: | |
| run_install: false | |
| - name: Install Node.js per package.json | |
| if: ${{ steps.relevant-packages-check.outputs.was-changed == 'true' }} | |
| uses: actions/setup-node@v6 | |
| with: | |
| # Use the volta.node property as the source of truth | |
| node-version-file: 'package.json' | |
| cache: 'pnpm' | |
| - name: Run nx migrate if @nx/workspace changed and commit the results | |
| if: ${{ steps.relevant-packages-check.outputs.was-changed == 'true' }} | |
| env: | |
| # We cannot use secrets.GITHUB_TOKEN for this because it is not permitted to kick off subsequent actions workflow runs, so we use a fine-grained PAT instead | |
| GITHUB_TOKEN: ${{ secrets.GH_FINE_GRAINED_PAT }} | |
| # We don't want to run any of our postinstall logic when Nx is invoking install behind the scenes | |
| SKIP_POSTINSTALL: 'true' | |
| run: | | |
| # Checkout the PR branch using the github CLI | |
| gh pr checkout ${{ github.event.pull_request.number }} | |
| # Get the version of Nx we are migrating to from the pnpm-workspace.yaml catalog | |
| NX_VERSION=$(yq eval '.catalogs.default["@nx/workspace"] // .catalog["@nx/workspace"]' pnpm-workspace.yaml) | |
| # Revert renovate's changes to pnpm-workspace.yaml and pnpm-lock.yaml so that it is a clean migrate from the status quo | |
| git checkout HEAD~1 -- pnpm-workspace.yaml pnpm-lock.yaml | |
| # We need to expect lock file changes to be applicable | |
| pnpm install --ignore-scripts --frozen-lockfile=false | |
| pnpm nx migrate $NX_VERSION | |
| # Sometimes Nx can require config formatting changes after a migrate command | |
| # We need to expect lock file changes to be applicable | |
| pnpm install --ignore-scripts --frozen-lockfile=false | |
| pnpm nx format | |
| # migrations.json may or may not exist after running nx migrate | |
| if [ -f migrations.json ]; then | |
| pnpm nx migrate --run-migrations=migrations.json | |
| # After we have run its migrations, we no longer need the migrations.json file | |
| rm migrations.json | |
| fi | |
| # Ensure all the changed files are formatted appropriately | |
| pnpm format | |
| # Commit all the changes to the PR (see note on not being able to use secrets.GITHUB_TOKEN for this) | |
| git config --global user.email "james@henry.sc" | |
| git config --global user.name "JamesHenry" | |
| git remote set-url origin https://x-access-token:$GITHUB_TOKEN@github.com/$GITHUB_REPOSITORY.git | |
| git add --all | |
| # Only commit and push if there are changes (nx migrate may be a no-op) | |
| if git diff --cached --quiet; then | |
| echo "No changes to commit after nx migrate" | |
| else | |
| git commit -m "chore: run nx migrate for nx v$NX_VERSION" | |
| git push | |
| fi |