chore: update project configuration and add linting/formatting tools#23
Conversation
| done < <(find codemods -path '*/node_modules/*' -prune -o -name codemod.yaml -print | sort) | ||
|
|
||
| for tag in "${new_tags[@]}"; do | ||
| git push origin "refs/tags/$tag" |
There was a problem hiding this comment.
P2: This pushes release tags before the publish job runs. If codemod/publish-action fails after tags have been pushed, a full workflow rerun will see those tags as already released, output changed_dirs=[], and skip publishing. Please decouple publish candidates from tag existence, or push tags only after publishing succeeds.
There was a problem hiding this comment.
I think the dependency should be based on the tag, because in this flow the tag should already be published before the publish workflow runs.
What’s your opinion on this, @AugustinMauroy?
|
|
||
| Three workflows support quality and releases: | ||
|
|
||
| - **`code-quality.yml` — Lint & types:** runs format, lint, and typecheck on every matching PR/push. |
There was a problem hiding this comment.
P3: This still documents code-quality.yml, but this PR deletes that workflow and replaces it with .github/workflows/ci.yaml. The surrounding text also says PR CI is affected-package and cross-platform, while the new CI is single Ubuntu full-repo checks. Please update this section to match the new workflow.
|
P2: This PR changes |
| jobs: | ||
| ci: | ||
| name: CI | ||
| runs-on: ubuntu-latest |
There was a problem hiding this comment.
| runs-on: ubuntu-latest | |
| runs-on: ubuntu-slim |
| - uses: actions/setup-node@v4 | ||
| with: | ||
| node-version: 22 | ||
| cache: pnpm |
There was a problem hiding this comment.
| - uses: actions/setup-node@v4 | |
| with: | |
| node-version: 22 | |
| cache: pnpm |
ubuntu-slim already ship node LTS
|
|
||
| - run: pnpm run check-types | ||
|
|
||
| - run: pnpm test |
There was a problem hiding this comment.
check on node/userland-migrations Jacob write a small bash command that only run test on the workspace that require it
| ├── workflow.yaml | ||
| ├── SKILL.md | ||
| ├── package.json | ||
| ├── tsconfig.json |
There was a problem hiding this comment.
why running it for each codemod ?
|
Thank you so much, @AugustinMauroy, for your excellent review! I've changed I've carefully addressed all the points you mentioned. |
There was a problem hiding this comment.
you should add https://github.com/step-security/harden-runner on publish to have report of network transit and it's help to avoid supply chain attack
There was a problem hiding this comment.
@AugustinMauroy I’d prefer to add this to the publish-action. Thanks for the recommendation!
| "noImplicitReturns": true, | ||
| "noFallthroughCasesInSwitch": true, | ||
| "noUncheckedIndexedAccess": true, | ||
| "esModuleInterop": true |
There was a problem hiding this comment.
| "esModuleInterop": true | |
| "esModuleInterop": true, | |
| "erasableSyntaxOnly": true |
it's how node & jssg act on typescript https://www.totaltypescript.com/erasable-syntax-only
3 participants
flowchart TD A[Feature PR merged to main] --> B{Pending changesets?} B -->|Yes| C[release.yml creates Version Packages PR] B -->|Yes| D[publish.yml skips] C --> E[Merge Version Packages PR] E --> F[publish.yml tags + publishes changed packages] B -->|No| G[publish.yml runs but finds nothing new]