Skip to content

Commit

Permalink
Merge branch 'main' into fix-nav
Browse files Browse the repository at this point in the history
  • Loading branch information
AugustinMauroy committed Sep 14, 2024
2 parents 95eb709 + 991be60 commit 4e1b168
Show file tree
Hide file tree
Showing 141 changed files with 9,330 additions and 6,902 deletions.
14 changes: 1 addition & 13 deletions .eslintignore
Original file line number Diff line number Diff line change
@@ -1,17 +1,5 @@
# Node.js
node_modules

# Next.js & Vercel Directories
.next
.turbo
.swc
build

# We don't want to lint/prettify the Coverage Results
coverage
junit.xml

# We shouldn't lint statically generated Storybook files
storybook-static

# This file naturally might break conventional rules
global.d.ts
8 changes: 8 additions & 0 deletions .github/scorecard.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
# annotations tell scorecard that we have mitigated a concern. automation is only so good at establishing context
# https://github.com/ossf/scorecard/blob/main/config/README.md#annotating-your-project
annotations:
# our workflows only run when a maintainer allows it
- checks:
- dangerous-workflow
reasons:
- reason: remediated
20 changes: 18 additions & 2 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ jobs:

steps:
- name: Harden Runner
uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
with:
egress-policy: audit

Expand Down Expand Up @@ -76,8 +76,20 @@ jobs:
# regardless of having code changes or not
fetch-depth: 1

- uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
# See here for caching with `yarn` https://github.com/actions/cache/blob/main/examples.md#node---yarn or you can leverage caching with actions/setup-node https://github.com/actions/setup-node
path: |
~/.npm
${{ github.workspace }}/.next/cache
# Generate a new cache whenever packages or source files change.
key: ${{ runner.os }}-nextjs-${{ hashFiles('**/package-lock.json') }}-${{ hashFiles('**/*.js', '**/*.jsx', '**/*.ts', '**/*.tsx') }}
# If source files changed but packages didn't, rebuild from a prior cache.
restore-keys: |
${{ runner.os }}-nextjs-${{ hashFiles('**/package-lock.json') }}-
- name: Set up Node.js
uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
with:
# We want to ensure that the Node.js version running here respects our supported versions
node-version-file: '.nvmrc'
Expand All @@ -99,6 +111,8 @@ jobs:
# this should be a last resort in case by any chances the build memory gets too high
# but in general this should never happen
NODE_OPTIONS: '--max_old_space_size=4096'
# Used for API requests that require GitHub API scopes
NEXT_GITHUB_API_KEY: ${{ secrets.GITHUB_TOKEN }}

- name: Build Next.js (Static)
# We only run full static builds within Pull Requests. As they're not needed on `merge_group` or `push` events
Expand All @@ -115,6 +129,8 @@ jobs:
# this should be a last resort in case by any chances the build memory gets too high
# but in general this should never happen
NODE_OPTIONS: '--max_old_space_size=4096'
# Used for API requests that require GitHub API scopes
NEXT_GITHUB_API_KEY: ${{ secrets.GITHUB_TOKEN }}

- name: Sync Orama Cloud
# We only want to sync the Orama Cloud production indexes on `push` events.
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/codeql.yml
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ jobs:

steps:
- name: Harden Runner
uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
with:
egress-policy: audit

Expand All @@ -50,7 +50,7 @@ jobs:

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
uses: github/codeql-action/init@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
Expand All @@ -60,7 +60,7 @@ jobs:
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
uses: github/codeql-action/autobuild@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6

# ℹ️ Command-line programs to run using the OS shell.
# 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
Expand All @@ -73,6 +73,6 @@ jobs:
# ./location_of_script_within_repo/buildscript.sh

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
uses: github/codeql-action/analyze@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6
with:
category: '/language:${{matrix.language}}'
4 changes: 2 additions & 2 deletions .github/workflows/dependency-review.yml
Original file line number Diff line number Diff line change
Expand Up @@ -21,12 +21,12 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
with:
egress-policy: audit

- name: Git Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

- name: Review Dependencies
uses: actions/dependency-review-action@0c155c5e8556a497adf53f2c18edabf945ed8e70 # v4.3.2
uses: actions/dependency-review-action@5a2ce3f5b92ee19cbb1541a4984c76d921601d7c # v4.3.4
2 changes: 1 addition & 1 deletion .github/workflows/lighthouse.yml
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ jobs:

steps:
- name: Harden Runner
uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
with:
egress-policy: audit

Expand Down
15 changes: 7 additions & 8 deletions .github/workflows/lint-and-tests.yml
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ jobs:

steps:
- name: Harden Runner
uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
with:
egress-policy: audit

Expand Down Expand Up @@ -65,7 +65,7 @@ jobs:

steps:
- name: Harden Runner
uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
with:
egress-policy: audit

Expand All @@ -82,7 +82,6 @@ jobs:
.turbo/cache
node_modules/.cache
.eslintmdcache
.eslintjscache
.stylelintcache
.prettiercache
# We want to restore Turborepo Cache and ESlint and Prettier Cache
Expand All @@ -96,7 +95,7 @@ jobs:
cache-lint-
- name: Set up Node.js
uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
with:
# We want to ensure that the Node.js version running here respects our supported versions
node-version-file: '.nvmrc'
Expand Down Expand Up @@ -136,7 +135,6 @@ jobs:
.turbo/cache
node_modules/.cache
.eslintmdcache
.eslintjscache
.stylelintcache
.prettiercache
key: cache-lint-${{ hashFiles('package-lock.json') }}-${{ hashFiles('.turbo/cache/**') }}
Expand All @@ -161,7 +159,7 @@ jobs:

steps:
- name: Harden Runner
uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
with:
egress-policy: audit

Expand All @@ -175,7 +173,7 @@ jobs:
fetch-depth: 0

- name: Set up Node.js
uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
with:
# We want to ensure that the Node.js version running here respects our supported versions
node-version-file: '.nvmrc'
Expand Down Expand Up @@ -204,7 +202,7 @@ jobs:
startsWith(github.event.pull_request.head.ref, 'dependabot/') == false &&
github.event.pull_request.head.ref != 'chore/crowdin')
# sha reference has no stable git tag reference or URL. see https://github.com/chromaui/chromatic-cli/issues/797
uses: chromaui/action@5f6574e351eb055223ae8ea9e1a734d1d695ea9c
uses: chromaui/action@b984808b772126a9f44b2b7737b131b68a2ede32
with:
workingDir: apps/site
buildScriptName: storybook:build
Expand All @@ -224,3 +222,4 @@ jobs:
title: 'Unit Test Coverage Report'
junitxml-path: ./apps/site/junit.xml
junitxml-title: Unit Test Report
coverage-summary-path: ./apps/site/coverage/coverage-summary.json
2 changes: 1 addition & 1 deletion .github/workflows/pull-request-label.yml
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
with:
egress-policy: audit

Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/scorecard.yml
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ jobs:

steps:
- name: Harden Runner
uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
with:
egress-policy: audit

Expand All @@ -42,7 +42,7 @@ jobs:
persist-credentials: false

- name: Run Scorecard Analysis
uses: ossf/scorecard-action@dc50aa9510b46c811795eb24b2f1ba02a914e534 # v2.3.3
uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0
with:
results_file: results.sarif
results_format: sarif
Expand All @@ -51,14 +51,14 @@ jobs:
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
# format to the repository Actions tab.
- name: Upload Artifacts
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
with:
name: SARIF file
path: results.sarif
retention-days: 5

# Upload the results to GitHub's code scanning dashboard.
- name: Upload Scan Results
uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
uses: github/codeql-action/upload-sarif@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6
with:
sarif_file: results.sarif
16 changes: 8 additions & 8 deletions .github/workflows/translations-pr.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,18 +12,18 @@ on:
- 'apps/site/pages/**/*.mdx'
- '!apps/site/pages/en/**/*.md'
- '!apps/site/pages/en/**/*.mdx'
- 'apps/site/i18n/locales/*.json'
- '!apps/site/i18n/locales/en.json'
- 'packages/i18n/locales/*.json'
- '!packages/i18n/locales/en.json'

permissions:
actions: read

jobs:
comment_on_translation_pr:
# This comment should only be posted on PRs that come from users and not from Crowdin
# This comment should always be posted on forks, or from internal PRs not originating from Crowdin (which are direct branches)
if: |
github.event.pull_request.head.repo.full_name == 'nodejs/nodejs.org' &&
github.event.pull_request.head.ref != 'chore/crowdin'
(github.event.pull_request.head.repo.full_name != 'nodejs/nodejs.org') ||
(github.event.pull_request.head.repo.full_name == 'nodejs/nodejs.org' && github.event.pull_request.head.ref != 'chore/crowdin')
name: Comment on Translation PR
runs-on: ubuntu-latest
Expand All @@ -34,7 +34,7 @@ jobs:

steps:
- name: Harden Runner
uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
with:
egress-policy: audit

Expand Down Expand Up @@ -65,7 +65,7 @@ jobs:

steps:
- name: Harden Runner
uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
with:
egress-policy: audit

Expand All @@ -92,7 +92,7 @@ jobs:
cache-lint-
- name: Set up Node.js
uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
with:
# We want to ensure that the Node.js version running here respects our supported versions
node-version-file: '.nvmrc'
Expand Down
3 changes: 2 additions & 1 deletion .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,6 @@ build-storybook.log
cache

# Cache Files
.eslintjscache
.eslintmdcache
.stylelintcache
.prettiercache
Expand All @@ -34,3 +33,5 @@ tsconfig.tsbuildinfo

# Sentry Config File
.sentryclirc

dist/
3 changes: 0 additions & 3 deletions .husky/pre-commit
Original file line number Diff line number Diff line change
@@ -1,6 +1,3 @@
#!/usr/bin/env sh
. "$(dirname -- "$0")/_/husky.sh"

# lint and format staged files
npx lint-staged

Expand Down
1 change: 0 additions & 1 deletion .prettierignore
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,6 @@ build-storybook.log
cache

# Cache Files
.eslintjscache
.eslintmdcache
.stylelintcache
.prettiercache
Expand Down
Loading

0 comments on commit 4e1b168

Please sign in to comment.