diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..63a9ba7 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,29 @@ +version: 2 +updates: + - package-ecosystem: npm + directory: / + schedule: + interval: weekly + open-pull-requests-limit: 8 + groups: + npm-dev-minor: + dependency-type: development + update-types: [minor, patch] + npm-prod-minor: + dependency-type: production + update-types: [minor, patch] + ignore: + - dependency-name: '@types/node' + update-types: [version-update:semver-major] + - dependency-name: typescript + update-types: [version-update:semver-major] + + - package-ecosystem: github-actions + directory: / + schedule: + interval: weekly + open-pull-requests-limit: 3 + groups: + actions-minor: + patterns: ['*'] + update-types: [minor, patch] diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 0569176..31b2383 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -21,13 +21,13 @@ jobs: matrix: node: [20, 22] steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 - name: Install pnpm - uses: pnpm/action-setup@v4 + uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4 - name: Use Node.js ${{ matrix.node }} - uses: actions/setup-node@v4 + uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 with: node-version: ${{ matrix.node }} cache: pnpm diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..805d22a --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,92 @@ +name: Release + +on: + push: + tags: + - 'v*.*.*' + +concurrency: + group: release-${{ github.ref }} + cancel-in-progress: false + +permissions: + contents: read + id-token: write + +jobs: + verify: + name: Verify (typecheck + tests + build) + runs-on: ubuntu-latest + timeout-minutes: 15 + steps: + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 + + - uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4 + + - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 + with: + node-version: '20' + cache: pnpm + registry-url: 'https://registry.npmjs.org' + + - run: pnpm install --frozen-lockfile + + - name: Typecheck + run: pnpm typecheck + + - name: Tests + run: pnpm test + + - name: Build + run: pnpm build + + check-versions: + name: Tag matches all package versions + runs-on: ubuntu-latest + timeout-minutes: 2 + steps: + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 + - name: Compare versions + run: | + TAG_VERSION="${GITHUB_REF_NAME#v}" + echo "git tag: $TAG_VERSION" + FAILED=0 + for pkg in packages/types packages/sdk packages/player packages/react; do + PKG_VERSION="$(node -p "require('./$pkg/package.json').version")" + echo "$pkg: $PKG_VERSION" + if [ "$PKG_VERSION" != "$TAG_VERSION" ]; then + echo "::error::$pkg/package.json version $PKG_VERSION does not match tag $TAG_VERSION" + FAILED=1 + fi + done + exit $FAILED + + publish: + name: Publish to npm + needs: [verify, check-versions] + runs-on: ubuntu-latest + timeout-minutes: 15 + steps: + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 + + - uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4 + + - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 + with: + node-version: '20' + cache: pnpm + registry-url: 'https://registry.npmjs.org' + + - run: pnpm install --frozen-lockfile + + - name: Build all packages + run: pnpm build + + - name: Publish all workspace packages + env: + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + NPM_CONFIG_PROVENANCE: 'true' + run: | + pnpm -r --filter './packages/*' publish \ + --access public \ + --no-git-checks