fix(ci): updating ci workflows (#11)

.github/workflows/ci.yml

@@ -6,55 +6,33 @@ on:
     branches:
       - main
 
-env:
-  NODE_VERSION: 16.14
-
 jobs:
   build:
     name: 👷 Build
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
-        uses: actions/checkout@v3
-      - uses: actions/setup-node@v3
+        uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
         with:
-          node-version: ${{ env.NODE_VERSION }}
-          registry-url: https://npm.pkg.github.com/
-      # Skip post-install scripts here, as a malicious
-      # script could steal NODE_AUTH_TOKEN.
-      - name: Install dependencies
-        run: npm ci --ignore-scripts
-        env:
-          CI: true
-          NODE_AUTH_TOKEN: ${{ secrets.CI_NPM_READ_ORG }}
-      # `npm rebuild` will run all those post-install scripts for us.
-      - run: npm rebuild && npm run prepare --if-present
+          node-version-file: package.json
+      - run: npm ci
       - name: Building
-        run: yarn build
-        env:
-          NODE_AUTH_TOKEN: ${{ secrets.CI_NPM_READ_ORG }}
+        run: npm run build
 
   lint:
     name: 🪥 Lint
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
-        uses: actions/checkout@v3
-      - uses: actions/setup-node@v3
+        uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
         with:
-          node-version: ${{ env.NODE_VERSION }}
-          registry-url: https://npm.pkg.github.com/
-      # Skip post-install scripts here, as a malicious
-      # script could steal NODE_AUTH_TOKEN.
+          node-version-file: package.json
       - name: Install dependencies
-        run: npm ci --ignore-scripts
-        env:
-          CI: true
-          NODE_AUTH_TOKEN: ${{ secrets.CI_NPM_READ_ORG }}
-      # `npm rebuild` will run all those post-install scripts for us.
-      - run: npm rebuild && npm run prepare --if-present
-      - name: Linting
-        run: npm run lint
+        run: npm ci
+      - name: Lint Check
+        run: npm run lint-check
       - name: Format check
         run: npm run format-check
 
@@ -63,17 +41,12 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
-        uses: actions/checkout@v3
-      - uses: actions/setup-node@v3
+        uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
         with:
-          node-version: ${{ env.NODE_VERSION }}
-      # Skip post-install scripts here, as a malicious
-      # script could steal NODE_AUTH_TOKEN.
+          node-version-file: package.json
       - name: Install dependencies
-        run: npm ci --ignore-scripts
-        env:
-          CI: true
-          NODE_AUTH_TOKEN: ${{ secrets.CI_NPM_READ_ORG }}
+        run: npm ci
       - name: Gitleaks
         run: npm run leaks
         shell: bash
@@ -83,20 +56,11 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
-        uses: actions/checkout@v3
-      - uses: actions/setup-node@v3
+        uses: actions/checkout@v4
         with:
-          node-version: ${{ env.NODE_VERSION }}
-          registry-url: https://npm.pkg.github.com/
-      # Skip post-install scripts here, as a malicious
-      # script could steal NODE_AUTH_TOKEN.
+          node-version-file: package.json
       - name: Install dependencies
-        run: npm ci --ignore-scripts
-        env:
-          CI: true
-          NODE_AUTH_TOKEN: ${{ secrets.CI_NPM_READ_ORG }}
-      # `npm rebuild` will run all those post-install scripts for us.
-      - run: npm rebuild && npm run prepare --if-present
+        run: npm ci
       - name: Testing
         run: npm run test
       - name: Coverage check
@@ -112,20 +76,12 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       - uses: actions/setup-node@v3
         with:
-          node-version: ${{ env.NODE_VERSION }}
-          registry-url: https://npm.pkg.github.com/
-      # Skip post-install scripts here, as a malicious
-      # script could steal NODE_AUTH_TOKEN.
+          node-version-file: package.json
       - name: Install dependencies
-        run: npm ci --ignore-scripts
-        env:
-          CI: true
-          NODE_AUTH_TOKEN: ${{ secrets.CI_NPM_READ_ORG }}
-      # `npm rebuild` will run all those post-install scripts for us.
-      - run: npm rebuild && npm run prepare --if-present
+        run: npm ci
       - name: License validation
         shell: bash
         run: ./thirdPartyLicenseCollector_linux_amd64 -npm-project .

.github/workflows/publish-next.yml

@@ -17,14 +17,13 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           persist-credentials: false # otherwise, the token used is the GITHUB_TOKEN, instead of your personal token
           fetch-depth: 0 # otherwise, you will failed to push refs to dest repo
-      - uses: actions/setup-node@v3
+      - uses: actions/setup-node@v4
         with:
-          node-version: ${{ env.NODE_VERSION }}
-          registry-url: https://registry.npmjs.org/
+          node-version-file: package.json
       - name: Get Short SHA
         run: echo "SHORT_SHA=`echo ${{ github.sha }} | cut -c1-8`" >> $GITHUB_ENV
       - name: Get Next Version
@@ -38,14 +37,8 @@ jobs:
           yarn version --new-version ${NEW_VERSION}
           cat package.json
       - name: Install dependencies
-        run: npm ci --ignore-scripts
-        env:
-          CI: true
-          NODE_AUTH_TOKEN: ${{ secrets.CI_NPM_READ_ORG }}
-      # `npm rebuild` will run all those post-install scripts for us.
-      - run: npm rebuild && npm run prepare --if-present
+        run: npm ci
       - name: Publish to NPM Package Registry
         run: npm publish --access=public --tag next
         env:
-          CI: true
           NODE_AUTH_TOKEN: ${{ secrets.CI_NPM_REGISTRY }}

.github/workflows/publish.yml

@@ -5,9 +5,6 @@ on:
     tags:
       - 'release/**'
 
-env:
-  NODE_VERSION: 16.14
-
 jobs:
   publish:
     name: 📢 Publish
@@ -17,23 +14,14 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v3
-      - uses: actions/setup-node@v3
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
         with:
-          node-version: ${{ env.NODE_VERSION }}
-          registry-url: https://registry.npmjs.org/
-      # Skip post-install scripts here, as a malicious
-      # script could steal NODE_AUTH_TOKEN.
+          node-version-file: package.json
       - name: Install dependencies
-        run: npm ci --ignore-scripts
-        env:
-          CI: true
-          NODE_AUTH_TOKEN: ${{ secrets.CI_NPM_READ_ORG }}
-      # `npm rebuild` will run all those post-install scripts for us.
-      - run: npm rebuild && npm run prepare --if-present
+        run: npm ci
 
       - name: Publish to NPM Package Registry
         run: npm publish --access=public
         env:
-          CI: true
           NODE_AUTH_TOKEN: ${{ secrets.CI_NPM_REGISTRY }}

.github/workflows/release.yml

@@ -13,7 +13,7 @@ jobs:
     if: "contains(github.event.head_commit.message, 'RELEASE')"
     steps:
       - name: Checkout source code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           persist-credentials: false
           ref: ${{ github.ref }}

.husky/pre-commit

@@ -1,4 +1,4 @@
 #!/usr/bin/env sh
 . "$(dirname -- "$0")/_/husky.sh"
 
-git-format-staged -f 'prettier --ignore-unknown --stdin --stdin-filepath "{}"' .
+npx lint-staged

package.json

@@ -58,15 +58,18 @@
 		"format": "prettier . -w --ignore-path .gitignore",
 		"format-check": "prettier . --check --ignore-path .gitignore",
 		"leaks": "bash ./scripts/gitleaks/gitleaks.sh",
-		"lint": "eslint '+(src)/**/*.+(ts|tsx)' --fix",
+		"lint": "npm run lint-check -- --fix",
+		"lint-check": "eslint '+(src)/**/*.+(ts|tsx)'",
 		"prepare": "husky install",
 		"prepublishOnly": "npm run build",
 		"start": "npm run build && (cd examples/app-router && npm run dev)",
 		"test": "jest"
 	},
 	"lint-staged": {
 		"+(src|test|examples)/**/*.{js,ts,jsx,tsx}": [
-			"npm run lint"
+			"npm run lint",
+			"npm run format",
+			"npm run leaks"
 		]
 	},
 	"dependencies": {
@@ -141,5 +144,8 @@
 	},
 	"optionalDependencies": {
 		"@descope/web-js-sdk": ">=1"
+	},
+	"engines": {
+		"node": "^18 || ^20"
 	}
 }