WordPress.org
Get WordPress

Make WordPress Core


Ignore:
Timestamp:
09/16/2025 12:24:22 AM (8 months ago)
Author:
desrosj
Message:

Build/Test Tools: Improve certificate-related build scripts.

Because an exact version is pinned for composer/ca-bundle, the composer update command cannot update the dependency to the latest version. The command also does not work for a single dependency due to the fact that Composer has been configured not to generate a composer.lock file.

This updates the Grunt task to determine the new version using composer outdated before running composer require composer/ca-bundle:NEW_VERSION --dev to properly update the pinned version.

This also updates the build process test workflow to confirm that the certificate-related files under version control in src/wp-includes/certificates are up to date.

Props johnbillion.
Fixes #63939.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/.github/workflows/reusable-test-core-build-process.yml

    r60692 r60765  
    1818        default: 'src'
    1919      test-emoji:
    20         description: 'Whether to run the grunt precommit:emoji script.'
     20        description: 'Whether to run the precommit:emoji Grunt script.'
    2121        required: false
    2222        type: 'boolean'
    2323        default: true
     24      test-certificates:
     25        description: 'Whether to run the certificate related Grunt scripts.'
     26        required: false
     27        type: 'boolean'
     28        default: false
    2429      save-build:
    2530        description: 'Whether to save a ZIP of built WordPress as an artifact.'
     
    7075          persist-credentials: false
    7176
     77      # This date is used to ensure that the PHPCS cache is cleared at least once every week.
     78      # http://man7.org/linux/man-pages/man1/date.1.html
     79      - name: "Get last Monday's date"
     80        id: get-date
     81        if: ${{ inputs.test-certificates }}
     82        run: echo "date=$(/bin/date -u --date='last Mon' "+%F")" >> "$GITHUB_OUTPUT"
     83
     84      # Since Composer dependencies are installed using `composer update` and no lock file is in version control,
     85      # passing a custom cache suffix ensures that the cache is flushed at least once per week.
     86      - name: Install Composer dependencies
     87        if: ${{ inputs.test-certificates }}
     88        uses: ramsey/composer-install@3cf229dc2919194e9e36783941438d17239e8520 # v3.1.1
     89        with:
     90          custom-cache-suffix: ${{ steps.get-date.outputs.date }}
     91
    7292      - name: Set up Node.js
    7393        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
     
    91111        env:
    92112          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
     113
     114      - name: Ensure certificates files are updated
     115        if: ${{ inputs.test-certificates }}
     116        run: npm run grunt copy:certificates && npm run grunt build:certificates
    93117
    94118      - name: Build WordPress to run from ${{ inputs.directory }}
Note: See TracChangeset for help on using the changeset viewer.