diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 00000000..ff58473a --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,12 @@ +version: 2 +updates: + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "weekly" + day: "monday" + - package-ecosystem: "npm" + directory: "/" + schedule: + interval: "weekly" + day: "monday" diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml new file mode 100644 index 00000000..5e4e8e0a --- /dev/null +++ b/.github/workflows/lint.yml @@ -0,0 +1,26 @@ +name: Linting + +on: + push: + branches: + - main + tags: + - '*' + pull_request: + branches: + - main + +permissions: + contents: read + +concurrency: + group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + linting: + name: "Linting" + uses: SocketDev/workflows/.github/workflows/reusable-base.yml@master + with: + no-lockfile: true + npm-test-script: 'check' diff --git a/.github/workflows/nodejs.yml b/.github/workflows/nodejs.yml new file mode 100644 index 00000000..fd2df3b6 --- /dev/null +++ b/.github/workflows/nodejs.yml @@ -0,0 +1,30 @@ +name: Node CI + +on: + push: + branches: + - main + tags: + - '*' + pull_request: + branches: + - main + +permissions: + contents: read + +concurrency: + group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + test: + name: "Tests" + uses: SocketDev/workflows/.github/workflows/reusable-base.yml@master + with: + no-lockfile: true + npm-test-script: 'test-ci' + node-versions: '20' + # We currently have some issues on Windows that will have to wait to be fixed + # os: 'ubuntu-latest,windows-latest' + os: 'ubuntu-latest' diff --git a/.github/workflows/provenance.yml b/.github/workflows/provenance.yml new file mode 100644 index 00000000..098fa2d2 --- /dev/null +++ b/.github/workflows/provenance.yml @@ -0,0 +1,27 @@ +name: Publish Package to npmjs + +on: + release: + types: [created] + +jobs: + build: + runs-on: ubuntu-latest + + permissions: + contents: read + id-token: write + + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-node@v4 + with: + node-version: '20' + registry-url: 'https://registry.npmjs.org' + cache: npm + scope: "@socketsecurity" + - run: npm install -g npm@latest + - run: npm ci + - run: npm publish --access public + env: + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} diff --git a/.github/workflows/types.yml b/.github/workflows/types.yml new file mode 100644 index 00000000..6ab849c5 --- /dev/null +++ b/.github/workflows/types.yml @@ -0,0 +1,24 @@ +name: Type Checks + +on: + push: + branches: + - main + tags: + - '*' + pull_request: + branches: + - main + schedule: + - cron: '14 5 * * 1,3,5' + +permissions: + contents: read + +jobs: + type-check: + uses: SocketDev/workflows/.github/workflows/type-check.yml@master + with: + no-lockfile: true + ts-versions: ${{ github.event.schedule && 'next' || '5.4,next' }} + ts-libs: 'esnext' diff --git a/package.json b/package.json index 16e8e094..6e769005 100644 --- a/package.json +++ b/package.json @@ -23,6 +23,7 @@ "prepare": "husky", "test": "run-s check test:*", "test:unit": "tap", + "test-ci": "run-s build:* test:*", "update": "run-p -c --aggregate-output update:*", "update:npm:package-json": "node ./scripts/update-npm-package-json.js", "update:manifest": "node ./scripts/update-manifest.js"