diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 0161961..802de21 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -6,55 +6,33 @@ on: branches: - main -env: - NODE_VERSION: 16.14 - jobs: build: name: 👷 Build runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v3 - - uses: actions/setup-node@v3 + uses: actions/checkout@v4 + - uses: actions/setup-node@v4 with: - node-version: ${{ env.NODE_VERSION }} - registry-url: https://npm.pkg.github.com/ - # Skip post-install scripts here, as a malicious - # script could steal NODE_AUTH_TOKEN. - - name: Install dependencies - run: npm ci --ignore-scripts - env: - CI: true - NODE_AUTH_TOKEN: ${{ secrets.CI_NPM_READ_ORG }} - # `npm rebuild` will run all those post-install scripts for us. - - run: npm rebuild && npm run prepare --if-present + node-version-file: package.json + - run: npm ci - name: Building - run: yarn build - env: - NODE_AUTH_TOKEN: ${{ secrets.CI_NPM_READ_ORG }} + run: npm run build lint: name: 🪥 Lint runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v3 - - uses: actions/setup-node@v3 + uses: actions/checkout@v4 + - uses: actions/setup-node@v4 with: - node-version: ${{ env.NODE_VERSION }} - registry-url: https://npm.pkg.github.com/ - # Skip post-install scripts here, as a malicious - # script could steal NODE_AUTH_TOKEN. + node-version-file: package.json - name: Install dependencies - run: npm ci --ignore-scripts - env: - CI: true - NODE_AUTH_TOKEN: ${{ secrets.CI_NPM_READ_ORG }} - # `npm rebuild` will run all those post-install scripts for us. - - run: npm rebuild && npm run prepare --if-present - - name: Linting - run: npm run lint + run: npm ci + - name: Lint Check + run: npm run lint-check - name: Format check run: npm run format-check @@ -63,17 +41,12 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v3 - - uses: actions/setup-node@v3 + uses: actions/checkout@v4 + - uses: actions/setup-node@v4 with: - node-version: ${{ env.NODE_VERSION }} - # Skip post-install scripts here, as a malicious - # script could steal NODE_AUTH_TOKEN. + node-version-file: package.json - name: Install dependencies - run: npm ci --ignore-scripts - env: - CI: true - NODE_AUTH_TOKEN: ${{ secrets.CI_NPM_READ_ORG }} + run: npm ci - name: Gitleaks run: npm run leaks shell: bash @@ -83,20 +56,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v3 - - uses: actions/setup-node@v3 + uses: actions/checkout@v4 with: - node-version: ${{ env.NODE_VERSION }} - registry-url: https://npm.pkg.github.com/ - # Skip post-install scripts here, as a malicious - # script could steal NODE_AUTH_TOKEN. + node-version-file: package.json - name: Install dependencies - run: npm ci --ignore-scripts - env: - CI: true - NODE_AUTH_TOKEN: ${{ secrets.CI_NPM_READ_ORG }} - # `npm rebuild` will run all those post-install scripts for us. - - run: npm rebuild && npm run prepare --if-present + run: npm ci - name: Testing run: npm run test - name: Coverage check @@ -112,20 +76,12 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - uses: actions/setup-node@v3 with: - node-version: ${{ env.NODE_VERSION }} - registry-url: https://npm.pkg.github.com/ - # Skip post-install scripts here, as a malicious - # script could steal NODE_AUTH_TOKEN. + node-version-file: package.json - name: Install dependencies - run: npm ci --ignore-scripts - env: - CI: true - NODE_AUTH_TOKEN: ${{ secrets.CI_NPM_READ_ORG }} - # `npm rebuild` will run all those post-install scripts for us. - - run: npm rebuild && npm run prepare --if-present + run: npm ci - name: License validation shell: bash run: ./thirdPartyLicenseCollector_linux_amd64 -npm-project . diff --git a/.github/workflows/publish-next.yml b/.github/workflows/publish-next.yml index efbba24..45e67e4 100644 --- a/.github/workflows/publish-next.yml +++ b/.github/workflows/publish-next.yml @@ -17,14 +17,13 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: persist-credentials: false # otherwise, the token used is the GITHUB_TOKEN, instead of your personal token fetch-depth: 0 # otherwise, you will failed to push refs to dest repo - - uses: actions/setup-node@v3 + - uses: actions/setup-node@v4 with: - node-version: ${{ env.NODE_VERSION }} - registry-url: https://registry.npmjs.org/ + node-version-file: package.json - name: Get Short SHA run: echo "SHORT_SHA=`echo ${{ github.sha }} | cut -c1-8`" >> $GITHUB_ENV - name: Get Next Version @@ -38,14 +37,8 @@ jobs: yarn version --new-version ${NEW_VERSION} cat package.json - name: Install dependencies - run: npm ci --ignore-scripts - env: - CI: true - NODE_AUTH_TOKEN: ${{ secrets.CI_NPM_READ_ORG }} - # `npm rebuild` will run all those post-install scripts for us. - - run: npm rebuild && npm run prepare --if-present + run: npm ci - name: Publish to NPM Package Registry run: npm publish --access=public --tag next env: - CI: true NODE_AUTH_TOKEN: ${{ secrets.CI_NPM_REGISTRY }} diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 51f3c1d..ed45b74 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -5,9 +5,6 @@ on: tags: - 'release/**' -env: - NODE_VERSION: 16.14 - jobs: publish: name: 📢 Publish @@ -17,23 +14,14 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 - - uses: actions/setup-node@v3 + - uses: actions/checkout@v4 + - uses: actions/setup-node@v4 with: - node-version: ${{ env.NODE_VERSION }} - registry-url: https://registry.npmjs.org/ - # Skip post-install scripts here, as a malicious - # script could steal NODE_AUTH_TOKEN. + node-version-file: package.json - name: Install dependencies - run: npm ci --ignore-scripts - env: - CI: true - NODE_AUTH_TOKEN: ${{ secrets.CI_NPM_READ_ORG }} - # `npm rebuild` will run all those post-install scripts for us. - - run: npm rebuild && npm run prepare --if-present + run: npm ci - name: Publish to NPM Package Registry run: npm publish --access=public env: - CI: true NODE_AUTH_TOKEN: ${{ secrets.CI_NPM_REGISTRY }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 5641848..a8049c7 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -13,7 +13,7 @@ jobs: if: "contains(github.event.head_commit.message, 'RELEASE')" steps: - name: Checkout source code - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: persist-credentials: false ref: ${{ github.ref }} diff --git a/.husky/pre-commit b/.husky/pre-commit index 5ecbf85..d24fdfc 100755 --- a/.husky/pre-commit +++ b/.husky/pre-commit @@ -1,4 +1,4 @@ #!/usr/bin/env sh . "$(dirname -- "$0")/_/husky.sh" -git-format-staged -f 'prettier --ignore-unknown --stdin --stdin-filepath "{}"' . +npx lint-staged diff --git a/package-lock.json b/package-lock.json index c1077ac..5ad877f 100644 --- a/package-lock.json +++ b/package-lock.json @@ -73,6 +73,9 @@ "ts-node": "^10.9.2", "typescript": "^4.5.3" }, + "engines": { + "node": "^18 || ^20" + }, "optionalDependencies": { "@descope/web-js-sdk": ">=1" }, diff --git a/package.json b/package.json index 0dd41cb..7329ea2 100644 --- a/package.json +++ b/package.json @@ -58,7 +58,8 @@ "format": "prettier . -w --ignore-path .gitignore", "format-check": "prettier . --check --ignore-path .gitignore", "leaks": "bash ./scripts/gitleaks/gitleaks.sh", - "lint": "eslint '+(src)/**/*.+(ts|tsx)' --fix", + "lint": "npm run lint-check -- --fix", + "lint-check": "eslint '+(src)/**/*.+(ts|tsx)'", "prepare": "husky install", "prepublishOnly": "npm run build", "start": "npm run build && (cd examples/app-router && npm run dev)", @@ -66,7 +67,9 @@ }, "lint-staged": { "+(src|test|examples)/**/*.{js,ts,jsx,tsx}": [ - "npm run lint" + "npm run lint", + "npm run format", + "npm run leaks" ] }, "dependencies": { @@ -141,5 +144,8 @@ }, "optionalDependencies": { "@descope/web-js-sdk": ">=1" + }, + "engines": { + "node": "^18 || ^20" } }