From cb08c6f8f928a66b1fdc145b1b7da8306e06411a Mon Sep 17 00:00:00 2001 From: Nick Alteen Date: Mon, 27 Nov 2023 23:29:54 -0500 Subject: [PATCH 01/11] Group dependabot updates --- .github/dependabot.yml | 35 ++++++++++++++++++++++++++++++----- 1 file changed, 30 insertions(+), 5 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 84da8d0..3276bbb 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,11 +1,36 @@ version: 2 updates: - - package-ecosystem: github-actions - directory: / - schedule: - interval: weekly - - package-ecosystem: docker directory: / schedule: interval: weekly + groups: + docker-minor: + update-types: + - minor + - patch + + - package-ecosystem: github-actions + directory: / + schedule: + interval: weekly + groups: + actions-minor: + update-types: + - minor + - patch + + - package-ecosystem: npm + directory: / + schedule: + interval: weekly + groups: + npm-development: + dependency-type: development + update-types: + - minor + - patch + npm-production: + dependency-type: production + update-types: + - patch From dad0344519a70c741f61fdbe9de609fd310c0190 Mon Sep 17 00:00:00 2001 From: Nick Alteen Date: Mon, 27 Nov 2023 23:30:06 -0500 Subject: [PATCH 02/11] Add node version file --- .github/workflows/ci.yml | 2 +- .github/workflows/linter.yml | 2 +- .node-version | 1 + 3 files changed, 3 insertions(+), 2 deletions(-) create mode 100644 .node-version diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ea44f8f..3bcc2d0 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -22,7 +22,7 @@ jobs: id: setup-node uses: actions/setup-node@v4 with: - node-version: 20 + node-version-file: .node-version cache: npm - name: Install Dependencies diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml index 29131a5..be95aa4 100644 --- a/.github/workflows/linter.yml +++ b/.github/workflows/linter.yml @@ -27,7 +27,7 @@ jobs: id: setup-node uses: actions/setup-node@v4 with: - node-version: 20 + node-version-file: .node-version cache: npm - name: Install Dependencies diff --git a/.node-version b/.node-version new file mode 100644 index 0000000..1cc433a --- /dev/null +++ b/.node-version @@ -0,0 +1 @@ +20.6.0 From 8e320a85d3991f99aa0ca49b24e9324a79e264d8 Mon Sep 17 00:00:00 2001 From: Nick Alteen Date: Mon, 27 Nov 2023 23:30:45 -0500 Subject: [PATCH 03/11] Expand comments --- .github/workflows/check-dist.yml | 35 ++++++++++++++++---------------- 1 file changed, 17 insertions(+), 18 deletions(-) diff --git a/.github/workflows/check-dist.yml b/.github/workflows/check-dist.yml index 74c8dca..e2b58de 100644 --- a/.github/workflows/check-dist.yml +++ b/.github/workflows/check-dist.yml @@ -1,23 +1,19 @@ -# In TypeScript actions, `dist/index.js` is a special file. When you reference -# an action with `uses:`, `dist/index.js` is the code that will be run. For this -# project, the `dist/index.js` file is generated from other source files through -# the build process. We need to make sure that the checked-in `dist/index.js` -# file matches what is expected from the build. +# In TypeScript actions, `dist/` is a special directory. When you reference +# an action with the `uses:` property, `dist/index.js` is the code that will be +# run. For this project, the `dist/index.js` file is transpiled from other +# source files. This workflow ensures the `dist/` directory contains the +# expected transpiled code. # -# This workflow will fail if the checked-in `dist/index.js` file does not match -# what is expected from the build. -name: Check dist/ +# If this workflow is run from a feature branch, it will act as an additional CI +# check and fail if the checked-in `dist/` directory does not match what is +# expected from the build. +name: Check Transpiled JavaScript on: push: branches: - main - paths-ignore: - - '**.md' pull_request: - paths-ignore: - - '**.md' - workflow_dispatch: jobs: check-dist: @@ -47,7 +43,8 @@ jobs: id: build run: npm run bundle - - name: Compare Expected and Actual Directories + # This will fail the workflow if the PR wasn't created by Dependabot. + - name: Compare Directories id: diff run: | if [ "$(git diff --ignore-space-at-eol --text dist/ | wc -l)" -gt "0" ]; then @@ -56,10 +53,12 @@ jobs: exit 1 fi - # If index.js was different than expected, upload the expected version as - # a workflow artifact. - - uses: actions/upload-artifact@v3 - if: ${{ failure() && steps.diff.conclusion == 'failure' }} + # If `dist/` was different than expected, and this was not a Dependabot + # PR, upload the expected version as a workflow artifact. + - if: ${{ failure() && steps.diff.outcome == 'failure' }} + name: Upload Artifact + id: upload + uses: actions/upload-artifact@v3 with: name: dist path: dist/ From 344c5604d466c859fd97b7663c72c45e9729ee50 Mon Sep 17 00:00:00 2001 From: Nick Alteen Date: Mon, 27 Nov 2023 23:30:57 -0500 Subject: [PATCH 04/11] remove unused permission --- .github/workflows/check-dist.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/check-dist.yml b/.github/workflows/check-dist.yml index e2b58de..fe38cfd 100644 --- a/.github/workflows/check-dist.yml +++ b/.github/workflows/check-dist.yml @@ -22,7 +22,6 @@ jobs: permissions: contents: read - statuses: write steps: - name: Checkout From fbfc0c437f9975f4b8c9a254b868fe67935988d3 Mon Sep 17 00:00:00 2001 From: Nick Alteen Date: Mon, 27 Nov 2023 23:31:13 -0500 Subject: [PATCH 05/11] Add node version file reference --- .github/workflows/check-dist.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/check-dist.yml b/.github/workflows/check-dist.yml index fe38cfd..27586c9 100644 --- a/.github/workflows/check-dist.yml +++ b/.github/workflows/check-dist.yml @@ -29,9 +29,10 @@ jobs: uses: actions/checkout@v4 - name: Setup Node.js + id: setup-node uses: actions/setup-node@v4 with: - node-version: 20 + node-version-file: .node-version cache: npm - name: Install Dependencies From cf162e750265fdd9058fb9ca0cb2042e11ca072f Mon Sep 17 00:00:00 2001 From: Nick Alteen Date: Mon, 27 Nov 2023 23:34:26 -0500 Subject: [PATCH 06/11] remove trigger filter --- .github/workflows/ci.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 3bcc2d0..a84b0c1 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -2,8 +2,6 @@ name: Continuous Integration on: pull_request: - branches: - - main push: branches: - main From c76358b2b088e80be54c19157db24cf047d11c20 Mon Sep 17 00:00:00 2001 From: Nick Alteen Date: Mon, 27 Nov 2023 23:42:44 -0500 Subject: [PATCH 07/11] Move permissions --- .github/workflows/check-dist.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/check-dist.yml b/.github/workflows/check-dist.yml index 27586c9..f849ed3 100644 --- a/.github/workflows/check-dist.yml +++ b/.github/workflows/check-dist.yml @@ -15,14 +15,14 @@ on: - main pull_request: +permissions: + contents: read + jobs: check-dist: name: Check dist/ runs-on: ubuntu-latest - permissions: - contents: read - steps: - name: Checkout id: checkout From 86cbec52428b178600c95d61d17ed289346846ce Mon Sep 17 00:00:00 2001 From: Nick Alteen Date: Mon, 27 Nov 2023 23:42:50 -0500 Subject: [PATCH 08/11] Add permissions --- .github/workflows/ci.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index a84b0c1..70d5273 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -6,6 +6,9 @@ on: branches: - main +permissions: + contents: read + jobs: test-typescript: name: TypeScript Tests From 99566ee1b9a7a8cabdc3d38616b95313a5b1bed9 Mon Sep 17 00:00:00 2001 From: Nick Alteen Date: Mon, 27 Nov 2023 23:43:00 -0500 Subject: [PATCH 09/11] Clean grammar and permissions --- .github/workflows/linter.yml | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml index be95aa4..5b7c856 100644 --- a/.github/workflows/linter.yml +++ b/.github/workflows/linter.yml @@ -1,23 +1,20 @@ -name: Lint Code Base +name: Lint Codebase on: pull_request: - branches: - - main push: branches: - main +permissions: + contents: read + packages: read + jobs: lint: - name: Lint Code Base + name: Lint Codebase runs-on: ubuntu-latest - permissions: - contents: read - packages: read - statuses: write - steps: - name: Checkout id: checkout @@ -34,7 +31,7 @@ jobs: id: install run: npm ci - - name: Lint Code Base + - name: Lint Codebase id: super-linter uses: super-linter/super-linter/slim@v5 env: From 1bd8f3bbdd31e85a9597d76f517453ec216c7ce3 Mon Sep 17 00:00:00 2001 From: Nick Alteen Date: Mon, 27 Nov 2023 23:43:34 -0500 Subject: [PATCH 10/11] remove permission --- .github/workflows/linter.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml index 5b7c856..dcff5e4 100644 --- a/.github/workflows/linter.yml +++ b/.github/workflows/linter.yml @@ -8,7 +8,6 @@ on: permissions: contents: read - packages: read jobs: lint: From 553c41dd4ab3b95e5858a2c123dec30d8b9cb5b4 Mon Sep 17 00:00:00 2001 From: Nick Alteen Date: Fri, 1 Dec 2023 09:11:13 -0500 Subject: [PATCH 11/11] Add missing perms --- .github/workflows/linter.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml index dcff5e4..dafff7b 100644 --- a/.github/workflows/linter.yml +++ b/.github/workflows/linter.yml @@ -8,6 +8,8 @@ on: permissions: contents: read + packages: read + statuses: write jobs: lint: