From cdc7174ff9ffc8234f16304762cc76c6294a2a2b Mon Sep 17 00:00:00 2001 From: Ismo Vuorinen Date: Mon, 12 May 2025 01:11:48 +0300 Subject: [PATCH] chore: update workflows, linting, configs --- .editorconfig | 20 ++-- .github/CODE_OF_CONDUCT.md | 138 ++++++++++++++++++-------- .github/workflows/codeql.yml | 46 +++++++++ .github/workflows/pr-lint.yml | 30 ++++-- .github/workflows/release-drafter.yml | 14 --- .github/workflows/stale.yml | 13 ++- .github/workflows/sync-labels.yml | 36 +++++-- .markdownlint.json | 13 +++ .mega-linter.yml | 35 +++++++ .pre-commit-config.yaml | 63 ++++++++++++ .shellcheckrc | 1 + .yamlignore | 0 .yamllint.yml | 13 +++ LICENSE.md | 2 +- 14 files changed, 331 insertions(+), 93 deletions(-) create mode 100644 .github/workflows/codeql.yml delete mode 100644 .github/workflows/release-drafter.yml create mode 100644 .markdownlint.json create mode 100644 .mega-linter.yml create mode 100644 .pre-commit-config.yaml create mode 100644 .shellcheckrc create mode 100644 .yamlignore create mode 100644 .yamllint.yml diff --git a/.editorconfig b/.editorconfig index a007838..8ef3473 100644 --- a/.editorconfig +++ b/.editorconfig @@ -10,20 +10,12 @@ max_line_length = 160 tab_width = 2 trim_trailing_whitespace = true -[{*.php,*.json}] -indent_size = 4 -max_line_length = 110 -tab_width = 4 - -[{*.http,*.rest}] -indent_size = 0 - -[{*.markdown,*.md}] -indent_size = 4 -tab_width = 4 +[{*.md}] +indent_size = 2 +tab_width = 2 +max_line_length = 160 +trim_trailing_whitespace = false [{*.mk,GNUmakefile,makefile}] tab_width = 4 - -[{*.tf,*.tfvars}] -tab_width = 4 +indent_style = tab diff --git a/.github/CODE_OF_CONDUCT.md b/.github/CODE_OF_CONDUCT.md index f9edea6..2d86e93 100644 --- a/.github/CODE_OF_CONDUCT.md +++ b/.github/CODE_OF_CONDUCT.md @@ -2,92 +2,144 @@ ## 1. Purpose -A primary goal of @ivuorinen's repositories is to be inclusive to the largest number of contributors, with the most varied and diverse backgrounds possible. As such, we are committed to providing a friendly, safe and welcoming environment for all, regardless of gender, sexual orientation, ability, ethnicity, socioeconomic status, and religion (or lack thereof). +A primary goal of @ivuorinen's repositories is to be inclusive to the largest +number of contributors, with the most varied and diverse backgrounds possible. +As such, we are committed to providing a friendly, safe and welcoming +environment for all, regardless of gender, sexual orientation, ability, +ethnicity, socioeconomic status, and religion (or lack thereof). -This code of conduct outlines our expectations for all those who participate in our community, as well as the consequences for unacceptable behavior. +This code of conduct outlines our expectations for all those who participate in +our community, as well as the consequences for unacceptable behavior. -We invite all those who participate in @ivuorinen's repositories to help us create safe and positive experiences for everyone. +We invite all those who participate in @ivuorinen's repositories to help us +create safe and positive experiences for everyone. ## 2. Open [Source/Culture/Tech] Citizenship -A supplemental goal of this Code of Conduct is to increase open [source/culture/tech] citizenship by encouraging participants to recognize and strengthen the relationships between our actions and their effects on our community. +A supplemental goal of this Code of Conduct is to increase +open [source/culture/tech] citizenship by encouraging participants to recognize +and strengthen the relationships between our actions and their effects on our +community. -Communities mirror the societies in which they exist and positive action is essential to counteract the many forms of inequality and abuses of power that exist in society. +Communities mirror the societies in which they exist and positive action is +essential to counteract the many forms of inequality and abuses of power that +exist in society. -If you see someone who is making an extra effort to ensure our community is welcoming, friendly, and encourages all participants to contribute to the fullest extent, we want to know. +If you see someone who is making an extra effort to ensure our community is +welcoming, friendly, and encourages all participants to contribute to the +fullest extent, we want to know. ## 3. Expected Behavior The following behaviors are expected and requested of all community members: - * Participate in an authentic and active way. In doing so, you contribute to the health and longevity of this community. - * Exercise consideration and respect in your speech and actions. - * Attempt collaboration before conflict. - * Refrain from demeaning, discriminatory, or harassing behavior and speech. - * Be mindful of your surroundings and of your fellow participants. Alert community leaders if you notice a dangerous situation, someone in distress, or violations of this Code of Conduct, even if they seem inconsequential. - * Remember that community event venues may be shared with members of the public; please be respectful to all patrons of these locations. +* Participate in an authentic and active way. In doing so, you contribute to the + health and longevity of this community. +* Exercise consideration and respect in your speech and actions. +* Attempt collaboration before conflict. +* Refrain from demeaning, discriminatory, or harassing behavior and speech. +* Be mindful of your surroundings and of your fellow participants. Alert + community leaders if you notice a dangerous situation, someone in distress, or + violations of this Code of Conduct, even if they seem inconsequential. +* Remember that community event venues may be shared with members of the public; + please be respectful to all patrons of these locations. ## 4. Unacceptable Behavior -The following behaviors are considered harassment and are unacceptable within our community: +The following behaviors are considered harassment and are unacceptable within +our community: - * Violence, threats of violence or violent language directed against another person. - * Sexist, racist, homophobic, transphobic, ableist or otherwise discriminatory jokes and language. - * Posting or displaying sexually explicit or violent material. - * Posting or threatening to post other people's personally identifying information ("doxing"). - * Personal insults, particularly those related to gender, sexual orientation, race, religion, or disability. - * Inappropriate photography or recording. - * Inappropriate physical contact. You should have someone's consent before touching them. - * Unwelcome sexual attention. This includes, sexualized comments or jokes; inappropriate touching, groping, and unwelcomed sexual advances. - * Deliberate intimidation, stalking or following (online or in person). - * Advocating for, or encouraging, any of the above behavior. - * Sustained disruption of community events, including talks and presentations. +* Violence, threats of violence or violent language directed against another + person. +* Sexist, racist, homophobic, transphobic, ableist or otherwise discriminatory + jokes and language. +* Posting or displaying sexually explicit or violent material. +* Posting or threatening to post other people's personally identifying + information ("doxing"). +* Personal insults, particularly those related to gender, sexual orientation, + race, religion, or disability. +* Inappropriate photography or recording. +* Inappropriate physical contact. You should have someone's consent before + touching them. +* Unwelcome sexual attention. This includes, sexualized comments or jokes; + inappropriate touching, groping, and unwelcomed sexual advances. +* Deliberate intimidation, stalking or following (online or in person). +* Advocating for, or encouraging, any of the above behavior. +* Sustained disruption of community events, including talks and presentations. ## 5. Weapons Policy -No weapons will be allowed at @ivuorinen's repositories events, community spaces, or in other spaces covered by the scope of this Code of Conduct. Weapons include but are not limited to guns, explosives (including fireworks), and large knives such as those used for hunting or display, as well as any other item used for the purpose of causing injury or harm to others. Anyone seen in possession of one of these items will be asked to leave immediately, and will only be allowed to return without the weapon. Community members are further expected to comply with all state and local laws on this matter. +No weapons will be allowed at @ivuorinen's repositories events, community +spaces, or in other spaces covered by the scope of this Code of Conduct. Weapons +include but are not limited to guns, explosives (including fireworks), and large +knives such as those used for hunting or display, as well as any other item used +for the purpose of causing injury or harm to others. Anyone seen in possession +of one of these items will be asked to leave immediately, and will only be +allowed to return without the weapon. Community members are further expected to +comply with all state and local laws on this matter. ## 6. Consequences of Unacceptable Behavior -Unacceptable behavior from any community member, including sponsors and those with decision-making authority, will not be tolerated. +Unacceptable behavior from any community member, including sponsors and those +with decision-making authority, will not be tolerated. Anyone asked to stop unacceptable behavior is expected to comply immediately. -If a community member engages in unacceptable behavior, the community organizers may take any action they deem appropriate, up to and including a temporary ban or permanent expulsion from the community without warning (and without refund in the case of a paid event). +If a community member engages in unacceptable behavior, the community organizers +may take any action they deem appropriate, up to and including a temporary ban +or permanent expulsion from the community without warning (and without refund in +the case of a paid event). ## 7. Reporting Guidelines -If you are subject to or witness unacceptable behavior, or have any other concerns, please notify a community organizer as soon as possible. ismo@ivuorinen.net. +If you are subject to or witness unacceptable behavior, or have any other +concerns, please notify a community organizer as soon as possible: + - - -Additionally, community organizers are available to help community members engage with local law enforcement or to otherwise help those experiencing unacceptable behavior feel safe. In the context of in-person events, organizers will also provide escorts as desired by the person experiencing distress. +Additionally, community organizers are available to help community members +engage with local law enforcement or to otherwise help those experiencing +unacceptable behavior feel safe. In the context of in-person events, organizers +will also provide escorts as desired by the person experiencing distress. ## 8. Addressing Grievances -If you feel you have been falsely or unfairly accused of violating this Code of Conduct, you should notify @ivuorinen with a concise description of your grievance. Your grievance will be handled in accordance with our existing governing policies. +If you feel you have been falsely or unfairly accused of violating this Code of +Conduct, you should notify @ivuorinen with a concise description of your +grievance. Your grievance will be handled in accordance with our existing +governing policies. ## 9. Scope -We expect all community participants (contributors, paid or otherwise; sponsors; and other guests) to abide by this Code of Conduct in all community venues--online and in-person--as well as in all one-on-one communications pertaining to community business. +We expect all community participants (contributors, paid or otherwise; sponsors; +and other guests) to abide by this Code of Conduct in all community +venues--online and in-person--as well as in all one-on-one communications +pertaining to community business. -This code of conduct and its related procedures also applies to unacceptable behavior occurring outside the scope of community activities when such behavior has the potential to adversely affect the safety and well-being of community members. +This code of conduct and its related procedures also applies to unacceptable +behavior occurring outside the scope of community activities when such behavior +has the potential to adversely affect the safety and well-being of community +members. ## 10. Contact info @ivuorinen -ismo@ivuorinen.net + ## 11. License and attribution -The Citizen Code of Conduct is distributed by [Stumptown Syndicate](http://stumptownsyndicate.org) under a [Creative Commons Attribution-ShareAlike license](http://creativecommons.org/licenses/by-sa/3.0/). +The Citizen Code of Conduct is distributed by [Stumptown Syndicate][stumptown] +under a [Creative Commons Attribution-ShareAlike license][cc-by-sa]. -Portions of text derived from the [Django Code of Conduct](https://www.djangoproject.com/conduct/) and the [Geek Feminism Anti-Harassment Policy](http://geekfeminism.wikia.com/wiki/Conference_anti-harassment/Policy). +Portions of text derived from the [Django Code of Conduct][django] and +the [Geek Feminism Anti-Harassment Policy][geek-feminism]. -_Revision 2.3. Posted 6 March 2017._ +* _Revision 2.3. Posted 6 March 2017._ +* _Revision 2.2. Posted 4 February 2016._ +* _Revision 2.1. Posted 23 June 2014._ +* _Revision 2.0, adopted by the [Stumptown Syndicate][stumptown] board on 10 + January 2013. Posted 17 March 2013._ -_Revision 2.2. Posted 4 February 2016._ - -_Revision 2.1. Posted 23 June 2014._ - -_Revision 2.0, adopted by the [Stumptown Syndicate](http://stumptownsyndicate.org) board on 10 January 2013. Posted 17 March 2013._ +[stumptown]: https://github.com/stumpsyn +[cc-by-sa]: https://creativecommons.org/licenses/by-sa/3.0/ +[django]: https://www.djangoproject.com/conduct/ +[geek-feminism]: http://geekfeminism.wikia.com/wiki/Conference_anti-harassment/Policy diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 0000000..9238c16 --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,46 @@ +--- +# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json +name: 'CodeQL' + +on: + push: + branches: ['main'] + pull_request: + branches: ['main'] + schedule: + - cron: '30 1 * * 0' # Run at 1:30 AM UTC every Sunday + merge_group: + +permissions: + actions: read + contents: read + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + permissions: + security-events: write + + strategy: + fail-fast: false + matrix: + language: ['javascript'] # Add languages used in your actions + + steps: + - name: Checkout repository + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + + - name: Initialize CodeQL + uses: github/codeql-action/init@60168efe1c415ce0f5521ea06d5c2062adbeed1b # v3.28.17 + with: + languages: ${{ matrix.language }} + queries: security-and-quality + + - name: Autobuild + uses: github/codeql-action/autobuild@60168efe1c415ce0f5521ea06d5c2062adbeed1b # v3.28.17 + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@60168efe1c415ce0f5521ea06d5c2062adbeed1b # v3.28.17 + with: + category: '/language:${{matrix.language}}' diff --git a/.github/workflows/pr-lint.yml b/.github/workflows/pr-lint.yml index f4f8670..6d2e7c3 100644 --- a/.github/workflows/pr-lint.yml +++ b/.github/workflows/pr-lint.yml @@ -1,18 +1,30 @@ --- -name: PR Lint +# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json +name: Lint Code Base on: push: - branches-ignore: [master, main] - # Remove the line above to run when pushing to master + branches: [master, main] pull_request: branches: [master, main] -permissions: - contents: read - packages: read - statuses: write +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +permissions: read-all jobs: - SuperLinter: - uses: ivuorinen/.github/.github/workflows/pr-lint.yml@main + Linter: + name: PR Lint + runs-on: ubuntu-latest + timeout-minutes: 15 + permissions: + statuses: write + contents: read + packages: read + + steps: + - name: Run PR Lint + # https://github.com/ivuorinen/actions + uses: ivuorinen/actions/pr-lint@2be873ebc893ab669d11d1848e5bddfe1cb9f828 # 25.5.5 diff --git a/.github/workflows/release-drafter.yml b/.github/workflows/release-drafter.yml deleted file mode 100644 index 02bb9ce..0000000 --- a/.github/workflows/release-drafter.yml +++ /dev/null @@ -1,14 +0,0 @@ ---- -name: Release Drafter - -# yamllint disable-line rule:truthy -on: - workflow_call: - -permissions: - contents: write - statuses: write - -jobs: - Draft: - uses: ivuorinen/.github/.github/workflows/sync-labels.yml@main diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 2055b92..aaff26e 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -1,19 +1,26 @@ --- +# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json name: Stale -# yamllint disable-line rule:truthy on: schedule: - - cron: "0 8 * * *" + - cron: '0 8 * * *' # Every day at 08:00 workflow_call: workflow_dispatch: +permissions: + contents: read + packages: read + statuses: read + jobs: stale: + name: 🧹 Clean up stale issues and PRs runs-on: ubuntu-latest + permissions: contents: write # only for delete-branch option issues: write pull-requests: write steps: - - uses: ivuorinen/actions/stale@main + - uses: ivuorinen/actions/stale@2be873ebc893ab669d11d1848e5bddfe1cb9f828 # 25.5.5 diff --git a/.github/workflows/sync-labels.yml b/.github/workflows/sync-labels.yml index e5e2001..ed17e1c 100644 --- a/.github/workflows/sync-labels.yml +++ b/.github/workflows/sync-labels.yml @@ -1,23 +1,41 @@ --- -name: Sync labels +# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json +name: Sync Labels -# yamllint disable-line rule:truthy on: push: branches: - main + - master paths: - - .github/workflows/sync-labels.yml - - .github/labels.yml + - '.github/labels.yml' + - '.github/workflows/sync-labels.yml' schedule: - - cron: "34 5 * * *" + - cron: '34 5 * * *' # Run every day at 05:34 AM UTC workflow_call: workflow_dispatch: + merge_group: + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +permissions: read-all jobs: - SyncLabels: - permissions: - issues: write + labels: + name: ♻️ Sync Labels runs-on: ubuntu-latest + timeout-minutes: 10 + + permissions: + contents: read + issues: write + steps: - - uses: ivuorinen/actions/sync-labels@main + - name: ⤵️ Checkout Repository + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + - name: ⤵️ Sync Latest Labels Definitions + uses: ivuorinen/actions/sync-labels@2be873ebc893ab669d11d1848e5bddfe1cb9f828 # 25.5.5 diff --git a/.markdownlint.json b/.markdownlint.json new file mode 100644 index 0000000..3de10f3 --- /dev/null +++ b/.markdownlint.json @@ -0,0 +1,13 @@ +{ + "default": true, + "MD013": { + "line_length": 200, + "code_blocks": false, + "tables": false + }, + "MD024": { + "siblings_only": true + }, + "MD033": false, + "MD041": false +} diff --git a/.mega-linter.yml b/.mega-linter.yml new file mode 100644 index 0000000..82e546d --- /dev/null +++ b/.mega-linter.yml @@ -0,0 +1,35 @@ +--- +# Configuration file for MegaLinter +# See all available variables at +# https://megalinter.io/configuration/ and in linters documentation + +APPLY_FIXES: all +SHOW_ELAPSED_TIME: false # Show elapsed time at the end of MegaLinter run +PARALLEL: true +VALIDATE_ALL_CODEBASE: true +FILEIO_REPORTER: false # Generate file.io report +GITHUB_STATUS_REPORTER: true # Generate GitHub status report +IGNORE_GENERATED_FILES: true # Ignore generated files +JAVASCRIPT_DEFAULT_STYLE: prettier # Default style for JavaScript +PRINT_ALPACA: false # Print Alpaca logo in console +SARIF_REPORTER: true # Generate SARIF report +SHOW_SKIPPED_LINTERS: false # Show skipped linters in MegaLinter log + +DISABLE_LINTERS: + - REPOSITORY_DEVSKIM + +ENABLE_LINTERS: + - YAML_YAMLLINT + - MARKDOWN_MARKDOWNLINT + - YAML_PRETTIER + - JSON_PRETTIER + - JAVASCRIPT_ES + - TYPESCRIPT_ES + +YAML_YAMLLINT_CONFIG_FILE: .yamllint.yml +MARKDOWN_MARKDOWNLINT_CONFIG_FILE: .markdownlint.json +JAVASCRIPT_ES_CONFIG_FILE: .eslintrc.json +TYPESCRIPT_ES_CONFIG_FILE: .eslintrc.json + +FILTER_REGEX_EXCLUDE: > + (node_modules|\.automation/test|docs/json-schemas|\.github/workflows) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 0000000..ccfa22d --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,63 @@ +--- +repos: + - repo: https://github.com/pre-commit/pre-commit-hooks + rev: v5.0.0 + hooks: + - id: requirements-txt-fixer + - id: detect-private-key + - id: trailing-whitespace + args: [--markdown-linebreak-ext=md] + - id: check-case-conflict + - id: check-merge-conflict + - id: check-executables-have-shebangs + - id: check-shebang-scripts-are-executable + - id: check-symlinks + - id: check-toml + - id: check-xml + - id: check-yaml + args: [--allow-multiple-documents] + - id: end-of-file-fixer + - id: mixed-line-ending + args: [--fix=auto] + - id: pretty-format-json + args: [--autofix, --no-sort-keys] + + - repo: https://github.com/igorshubovych/markdownlint-cli + rev: v0.44.0 + hooks: + - id: markdownlint + args: [-c, .markdownlint.json, --fix] + + - repo: https://github.com/adrienverge/yamllint + rev: v1.37.0 + hooks: + - id: yamllint + + - repo: https://github.com/scop/pre-commit-shfmt + rev: v3.11.0-1 + hooks: + - id: shfmt + + - repo: https://github.com/koalaman/shellcheck-precommit + rev: v0.10.0 + hooks: + - id: shellcheck + args: ['--severity=warning'] + + - repo: https://github.com/rhysd/actionlint + rev: v1.7.7 + hooks: + - id: actionlint + args: ['-shellcheck='] + + - repo: https://github.com/renovatebot/pre-commit-hooks + rev: 39.227.2 + hooks: + - id: renovate-config-validator + + - repo: https://github.com/bridgecrewio/checkov.git + rev: '3.2.400' + hooks: + - id: checkov + args: + - '--quiet' diff --git a/.shellcheckrc b/.shellcheckrc new file mode 100644 index 0000000..b430800 --- /dev/null +++ b/.shellcheckrc @@ -0,0 +1 @@ +disable=SC2129 diff --git a/.yamlignore b/.yamlignore new file mode 100644 index 0000000..e69de29 diff --git a/.yamllint.yml b/.yamllint.yml new file mode 100644 index 0000000..065bc60 --- /dev/null +++ b/.yamllint.yml @@ -0,0 +1,13 @@ +--- +extends: default + +rules: + line-length: + max: 200 + level: warning + truthy: + check-keys: false + comments: + min-spaces-from-content: 1 + trailing-spaces: + level: warning diff --git a/LICENSE.md b/LICENSE.md index bffa737..8d1507b 100644 --- a/LICENSE.md +++ b/LICENSE.md @@ -1,6 +1,6 @@ MIT License -Copyright (c) 2024 Ismo Vuorinen +Copyright (c) 2025 Ismo Vuorinen Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal