Skip to content

Commit c33cd76

Browse files
authored
feat: update logic for tsc runner, dev deps, build scripts, and gitHub actions workflows (#33)
* chore: update devDeps to newest version and update config file to support new version * build: update build scripts * chore: format files with new biome version (v2) * ci: update github actions workflows * feat: add escape args logic for tsc runner and add new test case for it
1 parent 1e5c384 commit c33cd76

26 files changed

Lines changed: 349 additions & 144 deletions

.github/workflows/ci.yaml

Lines changed: 38 additions & 42 deletions
Original file line numberDiff line numberDiff line change
@@ -3,13 +3,13 @@ name: CI
33
on:
44
push:
55
branches:
6-
- "*"
6+
- main
77
pull_request:
88
branches:
9-
- "*"
9+
- "**"
1010

1111
concurrency:
12-
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.run_id }}
12+
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }}
1313
cancel-in-progress: true
1414

1515
permissions:
@@ -21,47 +21,47 @@ jobs:
2121
runs-on: ubuntu-24.04
2222
steps:
2323
- name: Harden runner
24-
uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1
24+
uses: step-security/harden-runner@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 # v2.19.0
2525
with:
2626
disable-sudo: true
2727
egress-policy: block
2828
allowed-endpoints: >
29+
api.github.com:443
2930
bun.sh:443
3031
github.com:443
3132
objects.githubusercontent.com:443
3233
registry.npmjs.org:443
34+
release-assets.githubusercontent.com:443
3335
3436
- name: Git checkout
3537
if: github.event_name == 'push'
36-
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
38+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
3739
with:
3840
fetch-depth: 1
39-
sparse-checkout: .
4041
persist-credentials: false
4142

4243
- name: Git checkout (full-history)
4344
if: github.event_name == 'pull_request'
44-
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
45+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
4546
with:
4647
fetch-depth: 0
47-
sparse-checkout: .
4848
ref: ${{ github.head_ref }}
4949
repository: ${{ github.event.pull_request.head.repo.full_name }}
5050
persist-credentials: false
5151

5252
- name: Set up bun@latest
53-
uses: oven-sh/setup-bun@4bc047ad259df6fc24a6c9b0f9a0cb08cf17fbe5 # v2.0.1
53+
uses: oven-sh/setup-bun@0c5077e51419868618aeaa5fe8019c62421857d6 # v2.2.0
5454

5555
- name: Install dependencies
5656
run: bun ci
5757

5858
- name: Run check (push)
5959
if: github.event_name == 'push'
60-
run: bunx commitlint --last --verbose
60+
run: bunx --bun commitlint --last --verbose
6161

6262
- name: Run check (pull_request)
6363
if: github.event_name == 'pull_request'
64-
run: bunx commitlint --from ${{ github.event.pull_request.base.sha }} --to ${{ github.event.pull_request.head.sha }} --verbose
64+
run: bunx --bun commitlint --from ${{ github.event.pull_request.base.sha }} --to ${{ github.event.pull_request.head.sha }} --verbose
6565

6666
dependency:
6767
name: Dependency check
@@ -70,7 +70,7 @@ jobs:
7070
pull-requests: write
7171
steps:
7272
- name: Harden runner
73-
uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1
73+
uses: step-security/harden-runner@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 # v2.19.0
7474
with:
7575
disable-sudo: true
7676
egress-policy: block
@@ -80,55 +80,46 @@ jobs:
8080
github.com:443
8181
8282
- name: Git checkout
83-
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
83+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
8484
with:
85-
fetch-depth: ${{ github.event_name == 'pull_request' && 1 || 2 }}
86-
repository: ${{ github.event.pull_request.head.repo.full_name }}
85+
fetch-depth: 1
8786
persist-credentials: false
8887

89-
- name: Run check (push)
90-
if: github.event_name == 'push'
91-
uses: actions/dependency-review-action@ce3cf9537a52e8119d91fd484ab5b8a807627bf8 # v4.6.0
88+
- name: Run dependency review
89+
uses: actions/dependency-review-action@2031cfc080254a8a887f58cffee85186f0e49e48 # v4.9.0
9290
with:
9391
allow-licenses: MIT, ISC, CC0-1.0, Apache-2.0, BSD-3-Clause, Unlicense
94-
head-ref: ${{ github.sha }}
95-
base-ref: ${{ github.event.before }}
96-
fail-on-severity: low
97-
comment-summary-in-pr: never
98-
warn-on-openssf-scorecard-level: 3
99-
100-
- name: Run check (pull_request)
101-
if: github.event_name == 'pull_request'
102-
uses: actions/dependency-review-action@ce3cf9537a52e8119d91fd484ab5b8a807627bf8 # v4.6.0
103-
with:
104-
allow-licenses: MIT, ISC, CC0-1.0, Apache-2.0, BSD-3-Clause, Unlicense
105-
fail-on-severity: low
106-
comment-summary-in-pr: on-failure
92+
head-ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}
93+
base-ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.base.sha || github.event.repository.default_branch }}
94+
fail-on-severity: moderate
95+
comment-summary-in-pr: ${{ github.event_name == 'pull_request' && 'on-failure' || 'never' }}
10796
warn-on-openssf-scorecard-level: 3
10897

10998
format:
11099
name: Format check
111100
runs-on: ubuntu-24.04
112101
steps:
113102
- name: Harden runner
114-
uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1
103+
uses: step-security/harden-runner@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 # v2.19.0
115104
with:
116105
disable-sudo: true
117106
egress-policy: block
118107
allowed-endpoints: >
108+
api.github.com:443
119109
bun.sh:443
120110
github.com:443
121111
objects.githubusercontent.com:443
122112
raw.githubusercontent.com:443
123113
registry.npmjs.org:443
114+
release-assets.githubusercontent.com:443
124115
125116
- name: Git checkout
126-
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
117+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
127118
with:
128119
persist-credentials: false
129120

130121
- name: Set up bun@latest
131-
uses: oven-sh/setup-bun@4bc047ad259df6fc24a6c9b0f9a0cb08cf17fbe5 # v2.0.1
122+
uses: oven-sh/setup-bun@0c5077e51419868618aeaa5fe8019c62421857d6 # v2.2.0
132123

133124
- name: Install dependencies
134125
run: bun ci
@@ -141,11 +132,12 @@ jobs:
141132
runs-on: ubuntu-24.04
142133
steps:
143134
- name: Harden runner
144-
uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1
135+
uses: step-security/harden-runner@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 # v2.19.0
145136
with:
146137
disable-sudo: true
147138
egress-policy: block
148139
allowed-endpoints: >
140+
api.github.com:443
149141
bun.sh:443
150142
cli.codecov.io:443
151143
github.com:443
@@ -154,14 +146,15 @@ jobs:
154146
objects.githubusercontent.com:443
155147
registry.npmjs.org:443
156148
storage.googleapis.com:443
149+
release-assets.githubusercontent.com:443
157150
158151
- name: Git checkout
159-
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
152+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
160153
with:
161154
persist-credentials: false
162155

163156
- name: Set up bun@latest
164-
uses: oven-sh/setup-bun@4bc047ad259df6fc24a6c9b0f9a0cb08cf17fbe5 # v2.0.1
157+
uses: oven-sh/setup-bun@0c5077e51419868618aeaa5fe8019c62421857d6 # v2.2.0
165158

166159
- name: Install dependencies
167160
run: bun ci
@@ -172,21 +165,23 @@ jobs:
172165
run: bun test --coverage --coverage-reporter=lcov --coverage-reporter=text --reporter=junit --reporter-outfile=junit.xml
173166

174167
- name: Upload lcov
175-
uses: codecov/codecov-action@0565863a31f2c772f9f0395002a31e3f06189574 # v5.4.0
168+
uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # v6
176169
with:
177170
fail_ci_if_error: true
171+
verbose: true
178172

179173
- name: Upload test result
180-
uses: codecov/test-results-action@f2dba722c67b86c6caa034178c6e4d35335f6706 # v1.1.0
174+
uses: codecov/test-results-action@0fa95f0e1eeaafde2c782583b36b28ad0d8c77d3 # v1.2.1
181175
with:
182176
fail_ci_if_error: true
177+
verbose: true
183178

184179
type:
185180
name: Type check
186181
runs-on: ubuntu-24.04
187182
steps:
188183
- name: Harden runner
189-
uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1
184+
uses: step-security/harden-runner@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 # v2.19.0
190185
with:
191186
disable-sudo: true
192187
egress-policy: block
@@ -197,14 +192,15 @@ jobs:
197192
objects.githubusercontent.com:443
198193
raw.githubusercontent.com:443
199194
registry.npmjs.org:443
195+
release-assets.githubusercontent.com:443
200196
201197
- name: Git checkout
202-
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
198+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
203199
with:
204200
persist-credentials: false
205201

206202
- name: Set up bun@latest
207-
uses: oven-sh/setup-bun@4bc047ad259df6fc24a6c9b0f9a0cb08cf17fbe5 # v2.0.1
203+
uses: oven-sh/setup-bun@0c5077e51419868618aeaa5fe8019c62421857d6 # v2.2.0
208204

209205
- name: Install dependencies
210206
run: bun ci

.github/workflows/codeql.yaml

Lines changed: 5 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -33,7 +33,7 @@ jobs:
3333
build-mode: none
3434
steps:
3535
- name: Harden runner
36-
uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1
36+
uses: step-security/harden-runner@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 # v2.19.0
3737
with:
3838
disable-sudo: true
3939
egress-policy: block
@@ -42,19 +42,20 @@ jobs:
4242
github.com:443
4343
objects.githubusercontent.com
4444
uploads.github.com:443
45+
release-assets.githubusercontent.com:443
4546
4647
- name: Git checkout
47-
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
48+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
4849
with:
4950
persist-credentials: false
5051

5152
- name: Initialize CodeQL
52-
uses: github/codeql-action/init@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3.28.13
53+
uses: github/codeql-action/init@e46ed2cbd01164d986452f91f178727624ae40d7 # v4.35.3
5354
with:
5455
languages: ${{ matrix.language }}
5556
build-mode: ${{ matrix.build-mode }}
5657

5758
- name: Perform CodeQL Analysis
58-
uses: github/codeql-action/analyze@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3.28.13
59+
uses: github/codeql-action/analyze@e46ed2cbd01164d986452f91f178727624ae40d7 # v4.35.3
5960
with:
6061
category: "/language:${{matrix.language}}"

.github/workflows/release.yaml

Lines changed: 8 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@ permissions:
1414

1515
jobs:
1616
publish:
17-
name: Publish release
17+
name: Publish release (if needed)
1818
if: github.repository_owner == 'codeismyid'
1919
runs-on: ubuntu-24.04
2020
permissions:
@@ -24,7 +24,7 @@ jobs:
2424
id-token: write
2525
steps:
2626
- name: Harden runner
27-
uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1
27+
uses: step-security/harden-runner@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 # v2.19.0
2828
with:
2929
disable-sudo: true
3030
egress-policy: block
@@ -38,20 +38,23 @@ jobs:
3838
rekor.sigstore.dev:443
3939
tuf-repo-cdn.sigstore.dev:443
4040
uploads.github.com:443
41+
release-assets.githubusercontent.com:443
4142
4243
- name: Git checkout (full-history)
43-
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
44+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
4445
with:
4546
fetch-depth: 0
4647
persist-credentials: true
4748

4849
- name: Set up bun@latest
49-
uses: oven-sh/setup-bun@4bc047ad259df6fc24a6c9b0f9a0cb08cf17fbe5 # v2.0.1
50+
uses: oven-sh/setup-bun@0c5077e51419868618aeaa5fe8019c62421857d6 # v2.2.0
5051

5152
- name: Install dependencies
5253
run: bun ci
5354

5455
- name: Run check
56+
env:
57+
FORCE_COLOR: 3
5558
run: bun check
5659

5760
- name: Audit signatures
@@ -60,7 +63,7 @@ jobs:
6063
- name: Build dist
6164
run: bun dist
6265

63-
- name: Publish
66+
- name: Run release
6467
env:
6568
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
6669
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}

__tests__/lib/cli/tsc-output-format.spec.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,10 +1,10 @@
11
import {
2-
type Mock,
32
afterEach,
43
beforeEach,
54
describe,
65
expect,
76
it,
7+
type Mock,
88
spyOn
99
} from 'bun:test';
1010
import { Cli, Runner, Util } from 'lib';

__tests__/lib/runners/run-format-only.spec.ts

Lines changed: 16 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -1,10 +1,10 @@
11
import {
2-
type Mock,
32
afterEach,
43
beforeEach,
54
describe,
65
expect,
76
it,
7+
type Mock,
88
spyOn
99
} from 'bun:test';
1010
import { Util } from 'lib';
@@ -16,23 +16,23 @@ let stdinOnSpy: Mock<typeof process.stdin.on>;
1616
let formatAndWriteSpy: Mock<typeof Util.formatAndWrite>;
1717

1818
const mockStdinOn = (data = '') => {
19-
stdinOnSpy.mockImplementation((event, callback) => {
20-
const cb = callback as (...args: unknown[]) => void;
21-
22-
switch (event) {
23-
case 'data': {
24-
cb(Buffer.from(data));
25-
26-
break;
19+
stdinOnSpy.mockImplementation(
20+
(event: 'data' | 'end', callback: (...args: unknown[]) => void) => {
21+
switch (event) {
22+
case 'data': {
23+
callback(Buffer.from(data));
24+
25+
break;
26+
}
27+
case 'end': {
28+
callback();
29+
break;
30+
}
2731
}
28-
case 'end': {
29-
cb();
30-
break;
31-
}
32-
}
3332

34-
return process.stdin;
35-
});
33+
return process.stdin;
34+
}
35+
);
3636
};
3737

3838
describe('lib > runners > runFormatOnly', () => {

__tests__/lib/runners/run-help.spec.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,10 +1,10 @@
11
import {
2-
type Mock,
32
afterEach,
43
beforeEach,
54
describe,
65
expect,
76
it,
7+
type Mock,
88
spyOn
99
} from 'bun:test';
1010
import { Runner } from 'lib';

0 commit comments

Comments
 (0)