diff --git a/.github/actions/setup-node/action.yml b/.github/actions/setup-node/action.yml new file mode 100644 index 000000000..d21c14276 --- /dev/null +++ b/.github/actions/setup-node/action.yml @@ -0,0 +1,40 @@ +name: "Setup Node" + +description: "Setup node and pnpm" + +runs: + using: "composite" + steps: + - name: Install pnpm + uses: pnpm/action-setup@v4 + + - name: Install Node.js + uses: actions/setup-node@v4 + with: + node-version-file: .node-version + cache: "pnpm" + + - name: Get pnpm store directory + shell: bash + run: | + echo "STORE_PATH=$(pnpm store path --silent)" >> $GITHUB_ENV + + - uses: actions/cache@v4 + name: Setup pnpm cache + if: ${{ github.ref_name == 'main' }} + with: + path: ${{ env.STORE_PATH }} + key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }} + restore-keys: | + ${{ runner.os }}-pnpm-store- + + - uses: actions/cache/restore@v4 + if: ${{ github.ref_name != 'main' }} + with: + path: ${{ env.STORE_PATH }} + key: | + ${{ runner.os }}-pnpm-store- + + - name: Install dependencies + shell: bash + run: pnpm install --frozen-lockfile diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index d66a8556d..73c1c0654 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -13,13 +13,17 @@ concurrency: group: ${{ github.workflow }}-${{ github.event.pull_request.number }} cancel-in-progress: true +permissions: + contents: read + pull-requests: write + jobs: post-update: # if: ${{ github.actor == 'dependabot[bot]' }} runs-on: ubuntu-latest - strategy: - matrix: - node-version: [20] + env: + TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }} + TURBO_TEAM: ${{ secrets.TURBO_TEAM }} steps: - name: Checkout code uses: actions/checkout@v4 @@ -28,21 +32,12 @@ jobs: - name: Checkout out pull request env: - GITHUB_TOKEN: ${{ secrets.ACCESS_TOKEN }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | gh pr checkout ${{ github.event.pull_request.number }} - - name: Install pnpm - uses: pnpm/action-setup@v4 - - - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@v4 - with: - node-version: ${{ matrix.node-version }} - cache: "pnpm" - - - name: Install dependencies - run: pnpm install --frozen-lockfile + - name: Setup Node + uses: ./.github/actions/setup-node - name: Build run: | diff --git a/.github/workflows/changeset-version.yml b/.github/workflows/changeset-version.yml index a21b53cee..bd6be8448 100644 --- a/.github/workflows/changeset-version.yml +++ b/.github/workflows/changeset-version.yml @@ -23,27 +23,14 @@ jobs: timeout-minutes: 15 runs-on: ubuntu-latest - strategy: - matrix: - node-version: [20] - steps: - name: Checkout code uses: actions/checkout@v4 with: fetch-depth: 0 - - name: Install pnpm - uses: pnpm/action-setup@v4 - - - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@v4 - with: - node-version: ${{ matrix.node-version }} - cache: "pnpm" - - - name: Install dependencies - run: pnpm install --frozen-lockfile + - name: Setup Node + uses: ./.github/actions/setup-node - name: Create Release Pull Request uses: changesets/action@v1 @@ -52,4 +39,4 @@ jobs: commit: "chore: bump versions" title: "chore: bump versions" env: - GITHUB_TOKEN: ${{ secrets.ACCESS_TOKEN }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 53e9fa933..7357f3619 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -21,7 +21,6 @@ jobs: runs-on: ${{ matrix.os }} strategy: matrix: - node-version: [20] os: - ubuntu-latest - macos-latest @@ -38,27 +37,8 @@ jobs: with: run_install: false - - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@v4 - with: - node-version: ${{ matrix.node-version }} - cache: "pnpm" - - - name: Find pnpm store path - shell: bash - run: | - echo "STORE_PATH=$(pnpm store path --silent)" >> $GITHUB_ENV - - - name: Setup pnpm cache - uses: actions/cache@v4 - with: - path: ${{ env.STORE_PATH }} - key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }} - restore-keys: | - ${{ runner.os }}-pnpm-store- - - - name: Install dependencies - run: pnpm install --frozen-lockfile + - name: Setup Node + uses: ./.github/actions/setup-node # - name: Check Git version # run: git --version @@ -80,7 +60,6 @@ jobs: runs-on: ${{ matrix.os }} strategy: matrix: - node-version: [20] os: - ubuntu-latest - macos-latest @@ -92,17 +71,8 @@ jobs: with: fetch-depth: 0 - - name: Install pnpm - uses: pnpm/action-setup@v4 - - - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@v4 - with: - node-version: ${{ matrix.node-version }} - cache: "pnpm" - - - name: Install dependencies - run: pnpm install --frozen-lockfile + - name: Setup Node + uses: ./.github/actions/setup-node - name: Lint run: pnpm run lint @@ -113,7 +83,6 @@ jobs: timeout-minutes: 20 strategy: matrix: - node-version: [20] os: - ubuntu-latest - macos-latest @@ -124,17 +93,8 @@ jobs: with: fetch-depth: 0 - - name: Install pnpm - uses: pnpm/action-setup@v4 - - - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@v4 - with: - node-version: ${{ matrix.node-version }} - cache: "pnpm" - - - name: Install dependencies - run: pnpm install --frozen-lockfile + - name: Setup Node + uses: ./.github/actions/setup-node - name: Typecheck run: pnpm check:type diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index b064a8e07..9832a9002 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -10,10 +10,6 @@ jobs: name: Deploy Push Ftp if: github.actor != 'dependabot[bot]' && !contains(github.event.head_commit.message, '[skip ci]') runs-on: ubuntu-latest - strategy: - matrix: - node-version: [20] - steps: - name: Checkout code uses: actions/checkout@v4 @@ -33,17 +29,8 @@ jobs: sed -i "s#VITE_PWA\s*=.*#VITE_PWA = true#g" ./apps/web-naive/.env.production cat ./apps/web-naive/.env.production - - name: Install pnpm - uses: pnpm/action-setup@v4 - - - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@v4 - with: - node-version: ${{ matrix.node-version }} - cache: "pnpm" - - - name: Install dependencies - run: pnpm install --frozen-lockfile + - name: Setup Node + uses: ./.github/actions/setup-node - name: Build run: pnpm run build diff --git a/.github/workflows/draft.yml b/.github/workflows/draft.yml index 39efba44b..700e3dc08 100644 --- a/.github/workflows/draft.yml +++ b/.github/workflows/draft.yml @@ -14,4 +14,4 @@ jobs: steps: - uses: release-drafter/release-drafter@v6 env: - GITHUB_TOKEN: ${{ secrets.ACCESS_TOKEN }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/issue-close-require.yml b/.github/workflows/issue-close-require.yml index 125ea411c..957588e30 100644 --- a/.github/workflows/issue-close-require.yml +++ b/.github/workflows/issue-close-require.yml @@ -6,6 +6,10 @@ on: schedule: - cron: "0 0 * * *" +permissions: + pull-requests: write + contents: write + jobs: close-issues: runs-on: ubuntu-latest @@ -16,6 +20,6 @@ jobs: uses: actions-cool/issues-helper@v3 with: actions: "close-issues" # 执行动作:关闭 Issues - token: ${{ secrets.ACCESS_TOKEN }} # GitHub Token,用于认证 + token: ${{ secrets.GITHUB_TOKEN }} # GitHub Token,用于认证 labels: "need reproduction" # 目标标签 inactive-day: 3 # 未活动天数阈值 diff --git a/.github/workflows/issue-labeled.yml b/.github/workflows/issue-labeled.yml index a255f8eb6..bb398f03f 100644 --- a/.github/workflows/issue-labeled.yml +++ b/.github/workflows/issue-labeled.yml @@ -6,6 +6,11 @@ on: # pull_request: # types: [labeled] +permissions: + issues: write + pull-requests: write + contents: write + jobs: reply-labeled: runs-on: ubuntu-latest @@ -15,7 +20,7 @@ jobs: uses: actions-cool/issues-helper@v3 with: actions: "remove-labels" - token: ${{ secrets.ACCESS_TOKEN }} + token: ${{ secrets.GITHUB_TOKEN }} issue-number: ${{ github.event.issue.number }} labels: "enhancement: pending triage" @@ -24,7 +29,7 @@ jobs: uses: actions-cool/issues-helper@v3 with: actions: "remove-labels" - token: ${{ secrets.ACCESS_TOKEN }} + token: ${{ secrets.GITHUB_TOKEN }} issue-number: ${{ github.event.issue.number }} labels: "bug: pending triage" @@ -33,7 +38,7 @@ jobs: uses: actions-cool/issues-helper@v3 with: actions: "create-comment, remove-labels" - token: ${{ secrets.ACCESS_TOKEN }} + token: ${{ secrets.GITHUB_TOKEN }} issue-number: ${{ github.event.issue.number }} body: | Hello @${{ github.event.issue.user.login }}. Please provide the complete reproduction steps and code. Issues labeled by `needs reproduction` will be closed if no activities in 3 days. diff --git a/.github/workflows/lock.yml b/.github/workflows/lock.yml index 7e599ac57..27905514b 100644 --- a/.github/workflows/lock.yml +++ b/.github/workflows/lock.yml @@ -15,7 +15,7 @@ jobs: steps: - uses: dessant/lock-threads@v5 with: - github-token: ${{ secrets.ACCESS_TOKEN }} + github-token: ${{ secrets.GITHUB_TOKEN }} issue-inactive-days: "30" issue-lock-reason: "" pr-inactive-days: "30" diff --git a/.github/workflows/release-tag.yml b/.github/workflows/release-tag.yml index eede0920c..b36e1903f 100644 --- a/.github/workflows/release-tag.yml +++ b/.github/workflows/release-tag.yml @@ -8,6 +8,10 @@ on: env: HUSKY: "0" +permissions: + pull-requests: write + contents: write + jobs: build: name: Create Release @@ -58,7 +62,7 @@ jobs: version: ${{ steps.version.outputs.version }} publish: true env: - GITHUB_TOKEN: ${{ secrets.ACCESS_TOKEN }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # - name: force update major tag # run: | @@ -69,7 +73,7 @@ jobs: # id: release_tag # uses: ncipollo/release-action@v1 # with: - # token: ${{ secrets.ACCESS_TOKEN }} + # token: ${{ secrets.GITHUB_TOKEN }} # generateReleaseNotes: "true" # body: | # > Please refer to [CHANGELOG.md](https://github.com/vbenjs/vue-vben-admin/blob/main/CHANGELOG.md) for details. diff --git a/.github/workflows/semantic-pull-request.yml b/.github/workflows/semantic-pull-request.yml index 51df9ac6e..7c5af0b7a 100644 --- a/.github/workflows/semantic-pull-request.yml +++ b/.github/workflows/semantic-pull-request.yml @@ -22,5 +22,19 @@ jobs: didn't match the configured pattern. Please ensure that the subject doesn't start with an uppercase character. requireScope: false + types: | + fix + feat + docs + style + refactor + perf + test + build + ci + chore + revert + types + release env: - GITHUB_TOKEN: ${{ secrets.ACCESS_TOKEN }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 953f9f8a4..d1acf5fbf 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -10,7 +10,7 @@ jobs: steps: - uses: actions/stale@v9 with: - repo-token: ${{ secrets.ACCESS_TOKEN }} + repo-token: ${{ secrets.GITHUB_TOKEN }} stale-issue-message: "This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days" stale-pr-message: "This PR is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days" exempt-issue-labels: "bug,enhancement" diff --git a/.node-version b/.node-version index 209e3ef4b..48b14e6b2 100644 --- a/.node-version +++ b/.node-version @@ -1 +1 @@ -20 +20.14.0 diff --git a/internal/lint-configs/commitlint-config/index.mjs b/internal/lint-configs/commitlint-config/index.mjs index 05ceb7614..3d854399f 100644 --- a/internal/lint-configs/commitlint-config/index.mjs +++ b/internal/lint-configs/commitlint-config/index.mjs @@ -145,7 +145,6 @@ const userConfig = { 'revert', 'types', 'release', - 'improvement', ], ], },