diff --git a/.gitattributes b/.gitattributes index e2c547f..6bfd908 100644 --- a/.gitattributes +++ b/.gitattributes @@ -10,6 +10,7 @@ *.md text eol=lf whitespace=blank-at-eol,-blank-at-eof,-space-before-tab,tab-in-indent,tabwidth=2 *.mjs text eol=lf whitespace=blank-at-eol,-blank-at-eof,-space-before-tab,tab-in-indent,tabwidth=2 *.mts text eol=lf whitespace=blank-at-eol,-blank-at-eof,-space-before-tab,tab-in-indent,tabwidth=2 +*.txt text eol=lf whitespace=blank-at-eol,-blank-at-eof,-space-before-tab,tab-in-indent,tabwidth=2 .dockerignore text eol=lf whitespace=blank-at-eol,-blank-at-eof,-space-before-tab,tab-in-indent,tabwidth=2 .editorconfig text eol=lf whitespace=blank-at-eol,-blank-at-eof,-space-before-tab,tab-in-indent,tabwidth=2 .gitattributes text eol=lf whitespace=blank-at-eol,-blank-at-eof,-space-before-tab,tab-in-indent,tabwidth=2 diff --git a/.github/labeler.yml b/.github/labeler.yml index 21cba52..38f3fb2 100644 --- a/.github/labeler.yml +++ b/.github/labeler.yml @@ -1,6 +1,6 @@ 🍱asset: - changed-files: - - any-glob-to-any-file: 'public/**' + - any-glob-to-any-file: ['app/favicon.ico', 'public/**', 'app/**/*.png', 'app/**/*.svg'] ♻️ci: - changed-files: - any-glob-to-any-file: '.github/**/*.yml' @@ -15,7 +15,7 @@ docker: - any-glob-to-any-file: ['.dockerignore', 'Dockerfile'] 📝documentation: - changed-files: - - any-glob-to-any-file: '**/*.md' + - any-glob-to-any-file: ['**/*.md', '**/*.txt'] 🚀enhancement: - head-branch: ['^feature', 'feature', '^enhancement', 'enhancement'] ✨feature: diff --git a/.github/workflows/auto-assign.yml b/.github/workflows/auto-assign.yml index 4820707..803797e 100644 --- a/.github/workflows/auto-assign.yml +++ b/.github/workflows/auto-assign.yml @@ -10,6 +10,10 @@ on: - opened - reopened +permissions: + issues: write + pull-requests: write + env: GH_TOKEN: ${{ github.token }} diff --git a/.github/workflows/autofix.yml b/.github/workflows/autofix.yml index 95dff43..e6d61a4 100644 --- a/.github/workflows/autofix.yml +++ b/.github/workflows/autofix.yml @@ -5,10 +5,14 @@ concurrency: cancel-in-progress: true on: - push: pull_request: + push: + branches: main workflow_dispatch: +permissions: + contents: read + jobs: quality: runs-on: ubuntu-24.04 diff --git a/.github/workflows/bun-test.yml b/.github/workflows/bun-test.yml index 15009c9..8508d37 100644 --- a/.github/workflows/bun-test.yml +++ b/.github/workflows/bun-test.yml @@ -5,18 +5,22 @@ concurrency: cancel-in-progress: true on: - push: + pull_request: paths: - "app/**" - "public/**" + - ".dockerignore" - "bun.lockb" + - "Dockerfile" - "package.json" - "*config.*" - pull_request: + push: paths: - "app/**" - "public/**" + - ".dockerignore" - "bun.lockb" + - "Dockerfile" - "package.json" - "*config.*" workflow_dispatch: @@ -31,6 +35,8 @@ jobs: - name: Install bun uses: oven-sh/setup-bun@v2 + with: + bun-version: canary - name: Install dependencies run: bun i diff --git a/.github/workflows/cleanup-cashes.yml b/.github/workflows/cleanup-cashes.yml index 52e60ec..e0187b7 100644 --- a/.github/workflows/cleanup-cashes.yml +++ b/.github/workflows/cleanup-cashes.yml @@ -5,7 +5,9 @@ on: paths: - "app/**" - "public/**" + - ".dockerignore" - "bun.lockb" + - "Dockerfile" - "package.json" - "*config.*" types: @@ -32,6 +34,6 @@ jobs: done echo "Done" env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_TOKEN: ${{ github.token }} REPO: ${{ github.repository }} BRANCH: refs/pull/${{ github.event.pull_request.number }}/merge diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 22f6ac1..256efa0 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -5,18 +5,23 @@ concurrency: cancel-in-progress: true on: - push: + pull_request_target: paths: - "app/**" - "public/**" + - ".dockerignore" - "bun.lockb" + - "Dockerfile" - "package.json" - "*config.*" - pull_request_target: + push: + branches: main paths: - "app/**" - "public/**" + - ".dockerignore" - "bun.lockb" + - "Dockerfile" - "package.json" - "*config.*" workflow_dispatch: @@ -27,8 +32,14 @@ on: default: false type: boolean +permissions: + attestations: write + contents: read + id-token: write + packages: write + pull-requests: write + env: - REPOSITORY_OWNER: openup-labtakizawa REPOSITORY: marukome0743/rasnage GHCR_REGISTRY: ghcr.io GHCR_REPOSITORY: openup-labtakizawa/rasnage @@ -38,12 +49,7 @@ env: jobs: build: runs-on: ubuntu-24.04 - permissions: - attestations: write - contents: read - id-token: write - packages: write - pull-requests: write + if: github.repository_owner == 'openup-labtakizawa' steps: - name: Checkout @@ -58,7 +64,6 @@ jobs: uses: docker/setup-buildx-action@v3 - name: Login to Docker Hub - if: github.repository_owner == env.REPOSITORY_OWNER uses: docker/login-action@v3 with: username: ${{ secrets.DOCKER_USER }} @@ -111,7 +116,7 @@ jobs: subject-digest: ${{ steps.push.outputs.digest }} - name: Docker Scout - if: github.repository_owner == env.REPOSITORY_OWNER && github.event_name == 'pull_request_target' + if: github.event_name == 'pull_request_target' uses: docker/scout-action@v1 with: command: compare,cves,recommendations diff --git a/.github/workflows/lambda.yml b/.github/workflows/lambda.yml index 247e920..d82e148 100644 --- a/.github/workflows/lambda.yml +++ b/.github/workflows/lambda.yml @@ -10,7 +10,9 @@ on: paths: - "app/**" - "public/**" + - ".dockerignore" - "bun.lockb" + - "Dockerfile" - "package.json" - "*config.*" workflow_dispatch: diff --git a/bun.lockb b/bun.lockb index 1d8bb43..90c6035 100755 Binary files a/bun.lockb and b/bun.lockb differ