diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 0000000..a0701c9 --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,74 @@ +# For most projects, this workflow file will not need changing; you simply need +# to commit it to your repository. +# +# You may wish to alter this file to override the set of languages analyzed, +# or to provide custom queries or build logic. +# +# ******** NOTE ******** +# We have attempted to detect the languages in your repository. Please check +# the `language` matrix defined below to confirm you have the correct set of +# supported CodeQL languages. +# +name: "CodeQL" + +on: + push: + branches: [ "main" ] + pull_request: + # The branches below must be a subset of the branches above + branches: [ "main" ] + schedule: + - cron: '34 20 * * 5' + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + + strategy: + fail-fast: false + matrix: + language: [ 'javascript' ] + # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ] + # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: ${{ matrix.language }} + # If you wish to specify custom queries, you can do so here or in a config file. + # By default, queries listed here will override any specified in a config file. + # Prefix the list here with "+" to use these queries and those in the config file. + + # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs + # queries: security-extended,security-and-quality + + + # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). + # If this step fails, then you should remove it and run the build manually (see below) + - name: Autobuild + uses: github/codeql-action/autobuild@v2 + + # ℹī¸ Command-line programs to run using the OS shell. + # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun + + # If the Autobuild fails above, remove it and uncomment the following three lines. + # modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance. + + # - run: | + # echo "Run, Build Application using script" + # ./location_of_script_within_repo/buildscript.sh + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2 + with: + category: "/language:${{matrix.language}}" \ No newline at end of file diff --git a/.github/workflows/eslint.yml b/.github/workflows/eslint.yml new file mode 100644 index 0000000..69c34c9 --- /dev/null +++ b/.github/workflows/eslint.yml @@ -0,0 +1,58 @@ +# This workflow uses actions that are not certified by GitHub. +# They are provided by a third-party and are governed by +# separate terms of service, privacy policy, and support +# documentation. +# ESLint is a tool for identifying and reporting on patterns +# found in ECMAScript/JavaScript code. +# More details at https://github.com/eslint/eslint +# and https://eslint.org + +name: ESLint + +on: + push: + branches: [ "main" ] + pull_request: + # The branches below must be a subset of the branches above + branches: [ "main" ] + schedule: + - cron: '15 10 * * 5' + +jobs: + eslint: + name: Run eslint scanning + runs-on: ubuntu-latest + permissions: + contents: read + security-events: write + actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status + steps: + - name: Checkout code + uses: actions/checkout@v3 + + - name: Install Node.js + uses: actions/setup-node@v3 + with: + node-version: 18 + + - uses: pnpm/action-setup@v2.0.1 + name: Install pnpm + id: pnpm-install + with: + version: 7 + run_install: false + + - name: Install depends + run: pnpm i + + - name: Run ESLint + run: pnpm lint #--fix + + + # - name: Commit changes + # uses: EndBug/add-and-commit@v9 + # with: + # author_name: GitHub Actions + # author_email: actions@github.com + # message: 'chore: `eslint --fix`' + # push: origin main \ No newline at end of file diff --git a/.github/workflows/prettier.yml b/.github/workflows/prettier.yml new file mode 100644 index 0000000..c63bcda --- /dev/null +++ b/.github/workflows/prettier.yml @@ -0,0 +1,45 @@ +name: Prettier + +# This action works with pull requests and pushes +on: + pull_request: + push: + branches: + - main + +jobs: + prettier: + runs-on: ubuntu-latest + permissions: + contents: read + security-events: write + actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status + steps: + - name: Checkout code + uses: actions/checkout@v3 + + - name: Install Node.js + uses: actions/setup-node@v3 + with: + node-version: 18 + + - uses: pnpm/action-setup@v2.0.1 + name: Install pnpm + id: pnpm-install + with: + version: 7 + run_install: false + + - name: Install depends + run: pnpm i + + - name: Fretit + run: pnpm pretit + + # - name: Commit changes + # uses: EndBug/add-and-commit@v9 + # with: + # author_name: GitHub Actions + # author_email: actions@github.com + # message: 'chore: `prettier -w`' + # push: origin main \ No newline at end of file diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..6731660 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,89 @@ +name: Release +on: + push: + tags: + - "v*.*.*" +jobs: + ci: + runs-on: ubuntu-latest + permissions: + contents: read + security-events: write + actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status + steps: + - name: Checkout code + uses: actions/checkout@v3 + + - name: Install Node.js + uses: actions/setup-node@v3 + with: + node-version: 18 + + - name: Install Depends for pkg canvas + run: sudo apt-get install build-essential libcairo2-dev libpango1.0-dev libjpeg-dev libgif-dev librsvg2-dev + + - uses: pnpm/action-setup@v2.0.1 + name: Install pnpm + id: pnpm-install + with: + version: 7.18.2 + run_install: false + + - name: Install depends + run: pnpm i + - name: Typing + run: pnpm typing + release: + needs: ci + runs-on: ubuntu-latest + steps: + - name: Checkout 🛎ī¸ + uses: actions/checkout@v3 + + - name: Install Node.js + uses: actions/setup-node@v3 + with: + registry-url: 'https://registry.npmjs.org' + node-version: 18 + + - name: Install Depends for pkg canvas + run: sudo apt-get install build-essential libcairo2-dev libpango1.0-dev libjpeg-dev libgif-dev librsvg2-dev + + - uses: pnpm/action-setup@v2.0.1 + name: Install pnpm + id: pnpm-install + with: + version: 7.18.2 + run_install: false + + - name: Install depends + run: pnpm i + - name: Test & Build + run: pnpm test && pnpm build + + - name: Publish to NPM + run: pnpm -r publish --access public --no-git-checks + env: + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + + changelog-release: + needs: release + runs-on: ubuntu-latest + steps: + - name: Generate changelog + id: changelog + uses: metcalfc/changelog-generator@v4.0.1 + with: + myToken: ${{ secrets.GITHUB_TOKEN }} + + - name: Create Release + id: create_release + uses: actions/create-release@latest + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + tag_name: ${{ github.ref }} + release_name: ${{ github.ref }} + body: ${{ steps.changelog.outputs.changelog }} + draft: false + prerelease: false \ No newline at end of file diff --git a/.github/workflows/try-build.yml b/.github/workflows/try-build.yml new file mode 100644 index 0000000..a02ac61 --- /dev/null +++ b/.github/workflows/try-build.yml @@ -0,0 +1,37 @@ + +name: Try build + +on: + push: + branches: [ "main" ] + pull_request: + # The branches below must be a subset of the branches above + branches: [ "main" ] + schedule: + - cron: '15 10 * * 5' + +jobs: + build: + name: Try build + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v3 + + - name: Install Node.js + uses: actions/setup-node@v3 + with: + node-version: 18 + + - uses: pnpm/action-setup@v2.0.1 + name: Install pnpm + id: pnpm-install + with: + version: 7 + run_install: false + + - name: Install depends + run: pnpm i + + - name: Build + run: pnpm build \ No newline at end of file diff --git a/.github/workflows/typing.yml b/.github/workflows/typing.yml new file mode 100644 index 0000000..53fbde2 --- /dev/null +++ b/.github/workflows/typing.yml @@ -0,0 +1,37 @@ +name: TypeScript Checker Declaration + +# This action works with pull requests and pushes +on: + pull_request: + push: + branches: + - main + +jobs: + typing: + runs-on: ubuntu-latest + permissions: + contents: read + security-events: write + actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status + steps: + - name: Checkout code + uses: actions/checkout@v3 + + - name: Install Node.js + uses: actions/setup-node@v3 + with: + node-version: 18 + + - uses: pnpm/action-setup@v2.0.1 + name: Install pnpm + id: pnpm-install + with: + version: 7 + run_install: false + + - name: Install depends + run: npm i + + - name: Typing + run: pnpm typing \ No newline at end of file diff --git a/package.json b/package.json index 7bc395d..ce62a4f 100644 --- a/package.json +++ b/package.json @@ -9,7 +9,9 @@ "build": "vue-tsc && vite build", "preview": "vite preview", "typing": "vue-tsc --noEmit", + "test": "echo 'No test'", "client:build": "tsup", + "pretit": "preitter src/", "format": "prettier -w src/", "lint": "eslint src/", "ci": "pnpm format && pnpm lint && pnpm typing",