Skip to content
PR Workflow

chore(deps): bump @typescript-eslint/eslint-plugin from 8.48.0 to 8.51.0 #131

Sign in to view logs

chore(deps): bump @typescript-eslint/eslint-plugin from 8.48.0 to 8.51.0

chore(deps): bump @typescript-eslint/eslint-plugin from 8.48.0 to 8.51.0 #131

Workflow file for this run

.github/workflows/pull-request.yml at c790cff
##############################################################################
##############################################################################
#
# NOTE!
#
# Please read the README.md file in this directory that defines what should
# be placed in this file
#
##############################################################################
##############################################################################
name: PR Workflow
on:
pull_request:
branches:
- '**'
env:
CODECOV_UNIQUE_NAME: CODECOV_UNIQUE_NAME-${{ github.run_id }}-${{ github.run_number }}
jobs:
Code-Quality-Checks:
name: Performs linting, formatting, type-checking, checking for different source and target branch
runs-on: ubuntu-latest
strategy:
matrix:
node-version: ['24.x']
steps:
- name: Checkout the Repository
uses: actions/checkout@v4
with:
fetch-depth: 0 # Fetch all history for all branches and tags
- uses: pnpm/action-setup@v4
name: Install pnpm
with:
run_install: false
- name: Install Node.js
uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node-version }}
cache: 'pnpm'
- name: Install dependencies
run: pnpm install
- name: Check formatting
if: steps.changed-files.outputs.only_changed != 'true'
run: pnpm run format:check
- name: Run formatting if check fails
if: failure()
run: pnpm run format:fix
- name: Type-checking
run: pnpm run typecheck
- name: checking linting
run: pnpm run lint:check
- name: Check if the source and target branches are different
if: ${{ github.event.pull_request.base.ref == github.event.pull_request.head.ref }}
run: |
echo "Source Branch ${{ github.event.pull_request.head.ref }}"
echo "Target Branch ${{ github.event.pull_request.base.ref }}"
echo "Error: Source and Target Branches are the same. Please ensure they are different."
echo "Error: Close this PR and try again."
exit 1
- name: Check for unused files, exports and dependencies
run: pnpm knip
Check-Sensitive-Files:
if: ${{ github.actor != 'dependabot[bot]' }}
name: Checks if sensitive files have been changed without authorization
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0 # Fetch all history for all branches and tags
- name: Checkout centralized CI/CD scripts
uses: actions/checkout@v4
with:
repository: PalisadoesFoundation/.github
ref: main
path: .github-central
- name: Get PR labels
id: check-labels
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
if [ -z "${{ github.event.pull_request.number }}" ]; then
echo "skip=false" >> $GITHUB_OUTPUT
exit 0
fi
LABELS="$(gh api repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/labels --jq '.[].name' | tr '\n' ' ')"
if echo "$LABELS" | grep -qw "ignore-sensitive-files-pr"; then
echo "::notice::Skipping sensitive files check due to 'ignore-sensitive-files-pr' label."
echo "skip=true" >> $GITHUB_OUTPUT
else
echo "skip=false" >> $GITHUB_OUTPUT
fi
- name: Set up Python
if: steps.check-labels.outputs.skip != 'true'
uses: actions/setup-python@v5
with:
python-version: 3.11
- name: Get Changed Unauthorized files
if: steps.check-labels.outputs.skip != 'true'
id: changed-unauth-files
run: |
# Skip if not in PR context
if [ -z "${{ github.event.pull_request.base.sha }}" ]; then
echo "any_changed=false" >> $GITHUB_OUTPUT
exit 0
fi
# Determine base and head commits for comparison
HEAD_SHA="${{ github.event.pull_request.head.sha || github.sha }}"
BASE_SHA=$(git merge-base "${{ github.event.pull_request.base.sha }}" "$HEAD_SHA")
# Get all changed files between base and head
mapfile -d '' ALL_CHANGED_FILES < <(git diff --name-only -z --diff-filter=ACMR "$BASE_SHA" "$HEAD_SHA")
# Check for sensitive files using the python script
if [ ${#ALL_CHANGED_FILES[@]} -gt 0 ]; then
python3 .github-central/.github/workflows/scripts/sensitive_file_check.py --config .github/workflows/config/sensitive_files.txt --files "${ALL_CHANGED_FILES[@]}"
fi
Test-Docusaurus-Deployment:
name: Test Deployment to https://developer.palisadoes.org
runs-on: ubuntu-latest
needs: [Code-Quality-Checks]
strategy:
matrix:
node-version: ['24.x']
# Run only if the develop branch and not dependabot
if: ${{ github.event.pull_request.base.ref == 'main' }}
steps:
- name: Checkout the Repository
uses: actions/checkout@v4
with:
fetch-depth: 0 # Fetch all history for all branches and tags
- uses: pnpm/action-setup@v4
name: Install pnpm
with:
run_install: false
cache: pnpm
cache-dependency-path: |
pnpm-lock.yaml
package.json
- name: Install Node.js
uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node-version }}
cache: 'pnpm'
# Run Docusaurus in the ./docs directory
- name: Install dependencies
working-directory: ./
run: pnpm install --frozen-lockfile
- name: Test building the website
working-directory: ./
run: pnpm build
Check-Target-Branch:
if: ${{ github.actor != 'dependabot[bot]' }}
name: Check Target Branch
runs-on: ubuntu-latest
steps:
- name: Check if the target branch is 'main'
if: github.event.pull_request.base.ref != 'main'
run: |
echo "Error: Pull request target branch must be 'main'. Please refer PR_GUIDELINES.md"
echo "Error: Close this PR and try again."
exit 1