From 40ee03ffdc9e00350b4c0510cd4548e3c89de129 Mon Sep 17 00:00:00 2001 From: Frazer Smith Date: Sun, 19 Jun 2022 08:07:05 +0100 Subject: [PATCH 1/4] chore(.gitignore): use latest github ignore template --- .gitignore | 133 ++++++++++++++++++++++++++++++++++++++++++++--------- 1 file changed, 112 insertions(+), 21 deletions(-) diff --git a/.gitignore b/.gitignore index be2ebb654..ab525607e 100644 --- a/.gitignore +++ b/.gitignore @@ -2,62 +2,153 @@ logs *.log npm-debug.log* +yarn-debug.log* +yarn-error.log* +lerna-debug.log* +.pnpm-debug.log* + +# Diagnostic reports (https://nodejs.org/api/report.html) +report.[0-9]*.[0-9]*.[0-9]*.[0-9]*.json # Runtime data pids *.pid *.seed +*.pid.lock # Directory for instrumented libs generated by jscoverage/JSCover lib-cov # Coverage directory used by tools like istanbul coverage +*.lcov + +# nyc test coverage +.nyc_output -# Grunt intermediate storage (http://gruntjs.com/creating-plugins#storing-task-files) +# Grunt intermediate storage (https://gruntjs.com/creating-plugins#storing-task-files) .grunt +# Bower dependency directory (https://bower.io/) +bower_components + # node-waf configuration .lock-wscript -# Compiled binary addons (http://nodejs.org/api/addons.html) +# Compiled binary addons (https://nodejs.org/api/addons.html) build/Release -# Dependency directory -node_modules +# Dependency directories +node_modules/ +jspm_packages/ -# yarn cache -.yarn -.yarnrc.yml -.pnp -.pnp.* +# Snowpack dependency directory (https://snowpack.dev/) +web_modules/ + +# TypeScript cache +*.tsbuildinfo # Optional npm cache directory .npm +# Optional eslint cache +.eslintcache + +# Optional stylelint cache +.stylelintcache + +# Microbundle cache +.rpt2_cache/ +.rts2_cache_cjs/ +.rts2_cache_es/ +.rts2_cache_umd/ + # Optional REPL history .node_repl_history -# 0x -.__browserify_string_empty.js -profile-* +# Output of 'npm pack' +*.tgz -# tap --cov -.nyc_output/ +# Yarn Integrity file +.yarn-integrity -# JetBrains IntelliJ IDEA -.idea -*.iml +# dotenv environment variable files +.env +.env.development.local +.env.test.local +.env.production.local +.env.local + +# parcel-bundler cache (https://parceljs.org/) +.cache +.parcel-cache + +# Next.js build output +.next +out + +# Nuxt.js build / generate output +.nuxt +dist + +# Gatsby files +.cache/ +# Comment in the public line in if your project uses Gatsby and not Next.js +# https://nextjs.org/blog/next-9-1#public-directory-support +# public + +# vuepress build output +.vuepress/dist + +# vuepress v2.x temp and cache directory +.temp +.cache -# VS Code -.vscode/ +# Docusaurus cache and generated files +.docusaurus + +# Serverless directories +.serverless/ + +# FuseBox cache +.fusebox/ + +# DynamoDB Local files +.dynamodb/ + +# TernJS port file +.tern-port + +# Stores VSCode versions used for testing VSCode extensions +.vscode-test + +# yarn v2 +.yarn/cache +.yarn/unplugged +.yarn/build-state.yml +.yarn/install-state.gz +.pnp.* + +# Vim swap files +*.swp + +# macOS files +.DS_Store + +# editor files +.vscode +.idea # lock files -yarn.lock package-lock.json +pnpm-lock.yaml +yarn.lock -!test/fixtures/eval/node_modules +# 0x +.__browserify_string_empty.js +profile-* # Generated files test/fixtures/ts/*js +!test/fixtures/eval/node_modules !test/fixtures/ts/transpile.cjs From dcd56780a44b74dc2a0a4073f1fa134067e35484 Mon Sep 17 00:00:00 2001 From: Frazer Smith Date: Sun, 19 Jun 2022 08:17:20 +0100 Subject: [PATCH 2/4] ci: update workflows --- .github/workflows/bench.yml | 7 ++-- .github/workflows/ci.yml | 46 ++++++++++++++++++++---- .github/workflows/dependency-review.yml | 20 ----------- .github/workflows/package-manager-ci.yml | 6 ++++ .github/workflows/target-main.yml | 3 ++ 5 files changed, 54 insertions(+), 28 deletions(-) delete mode 100644 .github/workflows/dependency-review.yml diff --git a/.github/workflows/bench.yml b/.github/workflows/bench.yml index 2c794e4bc..e5dc66885 100644 --- a/.github/workflows/bench.yml +++ b/.github/workflows/bench.yml @@ -23,10 +23,11 @@ jobs: uses: actions/checkout@v3 with: ref: ${{ github.base_ref }} + persist-credentials: false - name: Setup Node uses: actions/setup-node@v3 with: - node-version: 16 + node-version: lts/* - name: Install Modules run: npm i - name: Run Benchmark @@ -43,10 +44,12 @@ jobs: steps: - name: Checkout Code uses: actions/checkout@v3 + with: + persist-credentials: false - name: Setup Node uses: actions/setup-node@v3 with: - node-version: 16 + node-version: lts/* - name: Install Modules run: npm i - name: Run Benchmark diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 78ca207c0..9aef36263 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,4 +1,5 @@ name: CI + on: push: branches: @@ -10,32 +11,65 @@ on: paths-ignore: - 'docs/**' - '*.md' + +# This allows a subsequently queued workflow run to interrupt previous runs +concurrency: + group: "${{ github.workflow }} @ ${{ github.event.pull_request.head.label || github.head_ref || github.ref }}" + cancel-in-progress: true + jobs: + dependency-review: + name: Dependency Review + if: github.event_name == 'pull_request' + runs-on: ubuntu-latest + permissions: + contents: read + steps: + - name: Check out repo + uses: actions/checkout@v3 + with: + persist-credentials: false + + - name: Dependency review + uses: actions/dependency-review-action@v1 + test: name: ${{ matrix.node-version }} ${{ matrix.os }} runs-on: ${{ matrix.os }} + permissions: + contents: read strategy: fail-fast: false matrix: os: [macOS-latest, windows-latest, ubuntu-latest] node-version: [14, 16, 18] steps: - - uses: actions/checkout@v3 - - name: Use Node.js ${{ matrix.node-version }} + - name: Check out repo + uses: actions/checkout@v3 + with: + persist-credentials: false + + - name: Setup Node ${{ matrix.node-version }} uses: actions/setup-node@v3 with: node-version: ${{ matrix.node-version }} - - name: Install - run: npm i - - name: Tests + + - name: Install dependencies + run: npm i --ignore-scripts + + - name: Run tests run: npm run test-ci automerge: + name: Automerge Dependabot PRs + if: > + github.event_name == 'pull_request' && + github.event.pull_request.user.login == 'dependabot[bot]' needs: test - runs-on: ubuntu-latest permissions: pull-requests: write contents: write + runs-on: ubuntu-latest steps: - uses: fastify/github-action-merge-dependabot@v3 with: diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml deleted file mode 100644 index 0e72a00ef..000000000 --- a/.github/workflows/dependency-review.yml +++ /dev/null @@ -1,20 +0,0 @@ -# Dependency Review Action -# -# This Action will scan dependency manifest files that change as part of a Pull Reqest, surfacing known-vulnerable versions of the packages declared or updated in the PR. Once installed, if the workflow run is marked as required, PRs introducing known-vulnerable packages will be blocked from merging. -# -# Source repository: https://github.com/actions/dependency-review-action -# Public documentation: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement -name: 'Dependency Review' -on: [pull_request] - -permissions: - contents: read - -jobs: - dependency-review: - runs-on: ubuntu-latest - steps: - - name: 'Checkout Repository' - uses: actions/checkout@v3 - - name: 'Dependency Review' - uses: actions/dependency-review-action@v1 diff --git a/.github/workflows/package-manager-ci.yml b/.github/workflows/package-manager-ci.yml index 56991c2e3..a1a7b147c 100644 --- a/.github/workflows/package-manager-ci.yml +++ b/.github/workflows/package-manager-ci.yml @@ -15,6 +15,8 @@ jobs: node-version: [16] steps: - uses: actions/checkout@v3 + with: + persist-credentials: false - name: Use Node.js ${{ matrix.node-version }} uses: actions/setup-node@v3 with: @@ -38,6 +40,8 @@ jobs: node-version: [16] steps: - uses: actions/checkout@v3 + with: + persist-credentials: false - name: Use Node.js ${{ matrix.node-version }} uses: actions/setup-node@v3 with: @@ -65,6 +69,8 @@ jobs: node-version: [16] steps: - uses: actions/checkout@v3 + with: + persist-credentials: false - name: Use Node.js ${{ matrix.node-version }} uses: actions/setup-node@v3 with: diff --git a/.github/workflows/target-main.yml b/.github/workflows/target-main.yml index d3ffde500..bf593907f 100644 --- a/.github/workflows/target-main.yml +++ b/.github/workflows/target-main.yml @@ -4,6 +4,9 @@ on: pull_request_target: types: [opened] +permissions: + pull-requests: write + jobs: comment: if: ${{ github.base_ref != "master" }} From 78e49195c71f786c7217d63b53491d40252eb447 Mon Sep 17 00:00:00 2001 From: Frazer Smith Date: Sun, 19 Jun 2022 08:17:53 +0100 Subject: [PATCH 3/4] docs(readme): remove snyk badge --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index 9d09c0580..3a546c669 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,6 @@ # pino [![npm version](https://img.shields.io/npm/v/pino)](https://www.npmjs.com/package/pino) [![Build Status](https://img.shields.io/github/workflow/status/pinojs/pino/CI)](https://github.com/pinojs/pino/actions) -[![Known Vulnerabilities](https://snyk.io/test/github/pinojs/pino/badge.svg)](https://snyk.io/test/github/pinojs/pino) [![js-standard-style](https://img.shields.io/badge/code%20style-standard-brightgreen.svg?style=flat)](https://standardjs.com/) [Very low overhead](#low-overhead) Node.js logger. From e793016af32ab9484942f905aa64f14fc9a476b2 Mon Sep 17 00:00:00 2001 From: Frazer Smith Date: Sun, 19 Jun 2022 08:37:55 +0100 Subject: [PATCH 4/4] ci(bench): add `--ignore-scripts` to `npm install` --- .github/workflows/bench.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/bench.yml b/.github/workflows/bench.yml index e5dc66885..74af7d832 100644 --- a/.github/workflows/bench.yml +++ b/.github/workflows/bench.yml @@ -29,7 +29,7 @@ jobs: with: node-version: lts/* - name: Install Modules - run: npm i + run: npm i --ignore-scripts - name: Run Benchmark run: npm run bench | tee current.txt - name: Upload Current Results @@ -51,7 +51,7 @@ jobs: with: node-version: lts/* - name: Install Modules - run: npm i + run: npm i --ignore-scripts - name: Run Benchmark run: npm run bench | tee branch.txt - name: Upload Branch Results