Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[SM-1020] Update to node 20 and latest GitHub action template standards #34

Merged
merged 14 commits into from
Dec 12, 2023

Conversation

Thomas-Avery
Copy link
Collaborator

@Thomas-Avery Thomas-Avery commented Nov 28, 2023

Type of change

  • Bug fix
  • New feature development
  • Tech debt (refactoring, code cleanup, dependency upgrades, etc)
  • Build/deploy pipeline (DevOps)
  • Other

Objective

The purpose of this PR is to update the sm-action to node 20 and upgrade all dependencies.

This PR also updates to the latest recommended pattern of GitHub's typescript action template which was recently updated to node 20.

A successful run can be found here.

An intentionally failed run where an incorrect secret ID was entered can be found here.

Code changes

  • .github/workflows/build-test.yml:
    Updated workflow to use node 20.

  • .github/workflows/check-dist.yml:
    Updated workflow to use node 20 and updating with the typescript action templates latest dist compare.

  • .github/workflows/lint.yml:
    Updated workflow to use node 20.

  • .github/workflows/qa-run.yml:
    Updating the QA run to run on multiple OS to increase coverage.

  • .github/workflows/release.yml:
    Formatting upgrades added a missing newline to this workflow.

  • README.md:
    Updated to new command structure.

  • tests/index.test.ts:
    Added unit tests for index.ts

  • tests/main.test.ts:
    Added simple unit tests for main.ts

  • tests/parser.test.ts:
    Formatting upgrades

  • action.yml:
    Updated action to use node 20 and moved branding under author to conform to the template.

  • dist/index.js
    Newly ncc bundled action code.

  • dist/licenses.txt
    License updates because of dependency upgrades.

  • dist/index.js.map
    dist/sourcemap-register.js
    The template recommends not including source map generation for the ncc command which removes these files.

  • package-lock.json
    Changed from dependency upgrades.

  • package.json
    Updated all dependencies.
    Pinned all dependencies.
    Added engines to indicated needing node 20.
    The recommendation is now to target the ts entry point file directly in the ncc build. ncc build src/index.ts.
    With this we no longer need to run tsc and have a lib folder.

  • src/index.ts
    Conforming to the template of having an index.ts that calls main.

  • src/main.ts
    Exporting the run function so it can be called in index.ts

  • src/parser.ts
    Formatting upgrades

  • tsconfig.json
    Conforming to the template updates for node 20.
    From my understanding, the added settings are to enable using typescript 5.3.2.

Sorry, something went wrong.

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
@Thomas-Avery Thomas-Avery self-assigned this Nov 28, 2023
@bitwarden-bot
Copy link

bitwarden-bot commented Nov 29, 2023

Logo
Checkmarx One – Scan Summary & Detailsc9b0f16d-5b7c-4faf-ac57-3622c76b754c

New Issues

Severity Issue Source File / Package Checkmarx Insight
MEDIUM Unpinned Actions Full Length Commit SHA /qa-run.yml: 33 Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps...

Fixed Issues

Severity Issue Source File / Package
MEDIUM Unpinned Actions Full Length Commit SHA /qa-run.yml: 25
LOW Client_Weak_Cryptographic_Hash /dist/index.js: 2507
LOW Client_Weak_Cryptographic_Hash /dist/index.js: 2364

@Thomas-Avery Thomas-Avery marked this pull request as ready for review November 29, 2023 21:58
@Thomas-Avery Thomas-Avery requested review from a team as code owners November 29, 2023 21:58
@Thomas-Avery Thomas-Avery requested a review from Hinton November 29, 2023 21:58
@Thomas-Avery Thomas-Avery merged commit 6bd0b5e into main Dec 12, 2023
4 checks passed
@Thomas-Avery Thomas-Avery deleted the sm/sm-1020/upgrade-node-20 branch December 12, 2023 21:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

5 participants