diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e7747195f..20841c991 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -9,16 +9,21 @@ jobs: runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 + - name: Use Node.js - uses: actions/setup-node@v3 + uses: actions/setup-node@v5 with: node-version-file: '.nvmrc' + - name: '[Setup] Install dependencies' run: npm ci + - name: 'Check build size' run: npm run build:prod + - name: '[Test] Run linters' run: npm run lint + - name: '[Test] Run all tests' run: npm run test diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index df81ea457..5eceae950 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -9,15 +9,15 @@ # the `language` matrix defined below to confirm you have the correct set of # supported CodeQL languages. # -name: "CodeQL" +name: 'CodeQL' on: workflow_dispatch: push: - branches: [ "main", "better-tests-refactoring-serviceworker" ] + branches: ['main', 'better-tests-refactoring-serviceworker'] pull_request: # The branches below must be a subset of the branches above - branches: [ "main" ] + branches: ['main'] schedule: - cron: '37 19 * * 4' @@ -39,45 +39,44 @@ jobs: strategy: fail-fast: false matrix: - language: [ 'javascript-typescript' ] + language: ['javascript-typescript'] # CodeQL supports [ 'c-cpp', 'csharp', 'go', 'java-kotlin', 'javascript-typescript', 'python', 'ruby', 'swift' ] # Use only 'java-kotlin' to analyze code written in Java, Kotlin or both # Use only 'javascript-typescript' to analyze code written in JavaScript, TypeScript or both # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support steps: - - name: Checkout repository - uses: actions/checkout@v3 + - name: Checkout repository + uses: actions/checkout@v5 - # Initializes the CodeQL tools for scanning. - - name: Initialize CodeQL - uses: github/codeql-action/init@v2 - with: - languages: ${{ matrix.language }} - # If you wish to specify custom queries, you can do so here or in a config file. - # By default, queries listed here will override any specified in a config file. - # Prefix the list here with "+" to use these queries and those in the config file. + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: ${{ matrix.language }} + # If you wish to specify custom queries, you can do so here or in a config file. + # By default, queries listed here will override any specified in a config file. + # Prefix the list here with "+" to use these queries and those in the config file. - # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs - # queries: security-extended,security-and-quality + # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs + # queries: security-extended,security-and-quality + # Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift). + # If this step fails, then you should remove it and run the build manually (see below) + - name: Autobuild + uses: github/codeql-action/autobuild@v2 - # Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift). - # If this step fails, then you should remove it and run the build manually (see below) - - name: Autobuild - uses: github/codeql-action/autobuild@v2 + # ℹī¸ Command-line programs to run using the OS shell. + # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun - # ℹī¸ Command-line programs to run using the OS shell. - # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun + # If the Autobuild fails above, remove it and uncomment the following three lines. + # modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance. - # If the Autobuild fails above, remove it and uncomment the following three lines. - # modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance. + # - run: | + # echo "Run, Build Application using script" + # ./location_of_script_within_repo/buildscript.sh - # - run: | - # echo "Run, Build Application using script" - # ./location_of_script_within_repo/buildscript.sh - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 - with: - category: "/language:${{matrix.language}}" + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2 + with: + category: '/language:${{matrix.language}}' diff --git a/.github/workflows/create-release.yml b/.github/workflows/create-release.yml index 635185199..8d48ebe92 100644 --- a/.github/workflows/create-release.yml +++ b/.github/workflows/create-release.yml @@ -12,7 +12,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v6 + uses: actions/checkout@v5 with: fetch-depth: 0 fetch-tags: true @@ -31,16 +31,15 @@ jobs: - name: Get last release commit id: last_commit run: | - LAST_RELEASE_TAG="${{ steps.current_version.outputs.current }}" - LAST_RELEASE_COMMIT=$(git rev-parse "$LAST_RELEASE_TAG") - echo "commit=$LAST_RELEASE_COMMIT" >> $GITHUB_OUTPUT + LAST_RELEASE_DATE=$(git show -s --format=%cI "${{ steps.current_version.outputs.current }}") + echo "date=$LAST_RELEASE_DATE" >> $GITHUB_OUTPUT - name: Get merged PRs since last release id: get_prs uses: actions/github-script@v7 with: script: | - const lastReleaseCommit = '${{ steps.last_commit.outputs.commit }}'; + const lastReleaseDate = '${{ steps.last_commit.outputs.date }}'; // Get merged PRs const { data: prs } = await github.rest.pulls.list({ @@ -53,7 +52,7 @@ jobs: // Filter and process PRs const mergedPrs = prs - .filter(pr => pr.merged_at && pr.merge_commit_sha !== lastReleaseCommit) + .filter(pr => pr.merged_at && new Date(pr.merged_at) > new Date(lastReleaseDate)) .map(pr => ({ number: pr.number, title: pr.title, @@ -121,9 +120,14 @@ jobs: - name: Create release PR run: | NEW_VERSION="${{ steps.new_version.outputs.version }}" - RELEASE_NOTES="${{ steps.release_notes.outputs.notes }}" + + # Write release notes to file to avoid shell interpretation + cat > release_notes.md << 'EOF' + ${{ steps.release_notes.outputs.notes }} + EOF gh pr create \ --title "Release $NEW_VERSION" \ - --body "$RELEASE_NOTES" \ + --body-file release_notes.md \ --base main + --reviewer fadi-george,sherwinski,jkasten2 diff --git a/.github/workflows/set_response_time.yml b/.github/workflows/set_response_time.yml index 4b711ee71..49d9f2f49 100644 --- a/.github/workflows/set_response_time.yml +++ b/.github/workflows/set_response_time.yml @@ -1,11 +1,11 @@ name: Set Response Time -on: +on: issue_comment: - types: - - created + types: + - created issues: types: - - closed + - closed jobs: calculate: name: set reponse time for the issue @@ -14,12 +14,14 @@ jobs: permissions: issues: write steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 with: token: ${{ secrets.GITHUB_TOKEN }} + - run: npm install @octokit/action@6.0.6 + - uses: actions/github-script@v6 - id: set-time + id: set-time with: result-encoding: string script: | @@ -28,5 +30,6 @@ jobs: return await set_response_time(context, os_probot_metadata) env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + - name: Get result run: echo "${{steps.set-time.outputs.result}}" >> $GITHUB_STEP_SUMMARY