mirror of
https://github.com/ivuorinen/base-configs.git
synced 2026-01-26 03:03:59 +00:00
feat: release pipeline, packages, yarn upgrade
This commit is contained in:
18
.github/workflows/codeql-analysis.yml
vendored
18
.github/workflows/codeql-analysis.yml
vendored
@@ -1,14 +1,14 @@
|
|||||||
---
|
---
|
||||||
# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
|
# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
|
||||||
name: 'CodeQL'
|
name: "CodeQL"
|
||||||
|
|
||||||
on:
|
on:
|
||||||
push:
|
push:
|
||||||
branches: ['main']
|
branches: ["main"]
|
||||||
pull_request:
|
pull_request:
|
||||||
branches: ['main']
|
branches: ["main"]
|
||||||
schedule:
|
schedule:
|
||||||
- cron: '30 1 * * 0' # Run at 1:30 AM UTC every Sunday
|
- cron: "30 1 * * 0" # Run at 1:30 AM UTC every Sunday
|
||||||
merge_group:
|
merge_group:
|
||||||
|
|
||||||
permissions:
|
permissions:
|
||||||
@@ -25,22 +25,22 @@ jobs:
|
|||||||
strategy:
|
strategy:
|
||||||
fail-fast: false
|
fail-fast: false
|
||||||
matrix:
|
matrix:
|
||||||
language: ['javascript'] # Add languages used in your actions
|
language: ["go", "actions"] # Add languages used in your actions
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout repository
|
- name: Checkout repository
|
||||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||||
|
|
||||||
- name: Initialize CodeQL
|
- name: Initialize CodeQL
|
||||||
uses: github/codeql-action/init@fe4161a26a8629af62121b670040955b330f9af2 # v4.31.6
|
uses: github/codeql-action/init@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7
|
||||||
with:
|
with:
|
||||||
languages: ${{ matrix.language }}
|
languages: ${{ matrix.language }}
|
||||||
queries: security-and-quality
|
queries: security-and-quality
|
||||||
|
|
||||||
- name: Autobuild
|
- name: Autobuild
|
||||||
uses: github/codeql-action/autobuild@fe4161a26a8629af62121b670040955b330f9af2 # v4.31.6
|
uses: github/codeql-action/autobuild@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7
|
||||||
|
|
||||||
- name: Perform CodeQL Analysis
|
- name: Perform CodeQL Analysis
|
||||||
uses: github/codeql-action/analyze@fe4161a26a8629af62121b670040955b330f9af2 # v4.31.6
|
uses: github/codeql-action/analyze@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7
|
||||||
with:
|
with:
|
||||||
category: '/language:${{matrix.language}}'
|
category: "/language:${{matrix.language}}"
|
||||||
|
|||||||
37
.github/workflows/publish.yml
vendored
37
.github/workflows/publish.yml
vendored
@@ -1,3 +1,4 @@
|
|||||||
|
---
|
||||||
name: Publish
|
name: Publish
|
||||||
|
|
||||||
on:
|
on:
|
||||||
@@ -7,6 +8,9 @@ on:
|
|||||||
|
|
||||||
permissions: read-all
|
permissions: read-all
|
||||||
|
|
||||||
|
env:
|
||||||
|
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
Linter:
|
Linter:
|
||||||
name: Lint
|
name: Lint
|
||||||
@@ -14,15 +18,15 @@ jobs:
|
|||||||
timeout-minutes: 15
|
timeout-minutes: 15
|
||||||
permissions:
|
permissions:
|
||||||
statuses: write
|
statuses: write
|
||||||
contents: write
|
contents: read
|
||||||
packages: write
|
packages: read
|
||||||
issues: write
|
issues: write
|
||||||
pull-requests: write
|
pull-requests: write
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
- name: Run PR Lint
|
- name: Run PR Lint
|
||||||
# https://github.com/ivuorinen/actions
|
# https://github.com/ivuorinen/actions
|
||||||
uses: ivuorinen/actions/pr-lint@5cc7373a22402ee8985376bc713f00e09b5b2edb # v2025.11.23
|
uses: ivuorinen/actions/pr-lint@a52399cf74eac2b0963591ab2c6c8eb0f7f50b2d # v2025.12.06
|
||||||
|
|
||||||
publish:
|
publish:
|
||||||
name: Publish
|
name: Publish
|
||||||
@@ -33,7 +37,7 @@ jobs:
|
|||||||
contents: write # to be able to publish a GitHub release
|
contents: write # to be able to publish a GitHub release
|
||||||
issues: write # to be able to comment on released issues
|
issues: write # to be able to comment on released issues
|
||||||
pull-requests: write # to be able to comment on released pull requests
|
pull-requests: write # to be able to comment on released pull requests
|
||||||
id-token: write # to enable use of OIDC for trusted publishing and npm provenance
|
id-token: write # to enable use of OIDC for npm provenance
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
@@ -44,18 +48,29 @@ jobs:
|
|||||||
- name: Setup Node.js Environment
|
- name: Setup Node.js Environment
|
||||||
uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0
|
uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0
|
||||||
with:
|
with:
|
||||||
|
always-auth: true
|
||||||
node-version-file: ".nvmrc"
|
node-version-file: ".nvmrc"
|
||||||
registry-url: "https://registry.npmjs.org"
|
registry-url: "https://registry.npmjs.org"
|
||||||
scope: "@ivuorinen"
|
scope: "@ivuorinen"
|
||||||
|
|
||||||
- name: Install dependencies
|
- name: Install and enable corepack
|
||||||
run: yarn
|
shell: sh
|
||||||
|
run: npm install -g corepack --force && corepack enable
|
||||||
|
|
||||||
- name: Verify the integrity of provenance attestations and registry signatures for installed dependencies
|
- name: Cache Node Modules
|
||||||
run: yarn npm audit --environment production
|
uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
|
||||||
|
id: cache
|
||||||
|
with:
|
||||||
|
path: node_modules
|
||||||
|
key: node-modules-${{ hashFiles('**/yarn.lock') }}
|
||||||
|
|
||||||
- name: Release
|
- name: Install Dependencies
|
||||||
|
shell: bash
|
||||||
|
if: steps.cache.outputs.cache-hit != 'true'
|
||||||
|
run: yarn install
|
||||||
|
|
||||||
|
- name: Semantic Release
|
||||||
|
uses: cycjimmy/semantic-release-action@b12c8f6015dc215fe37bc154d4ad456dd3833c90 # v6.0.0
|
||||||
env:
|
env:
|
||||||
GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
|
GITHUB_TOKEN: ${{ secrets.PAT }}
|
||||||
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
|
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
|
||||||
run: yarn semantic-release
|
|
||||||
|
|||||||
2
.github/workflows/stale.yml
vendored
2
.github/workflows/stale.yml
vendored
@@ -23,4 +23,4 @@ jobs:
|
|||||||
issues: write
|
issues: write
|
||||||
pull-requests: write
|
pull-requests: write
|
||||||
steps:
|
steps:
|
||||||
- uses: ivuorinen/actions/stale@5cc7373a22402ee8985376bc713f00e09b5b2edb # v2025.11.23
|
- uses: ivuorinen/actions/stale@a52399cf74eac2b0963591ab2c6c8eb0f7f50b2d # v2025.12.06
|
||||||
|
|||||||
14
package.json
14
package.json
@@ -49,14 +49,14 @@
|
|||||||
"prettier:report": "./node_modules/.bin/prettier '**/*.{js,tsx,ts,json,mjs,cjs}' '.*.{js,mjs,cjs,json}' --check"
|
"prettier:report": "./node_modules/.bin/prettier '**/*.{js,tsx,ts,json,mjs,cjs}' '.*.{js,mjs,cjs,json}' --check"
|
||||||
},
|
},
|
||||||
"devDependencies": {
|
"devDependencies": {
|
||||||
"@ivuorinen/browserslist-config": "^0.4.19",
|
"@ivuorinen/browserslist-config": "^1.0.0",
|
||||||
"@ivuorinen/commitlint-config": "^0.3.12",
|
"@ivuorinen/commitlint-config": "^1.0.0",
|
||||||
"@ivuorinen/eslint-config": "^0.5.13",
|
"@ivuorinen/eslint-config": "^1.0.0",
|
||||||
"@ivuorinen/markdownlint-config": "^0.3.16",
|
"@ivuorinen/markdownlint-config": "^1.0.0",
|
||||||
"@ivuorinen/prettier-config": "^0.3.12",
|
"@ivuorinen/prettier-config": "^1.0.0",
|
||||||
"@ivuorinen/semantic-release-config": "^0.3.18",
|
"@ivuorinen/semantic-release-config": "^1.0.0",
|
||||||
"@types/node": "*",
|
"@types/node": "*",
|
||||||
"npm-run-all2": "^8.0.0",
|
"npm-run-all2": "^8.0.4",
|
||||||
"simple-git-hooks": "^2.13.1",
|
"simple-git-hooks": "^2.13.1",
|
||||||
"typescript": ">=4.2.0"
|
"typescript": ">=4.2.0"
|
||||||
},
|
},
|
||||||
|
|||||||
Reference in New Issue
Block a user