mirror of
https://github.com/ivuorinen/everforest-resources.git
synced 2026-01-26 11:13:59 +00:00
309f9b02ee
Coming soon: The Renovate bot (GitHub App) will be renamed to Mend. PRs from Renovate will soon appear from 'Mend'. Learn more [here](https://redirect.github.com/renovatebot/renovate/discussions/37842). This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github/codeql-action](https://redirect.github.com/github/codeql-action) | action | patch | `v3.30.3` -> `v3.30.5` | --- ### Release Notes <details> <summary>github/codeql-action (github/codeql-action)</summary> ### [`v3.30.5`](https://redirect.github.com/github/codeql-action/releases/tag/v3.30.5) [Compare Source](https://redirect.github.com/github/codeql-action/compare/v3.30.4...v3.30.5) ##### CodeQL Action Changelog See the [releases page](https://redirect.github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. ##### 3.30.5 - 26 Sep 2025 - We fixed a bug that was introduced in `3.30.4` with `upload-sarif` which resulted in files without a `.sarif` extension not getting uploaded. [#​3160](https://redirect.github.com/github/codeql-action/pull/3160) See the full [CHANGELOG.md](https://redirect.github.com/github/codeql-action/blob/v3.30.5/CHANGELOG.md) for more information. ### [`v3.30.4`](https://redirect.github.com/github/codeql-action/releases/tag/v3.30.4) [Compare Source](https://redirect.github.com/github/codeql-action/compare/v3.30.3...v3.30.4) ##### CodeQL Action Changelog See the [releases page](https://redirect.github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. ##### 3.30.4 - 25 Sep 2025 - We have improved the CodeQL Action's ability to validate that the workflow it is used in does not use different versions of the CodeQL Action for different workflow steps. Mixing different versions of the CodeQL Action in the same workflow is unsupported and can lead to unpredictable results. A warning will now be emitted from the `codeql-action/init` step if different versions of the CodeQL Action are detected in the workflow file. Additionally, an error will now be thrown by the other CodeQL Action steps if they load a configuration file that was generated by a different version of the `codeql-action/init` step. [#​3099](https://redirect.github.com/github/codeql-action/pull/3099) and [#​3100](https://redirect.github.com/github/codeql-action/pull/3100) - We added support for reducing the size of dependency caches for Java analyses, which will reduce cache usage and speed up workflows. This will be enabled automatically at a later time. [#​3107](https://redirect.github.com/github/codeql-action/pull/3107) - You can now run the latest CodeQL nightly bundle by passing `tools: nightly` to the `init` action. In general, the nightly bundle is unstable and we only recommend running it when directed by GitHub staff. [#​3130](https://redirect.github.com/github/codeql-action/pull/3130) - Update default CodeQL bundle version to 2.23.1. [#​3118](https://redirect.github.com/github/codeql-action/pull/3118) See the full [CHANGELOG.md](https://redirect.github.com/github/codeql-action/blob/v3.30.4/CHANGELOG.md) for more information. </details> --- ### Configuration 📅 **Schedule**: Branch creation - At 12:00 AM through 04:59 AM and 10:00 PM through 11:59 PM, Monday through Friday ( * 0-4,22-23 * * 1-5 ), Only on Sunday and Saturday ( * * * * 0,6 ) in timezone Europe/Helsinki, Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/ivuorinen/everforest-resources). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQxLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJyZW5vdmF0ZS9naXRodWItYWN0aW9uIiwicmVub3ZhdGUvZ2l0aHViLXJlbGVhc2UiLCJ0eXBlL3BhdGNoIl19--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
196 lines
5.5 KiB
YAML
196 lines
5.5 KiB
YAML
name: CI
|
|
|
|
on:
|
|
push:
|
|
branches: [main, develop]
|
|
pull_request:
|
|
branches: [main]
|
|
|
|
jobs:
|
|
lint:
|
|
name: Lint Check
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
|
|
|
|
- name: Setup Node.js
|
|
uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
|
|
with:
|
|
node-version-file: ".nvmrc"
|
|
cache: "npm"
|
|
|
|
- name: Install dependencies
|
|
run: npm ci
|
|
|
|
- name: Run Biome linting
|
|
run: npm run lint
|
|
|
|
generate:
|
|
name: Generate Themes
|
|
runs-on: ubuntu-latest
|
|
needs: lint
|
|
steps:
|
|
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
|
|
|
|
- name: Setup Node.js
|
|
uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
|
|
with:
|
|
node-version-file: ".nvmrc"
|
|
cache: "npm"
|
|
|
|
- name: Install dependencies
|
|
run: npm ci
|
|
|
|
- name: Generate themes
|
|
run: npm run generate
|
|
|
|
- name: Validate generated themes
|
|
run: npm run validate
|
|
|
|
- name: Check for uncommitted changes
|
|
run: |
|
|
if [[ -n $(git status --porcelain) ]]; then
|
|
echo "❌ Generated files are not up to date!"
|
|
echo "Please run 'npm run generate' and commit the changes."
|
|
git status --porcelain
|
|
exit 1
|
|
fi
|
|
echo "✅ All generated files are up to date"
|
|
|
|
test:
|
|
name: Test Web Components & Snapshots
|
|
runs-on: ubuntu-latest
|
|
needs: generate
|
|
steps:
|
|
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
|
|
|
|
- name: Setup Node.js
|
|
uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
|
|
with:
|
|
node-version-file: ".nvmrc"
|
|
cache: "npm"
|
|
|
|
- name: Install dependencies
|
|
run: npm ci
|
|
|
|
- name: Install Playwright browsers
|
|
run: npx playwright install --with-deps
|
|
|
|
- name: Generate themes
|
|
run: npm run generate
|
|
|
|
- name: Run Playwright e2e tests
|
|
run: npm run test:e2e
|
|
|
|
- name: Generate snapshots
|
|
run: make snapshots
|
|
|
|
- name: Upload Playwright report
|
|
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
|
|
if: always()
|
|
with:
|
|
name: playwright-report
|
|
path: playwright-report/
|
|
retention-days: 30
|
|
|
|
verify-installation:
|
|
name: Verify Installation Scripts
|
|
runs-on: ${{ matrix.os }}
|
|
needs: generate
|
|
strategy:
|
|
matrix:
|
|
os: [ubuntu-latest, macos-latest]
|
|
steps:
|
|
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
|
|
|
|
- name: Setup Node.js
|
|
uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
|
|
with:
|
|
node-version-file: ".nvmrc"
|
|
cache: "npm"
|
|
|
|
- name: Install dependencies
|
|
run: npm ci
|
|
|
|
- name: Generate themes
|
|
run: npm run generate
|
|
|
|
- name: Test installation script (dry run)
|
|
run: ./install.sh --dry-run
|
|
|
|
- name: Test variant switching
|
|
run: |
|
|
./install.sh --dry-run --variant dark-hard
|
|
./install.sh --dry-run --variant light-medium
|
|
|
|
- name: Test category installation
|
|
run: |
|
|
./install.sh --dry-run terminals
|
|
./install.sh --dry-run cli
|
|
./install.sh --dry-run editors
|
|
|
|
security:
|
|
name: Security Scan
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
|
|
|
|
- name: Run Trivy vulnerability scanner
|
|
uses: aquasecurity/trivy-action@master
|
|
with:
|
|
scan-type: "fs"
|
|
scan-ref: "."
|
|
format: "sarif"
|
|
output: "trivy-results.sarif"
|
|
|
|
- name: Upload Trivy scan results to GitHub Security tab
|
|
uses: github/codeql-action/upload-sarif@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.30.5
|
|
with:
|
|
sarif_file: "trivy-results.sarif"
|
|
|
|
build-stats:
|
|
name: Build Statistics
|
|
runs-on: ubuntu-latest
|
|
needs: generate
|
|
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
|
|
steps:
|
|
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
|
|
|
|
- name: Setup Node.js
|
|
uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
|
|
with:
|
|
node-version-file: ".nvmrc"
|
|
cache: "npm"
|
|
|
|
- name: Install dependencies
|
|
run: npm ci
|
|
|
|
- name: Generate themes
|
|
run: npm run generate
|
|
|
|
- name: Calculate statistics
|
|
run: |
|
|
echo "## 📊 Build Statistics" >> $GITHUB_STEP_SUMMARY
|
|
echo "" >> $GITHUB_STEP_SUMMARY
|
|
|
|
# Count generated files
|
|
TOTAL_FILES=$(find . -name "*-dark-*" -o -name "*-light-*" | wc -l)
|
|
echo "- **Generated files**: $TOTAL_FILES" >> $GITHUB_STEP_SUMMARY
|
|
|
|
# Count templates
|
|
TEMPLATES=$(find . -name "template.*" | wc -l)
|
|
echo "- **Templates**: $TEMPLATES" >> $GITHUB_STEP_SUMMARY
|
|
|
|
# Count tools
|
|
CLI_TOOLS=$(ls -1 cli/ | grep -v install.sh | wc -l)
|
|
TERMINALS=$(ls -1 terminals/ | wc -l)
|
|
EDITORS=$(ls -1 editors/ | wc -l)
|
|
|
|
echo "- **CLI tools**: $CLI_TOOLS" >> $GITHUB_STEP_SUMMARY
|
|
echo "- **Terminals**: $TERMINALS" >> $GITHUB_STEP_SUMMARY
|
|
echo "- **Editors**: $EDITORS" >> $GITHUB_STEP_SUMMARY
|
|
|
|
# File sizes
|
|
TOTAL_SIZE=$(du -sh . | cut -f1)
|
|
echo "- **Total size**: $TOTAL_SIZE" >> $GITHUB_STEP_SUMMARY
|