Gauthier
8f6b6f06cc
ci: fix token permissions ( #55 )
...
Potential fix for
[https://github.com/sripwoud/ts-template/security/code-scanning/1 ](https://github.com/sripwoud/ts-template/security/code-scanning/1 )
To resolve this issue, add an explicit `permissions` block at the top
level of the workflow (or for the single job), assigning only the
minimal permissions needed. Since this workflow uses an action to check
the PR title formatting and does not appear to need to write to the repo
or PR (e.g., comment, label, merge), it likely only needs to read pull
request metadata. Therefore, set `contents: read` and `pull-requests:
read` for the workflow. Update `.github/workflows/semantic-pr.yml` by
adding this block after the `name:` line and before the `on:` line. No
additional imports or definitions are required.
---
_Suggested fixes powered by Copilot Autofix. Review carefully before
merging._
---------
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
2025-09-22 09:22:07 +02:00
sripwoud
dcfb8eb89e
ci: bump oven-sh action
2025-07-25 10:08:28 +02:00
sripwoud
2cfe6aa176
ci(main): can trigger manually
2025-07-07 11:42:37 +02:00
sripwoud
da52b14b72
chore(sync): ignore all except convco
2025-07-07 11:34:52 +02:00
sripwoud
0ec67fec86
chore(sync): update ignore file
2025-07-07 11:11:20 +02:00
sripwoud
d9af4238ad
ci(sync): override pr_title
2025-07-07 10:59:20 +02:00
sripwoud
1569dd343d
refactor(gh): name sync workflow
2025-07-07 10:57:55 +02:00
sripwoud
1bd32ed117
fix(gh): ignore github/worfklows from sync
2025-07-07 10:56:46 +02:00
sripwoud
90c7c9dcca
refactor: update sync worlflow
2025-07-07 10:25:58 +02:00
dependabot[bot]
28068921c3
fix: bump tj-actions/changed-files ( #50 )
...
Bumps
[tj-actions/changed-files](https://github.com/tj-actions/changed-files )
from 44 to 46.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tj-actions/changed-files/releases ">tj-actions/changed-files's
releases</a>.</em></p>
<blockquote>
<h2>v46</h2>
<h1>Changes in v46.0.5</h1>
<h2>What's Changed</h2>
<ul>
<li>Upgraded to v46.0.4 by <a
href="https://github.com/github-actions "><code>@github-actions</code></a>
in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2511 ">tj-actions/changed-files#2511</a></li>
<li>chore(deps): bump tj-actions/verify-changed-files from 20.0.1 to
20.0.4 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2523 ">tj-actions/changed-files#2523</a></li>
<li>chore(deps): bump tj-actions/branch-names from 8.0.1 to 8.1.0 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2521 ">tj-actions/changed-files#2521</a></li>
<li>chore(deps): bump github/codeql-action from 3.28.12 to 3.28.15 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2530 ">tj-actions/changed-files#2530</a></li>
<li>chore(deps-dev): bump ts-jest from 29.2.6 to 29.3.1 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2518 ">tj-actions/changed-files#2518</a></li>
<li>chore(deps-dev): bump eslint-plugin-prettier from 5.2.3 to 5.2.6 by
<a href="https://github.com/dependabot "><code>@dependabot</code></a> in
<a
href="https://redirect.github.com/tj-actions/changed-files/pull/2519 ">tj-actions/changed-files#2519</a></li>
<li>chore(deps-dev): bump <code>@types/node</code> from 22.13.11 to
22.14.0 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2517 ">tj-actions/changed-files#2517</a></li>
<li>chore(deps-dev): bump typescript from 5.8.2 to 5.8.3 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2516 ">tj-actions/changed-files#2516</a></li>
<li>chore(deps): bump yaml from 2.7.0 to 2.7.1 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2520 ">tj-actions/changed-files#2520</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/tj-actions/changed-files/compare/v46...v46.0.5 ">https://github.com/tj-actions/changed-files/compare/v46...v46.0.5 </a></p>
<hr />
<h1>Changes in v46.0.4</h1>
<h2>What's Changed</h2>
<ul>
<li>Upgraded to v46.0.3 by <a
href="https://github.com/github-actions "><code>@github-actions</code></a>
in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2506 ">tj-actions/changed-files#2506</a></li>
<li>docs: update readme by <a
href="https://github.com/jackton1 "><code>@jackton1</code></a> in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2508 ">tj-actions/changed-files#2508</a></li>
<li>fix: bug modified_keys and changed_key outputs not set when no
changes detected by <a
href="https://github.com/jackton1 "><code>@jackton1</code></a> in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2509 ">tj-actions/changed-files#2509</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/tj-actions/changed-files/compare/v46...v46.0.4 ">https://github.com/tj-actions/changed-files/compare/v46...v46.0.4 </a></p>
<hr />
<h1>Changes in v46.0.3</h1>
<h2>What's Changed</h2>
<ul>
<li>Updated README.md by <a
href="https://github.com/github-actions "><code>@github-actions</code></a>
in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2499 ">tj-actions/changed-files#2499</a></li>
<li>Updated README.md by <a
href="https://github.com/github-actions "><code>@github-actions</code></a>
in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2501 ">tj-actions/changed-files#2501</a></li>
<li>Upgraded to v46.0.2 by <a
href="https://github.com/github-actions "><code>@github-actions</code></a>
in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2500 ">tj-actions/changed-files#2500</a></li>
<li>chore(deps-dev): bump <code>@types/node</code> from 22.13.10 to
22.13.11 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2502 ">tj-actions/changed-files#2502</a></li>
<li>chore: pin github actions by <a
href="https://github.com/jackton1 "><code>@jackton1</code></a> in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2503 ">tj-actions/changed-files#2503</a></li>
<li>doc: remove warning by <a
href="https://github.com/jackton1 "><code>@jackton1</code></a> in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2504 ">tj-actions/changed-files#2504</a></li>
<li>chore(deps): bump test/demo from <code>5dfac2e</code> to
<code>c6bd3b3</code> by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2505 ">tj-actions/changed-files#2505</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/tj-actions/changed-files/compare/v46...v46.0.3 ">https://github.com/tj-actions/changed-files/compare/v46...v46.0.3 </a></p>
<hr />
<h1>Changes in v46.0.2</h1>
<h2>What's Changed</h2>
<ul>
<li>Upgraded to v46.0.1 by <a
href="https://github.com/github-actions "><code>@github-actions</code></a>
in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2474 ">tj-actions/changed-files#2474</a></li>
<li>add hint to revoke leaked token by <a
href="https://github.com/undefined-moe "><code>@undefined-moe</code></a>
in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2475 ">tj-actions/changed-files#2475</a></li>
<li>Updated README.md by <a
href="https://github.com/github-actions "><code>@github-actions</code></a>
in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2476 ">tj-actions/changed-files#2476</a></li>
<li>doc: update README.md by <a
href="https://github.com/jackton1 "><code>@jackton1</code></a> in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2478 ">tj-actions/changed-files#2478</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md ">tj-actions/changed-files's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.4...v46.0.5 ">46.0.5</a>
- (2025-04-09)</h1>
<h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2>
<ul>
<li><strong>deps:</strong> Bump yaml from 2.7.0 to 2.7.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2520 ">#2520</a>)
(<a
href="ed68ef82c0https://redirect.github.com/tj-actions/changed-files/issues/2516 ">#2516</a>)
(<a
href="a7bc14b808https://redirect.github.com/tj-actions/changed-files/issues/2517 ">#2517</a>)
(<a
href="3d751f6b6dhttps://redirect.github.com/tj-actions/changed-files/issues/2519 ">#2519</a>)
(<a
href="e2fda4ec3chttps://redirect.github.com/tj-actions/changed-files/issues/2518 ">#2518</a>)
(<a
href="0bed1b1132https://redirect.github.com/tj-actions/changed-files/issues/2530 ">#2530</a>)
(<a
href="68024587dchttps://redirect.github.com/tj-actions/changed-files/issues/2521 ">#2521</a>)
(<a
href="cf2e39e86bhttps://redirect.github.com/tj-actions/changed-files/issues/2523 ">#2523</a>)
(<a
href="6abeaa506a⬆️ Upgrades</h2>
<ul>
<li>Upgraded to v46.0.4 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2511 ">#2511</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot]
<41898282+github-actions[bot]<a
href="https://github.com/users "><code>@users</code></a>.noreply.github.com>
(<a
href="6f67ee9ac8https://github.com/tj-actions/changed-files/compare/v46.0.3...v46.0.4 ">46.0.4</a>
- (2025-04-03)</h1>
<h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2>
<ul>
<li>Bug modified_keys and changed_key outputs not set when no changes
detected (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2509 ">#2509</a>)
(<a
href="6cb76d07be📚 Documentation</h2>
<ul>
<li>Update readme (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2508 ">#2508</a>)
(<a
href="b74df86ccb⬆️ Upgrades</h2>
<ul>
<li>Upgraded to v46.0.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2506 ">#2506</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot]
<41898282+github-actions[bot]<a
href="https://github.com/users "><code>@users</code></a>.noreply.github.com>
Co-authored-by: Tonye Jack <a
href="mailto:jtonye@ymail.com ">jtonye@ymail.com </a> (<a
href="27ae6b33eahttps://github.com/tj-actions/changed-files/compare/v46.0.2...v46.0.3 ">46.0.3</a>
- (2025-03-23)</h1>
<h2><!-- raw HTML omitted -->🔄 Update</h2>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2501 ">#2501</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot]
<41898282+github-actions[bot]<a
href="https://github.com/users "><code>@users</code></a>.noreply.github.com>
(<a
href="41e0de576ahttps://redirect.github.com/tj-actions/changed-files/issues/2499 ">#2499</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot]
<41898282+github-actions[bot]<a
href="https://github.com/users "><code>@users</code></a>.noreply.github.com>
(<a
href="945787811a📚 Documentation</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ed68ef82c0https://redirect.github.com/tj-actions/changed-files/issues/2520 ">#2520</a>)</li>
<li><a
href="a7bc14b808https://redirect.github.com/tj-actions/changed-files/issues/2516 ">#2516</a>)</li>
<li><a
href="3d751f6b6dhttps://redirect.github.com/tj-actions/changed-files/issues/2517 ">#2517</a>)</li>
<li><a
href="e2fda4ec3chttps://redirect.github.com/tj-actions/changed-files/issues/2519 ">#2519</a>)</li>
<li><a
href="0bed1b1132https://redirect.github.com/tj-actions/changed-files/issues/2518 ">#2518</a>)</li>
<li><a
href="68024587dchttps://redirect.github.com/tj-actions/changed-files/issues/2530 ">#2530</a>)</li>
<li><a
href="cf2e39e86bhttps://redirect.github.com/tj-actions/changed-files/issues/2521 ">#2521</a>)</li>
<li><a
href="6abeaa506ahttps://redirect.github.com/tj-actions/changed-files/issues/2523 ">#2523</a>)</li>
<li><a
href="6f67ee9ac8https://redirect.github.com/tj-actions/changed-files/issues/2511 ">#2511</a>)</li>
<li><a
href="6cb76d07behttps://github.com/tj-actions/changed-files/compare/v44...v46 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/sripwoud/ts-template/network/alerts ).
</details>
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Gauthier <me@sripwoud.xyz >
2025-07-07 08:09:40 +00:00
sripwoud
8890f010f5
ci: add sync workflow
2025-07-07 10:03:53 +02:00
sripwoud
b89ba0ec93
ci: add action to lint PR titles ( #49 )
...
https://github.com/amannn/action-semantic-pull-request
2025-02-23 22:01:22 +01:00
sripwoud
b6173d0ad2
refactor: install all dev tools with mise
2025-02-19 13:26:41 +01:00
sripwoud
cbd3c4ae3d
fix: pin hk.pkl
...
https://github.com/jdx/hk/issues/10
2025-02-18 16:38:42 +01:00
sripwoud
8cc84a2aa6
chore: use mise ( #46 )
...
- **bump all deps, remove lintstagedrc, barreslby, lefthook**
- **cleanup**
- **define mise tasks**
- **fix test**
2025-02-14 11:14:08 +01:00
sripwoud
5896624c8b
ci: refactor ( #43 )
2024-07-12 07:40:49 +00:00
sripwoud
64c0aa5f09
ci: run test and validate jobs in same workflow ( #42 )
2024-07-12 07:23:58 +00:00
sripwoud
a95c6748ba
fix: use bun cmd to run concurrently
2024-07-11 14:39:19 +02:00
sripwoud
171a1b6a0e
feat: use dprint for formatting
2024-07-11 14:39:19 +02:00
sripwoud
ea2e051aa1
ci: add coveralls step ( #40 )
2024-07-11 13:21:02 +02:00
sripwoud
b09ac3303b
refactor: move to bun as js runtime ( #35 )
...
Bun is now used as sript and test runner. (No need for pnpm or jest)
2023-11-06 11:18:50 +01:00
sripwoud
08ead6f0fb
🔧 Update jest config ( #34 )
2023-10-23 15:13:48 +02:00
sripwoud
dbd1b19337
✨ Set up turborepo ( #31 )
...
- install `turbo`, remove `nps`
- fix turbo config
- lint
- Remove `package-scripts.yml`
- Update README.md
- Update static analysis GH workflow
2023-08-14 16:33:54 +02:00
sripwoud
3e224372dc
Remove snyk GH action ( #30 )
...
- Remove snyk GH action, use sny GtiHub App integration instead
- Rename Code Quality action to Static Analysis
2023-08-14 12:44:06 +02:00
sripwoud
b9c74731d9
⬆️ bump eslint/prettier config deps
2023-04-14 14:32:52 +02:00
sripwoud
ec89ee2766
:pencil2: 🐛 paths-ignore (instead of path-ignores)
2022-12-18 11:45:24 +01:00
sripwoud
c28eb3ee21
📝 Update badges URIs ( #23 )
2022-12-17 15:19:19 +01:00
sripwoud
632e15e100
🧪 Add prettier and lint jest runners ( #21 )
...
- config jest test runner
- add watch select projects plugin
- add watch typeahead plugin
- add jest prettier runner
2022-12-17 15:09:03 +01:00
sripwoud
1dcc0a7f61
➕ Use is-ci ( #20 )
2022-12-06 14:06:22 +01:00
sripwoud
ee986e05c3
👷 Add snyk workflow ( #19 )
2022-12-05 16:33:34 +01:00
sripwoud
0df4c06d81
🔨 Parallelize static analysis scripts ( #18 )
...
- 🔨 Parallelize validation scripts
- Update workflow
2022-12-04 23:32:06 +01:00
sripwoud
614817dd5c
👷 Set up coveralls ( #14 )
2022-12-01 19:25:22 +01:00
sripwoud
70695f4fea
👷 Define GitHub workflow ( #5 )
...
* 👷 Define GitHub workflow
* fix missing nps script
* add missing scripts
* format
2022-11-22 12:23:43 +01:00
