twenty/.github/workflows/ci-utils.yaml

name: CI Utils
on:
  # it's usually not recommended to use pull_request_target
  # but we consider it's safe here if we keep the same steps
  # see: https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
  # and: https://github.com/facebook/react-native/pull/34370/files
  pull_request_target:
permissions:
  actions: write
  checks: write
  contents: write
  issues: write
  pull-requests: write
  statuses: write
concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

jobs:
  danger-js:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - name: Install dependencies
        uses: ./.github/workflows/actions/yarn-install
      - name: Utils / Run Danger.js
        run: cd packages/twenty-utils && npx nx danger:ci
        env:
          DANGER_GITHUB_API_TOKEN: ${{ github.token }}