mirror of
https://github.com/pnpm/action-setup.git
synced 2026-03-01 07:51:02 +08:00
71944f404a
* chore: add alignment standards for github config - Add .nvmrc file with Node.js 22 - Add PR template for consistent pull requests - Add issue templates for bug reports, feature requests, and tasks - Add standard labels via gh CLI (type, priority, status, area labels) * fix: resolve form-data security vulnerability Add pnpm override to force form-data>=4.0.4 which fixes GHSA-fjxv-7rqg-78g4 (unsafe random function for boundary). * chore: add .claude/settings.local.json to gitignore * feat: Add claude commands * fix: update pnpm version to 10.27.0 (valid release) * fix: update pnpm version from 9 to 10 in all workflows Update all workflow files to use pnpm version 10 to match the packageManager field in package.json (pnpm@10.27.0). This fixes the CI failure caused by version mismatch: - pr-check.yml: version 9 → 10, matrix 9.15.5 → 10.27.0 - build-and-test.yml: version 9 → 10 - security.yml: version 9 → 10 - test.yaml: all version references updated to 10.27.0 * fix: remove packageManager field to allow testing multiple pnpm versions The action tests multiple pnpm versions (9.x and 10.x). Having a packageManager field in package.json causes version mismatch errors when the workflow specifies a different version than packageManager. * fix: use exact pnpm version 10.27.0 in workflows The action validates that the version specified in workflows must match the packageManager field in package.json exactly. Update from version: 10 to version: 10.27.0 to match pnpm@10.27.0. * fix: use local action in ci.yml with explicit version Since packageManager was removed from package.json to allow testing multiple pnpm versions, ci.yml must now specify the version explicitly. Changed from using released @v4.0.0 to using ./ (local action) to test the current code. * fix: rename claude commands to use Windows-compatible filenames Windows doesn't allow colons in filenames. Changed from using colons (agents:action.md) to hyphens (agents-action.md) for cross-platform compatibility.
106 lines
2.5 KiB
YAML
106 lines
2.5 KiB
YAML
name: PR Check
|
|
|
|
on:
|
|
pull_request:
|
|
branches: [ master ]
|
|
types: [opened, synchronize, reopened, ready_for_review]
|
|
|
|
jobs:
|
|
pr-validation:
|
|
if: github.event.pull_request.draft == false
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Setup pnpm
|
|
uses: ./
|
|
with:
|
|
version: 10.27.0
|
|
|
|
- name: Install dependencies
|
|
run: pnpm install
|
|
|
|
- name: Build
|
|
run: pnpm run build
|
|
|
|
- name: Check if dist is up to date
|
|
run: |
|
|
if [ -n "$(git status --porcelain dist/)" ]; then
|
|
echo "::error::Distribution files are not up to date. Please run 'pnpm run build' and commit the changes."
|
|
exit 1
|
|
fi
|
|
|
|
test-matrix:
|
|
if: github.event.pull_request.draft == false
|
|
runs-on: ${{ matrix.os }}
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
pnpm: [10.27.0]
|
|
os: [ubuntu-latest, macos-latest, windows-latest]
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Test action
|
|
uses: ./
|
|
with:
|
|
version: ${{ matrix.pnpm }}
|
|
|
|
- name: Verify installation
|
|
run: |
|
|
which pnpm
|
|
pnpm --version
|
|
|
|
- name: Test install functionality
|
|
run: pnpm install
|
|
|
|
security-check:
|
|
if: github.event.pull_request.draft == false
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Setup pnpm
|
|
uses: ./
|
|
with:
|
|
version: 10.27.0
|
|
|
|
- name: Security audit
|
|
run: pnpm audit --audit-level moderate
|
|
|
|
lint-and-format:
|
|
if: github.event.pull_request.draft == false
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Setup pnpm
|
|
uses: ./
|
|
with:
|
|
version: 10.27.0
|
|
|
|
- name: Install dependencies
|
|
run: pnpm install
|
|
|
|
- name: Check TypeScript
|
|
run: npx tsc --noEmit
|
|
|
|
- name: Verify action.yml syntax
|
|
run: |
|
|
if ! command -v yq &> /dev/null; then
|
|
sudo wget -qO /usr/local/bin/yq https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64
|
|
sudo chmod +x /usr/local/bin/yq
|
|
fi
|
|
yq eval action.yml > /dev/null
|
|
|
|
all-checks:
|
|
if: github.event.pull_request.draft == false
|
|
needs: [pr-validation, test-matrix, security-check, lint-and-format]
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: All checks passed
|
|
run: echo "✅ All PR checks passed successfully" |