Merge branch 'main' into dependabot/npm_and_yarn/rollup-plugin-visual…

…izer-5.12.0

.github/CODEOWNERS

@@ -1 +1 @@
-*	@auth0/dx-sdks-engineer
+*	@auth0/project-dx-sdks-engineer-codeowner

.github/workflows/browserstack.yml

@@ -3,7 +3,7 @@ name: Browserstack
 on:
   merge_group:
   workflow_dispatch:
-  pull_request_target:
+  pull_request:
     types:
       - opened
       - synchronize
@@ -22,15 +22,8 @@ env:
   NODE_VERSION: 18
 
 jobs:
-  authorize:
-    name: Authorize
-    environment: ${{ github.actor != 'dependabot[bot]' && github.event_name == 'pull_request_target' && github.event.pull_request.head.repo.full_name != github.repository && 'external' || 'internal' }}
-    runs-on: ubuntu-latest
-    steps:
-      - run: true
 
   browserstack:
-    needs: authorize
 
     name: BrowserStack Tests
     runs-on: ubuntu-latest

.github/workflows/semgrep.yml

@@ -2,7 +2,7 @@ name: Semgrep
 
 on:
   merge_group:
-  pull_request_target:
+  pull_request:
     types:
       - opened
       - synchronize
@@ -20,15 +20,8 @@ concurrency:
   cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}
 
 jobs:
-  authorize:
-    name: Authorize
-    environment: ${{ github.actor != 'dependabot[bot]' && github.event_name == 'pull_request_target' && github.event.pull_request.head.repo.full_name != github.repository && 'external' || 'internal' }}
-    runs-on: ubuntu-latest
-    steps:
-      - run: true
 
   run:
-    needs: authorize # Require approval before running on forked pull requests
 
     name: Check for Vulnerabilities
     runs-on: ubuntu-latest

.github/workflows/snyk.yml

@@ -3,7 +3,7 @@ name: Snyk
 on:
   merge_group:
   workflow_dispatch:
-  pull_request_target:
+  pull_request:
     types:
       - opened
       - synchronize
@@ -21,15 +21,8 @@ concurrency:
   cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}
 
 jobs:
-  authorize:
-    name: Authorize
-    environment: ${{ github.actor != 'dependabot[bot]' && github.event_name == 'pull_request_target' && github.event.pull_request.head.repo.full_name != github.repository && 'external' || 'internal' }}
-    runs-on: ubuntu-latest
-    steps:
-      - run: true
 
   check:
-    needs: authorize
 
     name: Check for Vulnerabilities
     runs-on: ubuntu-latest

.github/workflows/test.yml

@@ -44,7 +44,7 @@ jobs:
           node: ${{ env.NODE_VERSION }}
 
       - name: Save build artifacts
-        uses: actions/cache/save@v3
+        uses: actions/cache/save@v4
         with:
           path: .
           key: ${{ env.CACHE_KEY }}
@@ -66,7 +66,7 @@ jobs:
           cache: 'npm'
 
       - name: Restore build artifacts
-        uses: actions/cache/restore@v3
+        uses: actions/cache/restore@v4
         with:
           path: .
           key: ${{ env.CACHE_KEY }}
@@ -75,7 +75,7 @@ jobs:
         run: npm run test -- --maxWorkers=2
 
       - name: Upload coverage
-        uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d # [email protected].4
+        uses: codecov/codecov-action@4fe8c5f003fae66aa5ebb77cfd3e7bfbbda0b6b0 # [email protected].5
   gatsby:
     needs: test
 

Jenkinsfile

@@ -1,6 +1,11 @@
+@Library('k8sAgents') agentLibrary
+@Library('auth0') _
+
 pipeline {
   agent {
-    label 'crew-brucke'
+    kubernetes {
+      yaml defaultAgent()
+    }
   }
 
   tools {
@@ -12,14 +17,6 @@ pipeline {
   }
 
   stages {
-    stage('SharedLibs') {
-      steps {
-        library identifier: 'auth0-jenkins-pipelines-library@master', retriever: modernSCM(
-          [$class: 'GitSCMSource',
-          remote: '[email protected]:auth0/auth0-jenkins-pipelines-library.git',
-          credentialsId: 'auth0extensions-ssh-key'])
-      }
-    }
     stage('Build') {
       steps {
         sshagent(['auth0extensions-ssh-key']) {