ci.yml

name: Continuous Integration
on:
  # Main branch updated
  push:
    branches:
      - main
  # Pull request
  pull_request:
    types:
      # Newly opened
      - opened
      # Updated (excludes change of base branch)
      - synchronize

jobs:
  test:
    strategy:
      matrix:
        platform: [ ubuntu-latest, macos-latest, windows-latest ]
        node-version: [ ^22.0.0, ^24.0.0 ]
    runs-on: ${{ matrix.platform }}
    steps:
    - uses: actions/checkout@v6
    - uses: actions/setup-node@v6
      with:
        node-version: ${{ matrix.node-version }}
    - uses: pnpm/action-setup@v6
      with:
        version: 10
    - run: pnpm install
    - run: ./node_modules/.bin/c8 --reporter=lcovonly pnpm test
    - uses: codecov/codecov-action@v6.0.1

  release-readiness:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v6
    - uses: actions/setup-node@v6
      with:
        node-version: ^24.0.0
    - uses: pnpm/action-setup@v6
      with:
        version: 10
    - run: pnpm install
    - run: pnpm run release-readiness

  dependabot-approveOrMerge:
    needs: [test, release-readiness]
    runs-on: ubuntu-latest
    permissions:
      pull-requests: write
      contents: write
    steps:
    - uses: actions/checkout@v6
    - name: Assess changes
      uses: tony84727/changed-file-filter@v0.2.5
      id: filter
      with:
        filters: |
          requirementsChanged:
            - 'package.json'
    - name: Merge lockfile changes
      uses: fastify/github-action-merge-dependabot@v3.12.0
      if: steps.filter.outputs.requirementsChanged == 'false'
      with:
        github-token: ${{ secrets.GITHUB_TOKEN }}
    - name: Approve requirement changes
      uses: fastify/github-action-merge-dependabot@v3.12.0
      if: steps.filter.outputs.requirementsChanged == 'true'
      with:
        github-token: ${{ secrets.GITHUB_TOKEN }}
        approve-only: true