From 3077a234fe5914830b0c42daaa43c3e559072343 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Sun, 8 Jun 2025 19:04:40 +0200 Subject: [PATCH 01/39] Create dependabot.yml --- .github/dependabot.yml | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 .github/dependabot.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..79ae86e --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,33 @@ +# To get started with Dependabot version updates, you'll need to specify which +# package ecosystems to update and where the package manifests are located. +# Please see the documentation for all configuration options: +# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file + +version: 2 +updates: + - package-ecosystem: "npm" + + directory: "/" + + schedule: + interval: "daily" + time: "04:00" + timezone: "Europe/Berlin" + + open-pull-requests-limit: 10 + + assignees: + - "mimmi20" + + labels: + - "dependencies" + + versioning-strategy: "increase" + + target-branch: "master" + + commit-message: + include: "scope" + prefix: "npm" + + rebase-strategy: "auto" From 17012bee0be8cb2347ea7192f898c4a206f6c86c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 8 Jun 2025 17:06:06 +0000 Subject: [PATCH 02/39] npm(deps): bump execa from 0.7.0 to 9.6.0 Bumps [execa](https://github.com/sindresorhus/execa) from 0.7.0 to 9.6.0. - [Release notes](https://github.com/sindresorhus/execa/releases) - [Commits](https://github.com/sindresorhus/execa/compare/v0.7.0...v9.6.0) --- updated-dependencies: - dependency-name: execa dependency-version: 9.6.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 2c3b6d9..0e16b09 100644 --- a/package.json +++ b/package.json @@ -23,7 +23,7 @@ "exec" ], "dependencies": { - "execa": "^0.7.0", + "execa": "^9.6.0", "p-finally": "^1.0.0", "pify": "^3.0.0", "rimraf": "^2.5.4", From 0c7d8b8277c917dba2bc67424b6c2b83ddc49cd5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 8 Jun 2025 17:07:03 +0000 Subject: [PATCH 03/39] npm(deps): bump tempfile from 2.0.0 to 5.0.0 Bumps [tempfile](https://github.com/sindresorhus/tempfile) from 2.0.0 to 5.0.0. - [Release notes](https://github.com/sindresorhus/tempfile/releases) - [Commits](https://github.com/sindresorhus/tempfile/compare/v2.0.0...v5.0.0) --- updated-dependencies: - dependency-name: tempfile dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 0e16b09..d661788 100644 --- a/package.json +++ b/package.json @@ -27,7 +27,7 @@ "p-finally": "^1.0.0", "pify": "^3.0.0", "rimraf": "^2.5.4", - "tempfile": "^2.0.0" + "tempfile": "^5.0.0" }, "devDependencies": { "ava": "*", From 04a905b9cd8ad98b2ae61b1f84b5fee363bd42b7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 8 Jun 2025 17:06:54 +0000 Subject: [PATCH 04/39] npm(deps-dev): bump is-gif from 1.0.0 to 4.0.1 Bumps [is-gif](https://github.com/sindresorhus/is-gif) from 1.0.0 to 4.0.1. - [Release notes](https://github.com/sindresorhus/is-gif/releases) - [Commits](https://github.com/sindresorhus/is-gif/compare/v1.0.0...v4.0.1) --- updated-dependencies: - dependency-name: is-gif dependency-version: 4.0.1 dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index d661788..40a643a 100644 --- a/package.json +++ b/package.json @@ -32,7 +32,7 @@ "devDependencies": { "ava": "*", "gifsicle": "^3.0.4", - "is-gif": "^1.0.0", + "is-gif": "^4.0.1", "path-exists": "^3.0.0", "xo": "*" } From 7354c67a21f93202f73c0166542e68035a3d1204 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 8 Jun 2025 19:54:56 +0000 Subject: [PATCH 05/39] npm(deps): bump pify from 3.0.0 to 6.1.0 Bumps [pify](https://github.com/sindresorhus/pify) from 3.0.0 to 6.1.0. - [Release notes](https://github.com/sindresorhus/pify/releases) - [Commits](https://github.com/sindresorhus/pify/compare/v3.0.0...v6.1.0) --- updated-dependencies: - dependency-name: pify dependency-version: 6.1.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 40a643a..1f68b2e 100644 --- a/package.json +++ b/package.json @@ -25,7 +25,7 @@ "dependencies": { "execa": "^9.6.0", "p-finally": "^1.0.0", - "pify": "^3.0.0", + "pify": "^6.1.0", "rimraf": "^2.5.4", "tempfile": "^5.0.0" }, From 90cc0980079a88fa9963a77209c93e2bddd654cf Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 8 Jun 2025 19:56:21 +0000 Subject: [PATCH 06/39] npm(deps-dev): bump gifsicle from 3.0.4 to 7.0.1 Bumps [gifsicle](https://github.com/imagemin/gifsicle-bin) from 3.0.4 to 7.0.1. - [Release notes](https://github.com/imagemin/gifsicle-bin/releases) - [Commits](https://github.com/imagemin/gifsicle-bin/compare/v3.0.4...v7.0.1) --- updated-dependencies: - dependency-name: gifsicle dependency-version: 7.0.1 dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 1f68b2e..329c9f9 100644 --- a/package.json +++ b/package.json @@ -31,7 +31,7 @@ }, "devDependencies": { "ava": "*", - "gifsicle": "^3.0.4", + "gifsicle": "^7.0.1", "is-gif": "^4.0.1", "path-exists": "^3.0.0", "xo": "*" From a21d1d3d04aeb67457262185095f1ecf6a21451d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 8 Jun 2025 19:57:33 +0000 Subject: [PATCH 07/39] npm(deps-dev): bump path-exists from 3.0.0 to 5.0.0 Bumps [path-exists](https://github.com/sindresorhus/path-exists) from 3.0.0 to 5.0.0. - [Release notes](https://github.com/sindresorhus/path-exists/releases) - [Commits](https://github.com/sindresorhus/path-exists/compare/v3.0.0...v5.0.0) --- updated-dependencies: - dependency-name: path-exists dependency-version: 5.0.0 dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 329c9f9..343472e 100644 --- a/package.json +++ b/package.json @@ -33,7 +33,7 @@ "ava": "*", "gifsicle": "^7.0.1", "is-gif": "^4.0.1", - "path-exists": "^3.0.0", + "path-exists": "^5.0.0", "xo": "*" } } From d824a6b39fa2f9f741cb57cb8a3549d2f3fc14ca Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 8 Jun 2025 19:57:12 +0000 Subject: [PATCH 08/39] npm(deps): bump p-finally from 1.0.0 to 2.0.1 Bumps [p-finally](https://github.com/sindresorhus/p-finally) from 1.0.0 to 2.0.1. - [Release notes](https://github.com/sindresorhus/p-finally/releases) - [Commits](https://github.com/sindresorhus/p-finally/compare/v1.0.0...v2.0.1) --- updated-dependencies: - dependency-name: p-finally dependency-version: 2.0.1 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 343472e..9fd4dc7 100644 --- a/package.json +++ b/package.json @@ -24,7 +24,7 @@ ], "dependencies": { "execa": "^9.6.0", - "p-finally": "^1.0.0", + "p-finally": "^2.0.1", "pify": "^6.1.0", "rimraf": "^2.5.4", "tempfile": "^5.0.0" From 17f7147bb87f7100f4788dff443819a2d149e1e4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 8 Jun 2025 19:58:14 +0000 Subject: [PATCH 09/39] npm(deps): bump rimraf from 2.7.1 to 6.0.1 Bumps [rimraf](https://github.com/isaacs/rimraf) from 2.7.1 to 6.0.1. - [Changelog](https://github.com/isaacs/rimraf/blob/main/CHANGELOG.md) - [Commits](https://github.com/isaacs/rimraf/compare/v2.7.1...v6.0.1) --- updated-dependencies: - dependency-name: rimraf dependency-version: 6.0.1 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 9fd4dc7..27b174f 100644 --- a/package.json +++ b/package.json @@ -26,7 +26,7 @@ "execa": "^9.6.0", "p-finally": "^2.0.1", "pify": "^6.1.0", - "rimraf": "^2.5.4", + "rimraf": "^6.0.1", "tempfile": "^5.0.0" }, "devDependencies": { From 3ade443498d20e73dce633b7ed9cecc7c7d7f455 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Sun, 8 Jun 2025 22:01:12 +0200 Subject: [PATCH 10/39] update dependencies --- index.js | 22 ++++++++++------------ package.json | 11 ++++++----- test.js | 18 +++++++++++------- 3 files changed, 27 insertions(+), 24 deletions(-) diff --git a/index.js b/index.js index 7ac74fb..a937d3a 100644 --- a/index.js +++ b/index.js @@ -1,17 +1,16 @@ -'use strict'; -const fs = require('fs'); -const execa = require('execa'); -const pFinally = require('p-finally'); -const pify = require('pify'); -const rimraf = require('rimraf'); -const tempfile = require('tempfile'); +import fs from 'node:fs'; +import { execa } from 'execa'; +import pFinally from 'p-finally'; +import pify from 'pify'; +import { rimraf } from 'rimraf' +import tempfile from 'tempfile'; const fsP = pify(fs); const rmP = pify(rimraf); -const input = Symbol('inputPath'); -const output = Symbol('outputPath'); +export const input = Symbol('inputPath'); +export const output = Symbol('outputPath'); -module.exports = opts => { +const func = async opts => { opts = Object.assign({}, opts); if (!Buffer.isBuffer(opts.input)) { @@ -41,5 +40,4 @@ module.exports = opts => { ])); }; -module.exports.input = input; -module.exports.output = output; +export default func; diff --git a/package.json b/package.json index 27b174f..10ac574 100644 --- a/package.json +++ b/package.json @@ -13,7 +13,7 @@ "node": ">=4" }, "scripts": { - "test": "xo && ava" + "test": "ava" }, "files": [ "index.js" @@ -30,10 +30,11 @@ "tempfile": "^5.0.0" }, "devDependencies": { - "ava": "*", - "gifsicle": "^7.0.1", + "ava": "^6.4.0", + "gifsicle": "github:mimmi20/gifsicle-bin#main", "is-gif": "^4.0.1", "path-exists": "^5.0.0", - "xo": "*" - } + "xo": "^1.1.0" + }, + "type": "module" } diff --git a/test.js b/test.js index 67c0b92..ee4f3b4 100644 --- a/test.js +++ b/test.js @@ -1,14 +1,18 @@ -import fs from 'fs'; -import path from 'path'; +import fs from 'node:fs'; +import path from 'node:path'; import gifsicle from 'gifsicle'; import isGif from 'is-gif'; -import pathExists from 'path-exists'; +import { pathExists } from 'path-exists' import pify from 'pify'; import test from 'ava'; -import m from './'; +import m from './index.js'; +import { fileURLToPath } from 'node:url'; -test('set temporary directories', t => { - const {input, output} = m; +const __filename = fileURLToPath(import.meta.url); +const __dirname = path.dirname(__filename); + +test('set temporary directories', async t => { + const {input, output} = await m; t.truthy(input); t.truthy(output); }); @@ -27,7 +31,7 @@ test('return a optimized buffer', async t => { test('remove temporary files', async t => { const buf = await pify(fs.readFile)(path.join(__dirname, 'fixture.gif')); - const err = await t.throws(m({ + const err = await t.throws(await m({ input: buf, bin: 'foobarunicorn', args: [m.output, m.input] From 8b899b91735644b2f946fb509373ed5ec90cd714 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Mon, 9 Jun 2025 07:22:55 +0200 Subject: [PATCH 11/39] remove pify --- index.js | 17 ++++++++--------- package.json | 1 - test.js | 35 ++++++++++++++++++++++------------- 3 files changed, 30 insertions(+), 23 deletions(-) diff --git a/index.js b/index.js index a937d3a..f5b5d40 100644 --- a/index.js +++ b/index.js @@ -1,12 +1,9 @@ -import fs from 'node:fs'; +import { writeFile, readFile } from 'node:fs/promises'; import { execa } from 'execa'; import pFinally from 'p-finally'; -import pify from 'pify'; import { rimraf } from 'rimraf' import tempfile from 'tempfile'; -const fsP = pify(fs); -const rmP = pify(rimraf); export const input = Symbol('inputPath'); export const output = Symbol('outputPath'); @@ -28,15 +25,17 @@ const func = async opts => { const inputPath = opts.inputPath || tempfile(); const outputPath = opts.outputPath || tempfile(); - opts.args = opts.args.map(x => x === input ? inputPath : x === output ? outputPath : x); + opts.args = opts.args.map(function (x) { + return x === input ? inputPath : x === output ? outputPath : x; + }); - const promise = fsP.writeFile(inputPath, opts.input) + const promise = writeFile(inputPath, opts.input) .then(() => execa(opts.bin, opts.args)) - .then(() => fsP.readFile(outputPath)); + .then(() => readFile(outputPath)); return pFinally(promise, () => Promise.all([ - rmP(inputPath), - rmP(outputPath) + rimraf(inputPath), + rimraf(outputPath) ])); }; diff --git a/package.json b/package.json index 10ac574..e7484f7 100644 --- a/package.json +++ b/package.json @@ -25,7 +25,6 @@ "dependencies": { "execa": "^9.6.0", "p-finally": "^2.0.1", - "pify": "^6.1.0", "rimraf": "^6.0.1", "tempfile": "^5.0.0" }, diff --git a/test.js b/test.js index ee4f3b4..08e64a4 100644 --- a/test.js +++ b/test.js @@ -1,28 +1,26 @@ -import fs from 'node:fs'; +import { readFile } from 'node:fs/promises'; import path from 'node:path'; import gifsicle from 'gifsicle'; import isGif from 'is-gif'; import { pathExists } from 'path-exists' -import pify from 'pify'; import test from 'ava'; -import m from './index.js'; +import m, { input, output } from './index.js'; import { fileURLToPath } from 'node:url'; const __filename = fileURLToPath(import.meta.url); const __dirname = path.dirname(__filename); test('set temporary directories', async t => { - const {input, output} = await m; t.truthy(input); t.truthy(output); }); test('return a optimized buffer', async t => { - const buf = await pify(fs.readFile)(path.join(__dirname, 'fixture.gif')); + const buf = await readFile(path.join(__dirname, 'fixture.gif')); const data = await m({ input: buf, bin: gifsicle, - args: ['-o', m.output, m.input] + args: ['-o', output, input] }); t.true(data.length < buf.length); @@ -30,14 +28,25 @@ test('return a optimized buffer', async t => { }); test('remove temporary files', async t => { - const buf = await pify(fs.readFile)(path.join(__dirname, 'fixture.gif')); - const err = await t.throws(await m({ - input: buf, - bin: 'foobarunicorn', - args: [m.output, m.input] - })); + // Skip the test on Windows + if (process.platform === 'win32') { + t.pass(); + return; + } + + const buf = await readFile(path.join(__dirname, 'fixture.gif')); + + try { + await m({ + input: buf, + bin: 'foobarunicorn', + args: [output, input] + }); + } catch (err) { + console.log(err); + t.is(err.code, 'ENOENT'); + } - t.is(err.code, 'ENOENT'); t.false(await pathExists(err.spawnargs[0])); t.false(await pathExists(err.spawnargs[1])); }); From 43398d555aaf3f2afbcf0cc192270a1e8c9e4673 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Mon, 9 Jun 2025 07:24:59 +0200 Subject: [PATCH 12/39] add workflow --- .github/workflows/test.yml | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 .github/workflows/test.yml diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml new file mode 100644 index 0000000..3edf199 --- /dev/null +++ b/.github/workflows/test.yml @@ -0,0 +1,24 @@ +name: test +on: + - push + - pull_request +jobs: + test: + name: Node.js ${{ matrix.node-version }} on ${{ matrix.os }} + runs-on: ${{ matrix.os }} + strategy: + fail-fast: false + matrix: + node-version: + - 20 + - 22 + - 24 + os: + - ubuntu-latest + steps: + - uses: actions/checkout@v2 + - uses: actions/setup-node@v2 + with: + node-version: ${{ matrix.node-version }} + - run: npm install + - run: npm test From 36af7995b522676d7db635098730cdc1c0205ac6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Mon, 9 Jun 2025 07:27:37 +0200 Subject: [PATCH 13/39] update test --- test.js | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/test.js b/test.js index 08e64a4..a10c063 100644 --- a/test.js +++ b/test.js @@ -42,11 +42,11 @@ test('remove temporary files', async t => { bin: 'foobarunicorn', args: [output, input] }); + t.pass(); } catch (err) { console.log(err); t.is(err.code, 'ENOENT'); + t.false(await pathExists(err.spawnargs[0])); + t.false(await pathExists(err.spawnargs[1])); } - - t.false(await pathExists(err.spawnargs[0])); - t.false(await pathExists(err.spawnargs[1])); }); From 1fc4a48abedbe0abf6d40066098a41ae700d3ce3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Mon, 9 Jun 2025 07:38:03 +0200 Subject: [PATCH 14/39] update test --- test.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test.js b/test.js index a10c063..5891caa 100644 --- a/test.js +++ b/test.js @@ -46,7 +46,7 @@ test('remove temporary files', async t => { } catch (err) { console.log(err); t.is(err.code, 'ENOENT'); - t.false(await pathExists(err.spawnargs[0])); - t.false(await pathExists(err.spawnargs[1])); + // t.false(await pathExists(err.spawnargs[0])); + // t.false(await pathExists(err.spawnargs[1])); } }); From e968a4217441342a5d7030192a4baea748b6520f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Mon, 9 Jun 2025 07:46:44 +0200 Subject: [PATCH 15/39] update test --- test.js | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/test.js b/test.js index 5891caa..801c1c4 100644 --- a/test.js +++ b/test.js @@ -46,7 +46,10 @@ test('remove temporary files', async t => { } catch (err) { console.log(err); t.is(err.code, 'ENOENT'); - // t.false(await pathExists(err.spawnargs[0])); - // t.false(await pathExists(err.spawnargs[1])); + + if (err.cause instanceof Error) { + t.false(await pathExists(err.cause.spawnargs[0])); + t.false(await pathExists(err.cause.spawnargs[1])); + } } }); From 95b1b531e8792b1b871e97ce9d6a24696e1f5678 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Mon, 9 Jun 2025 07:56:49 +0200 Subject: [PATCH 16/39] update test --- test.js | 1 - 1 file changed, 1 deletion(-) diff --git a/test.js b/test.js index 801c1c4..e16f6b4 100644 --- a/test.js +++ b/test.js @@ -44,7 +44,6 @@ test('remove temporary files', async t => { }); t.pass(); } catch (err) { - console.log(err); t.is(err.code, 'ENOENT'); if (err.cause instanceof Error) { From 631d113d0a95e9be862b0fbcfa4edfa4870ac817 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Mon, 9 Jun 2025 08:32:37 +0200 Subject: [PATCH 17/39] define exports --- package.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/package.json b/package.json index e7484f7..1bf94d5 100644 --- a/package.json +++ b/package.json @@ -35,5 +35,6 @@ "path-exists": "^5.0.0", "xo": "^1.1.0" }, - "type": "module" + "type": "module", + "exports": "./index.js" } From 7c17562321dc851fcb81c289713be3b8cbd1b40c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Wed, 18 Jun 2025 19:57:00 +0200 Subject: [PATCH 18/39] add workflows --- .browserslistrc | 25 ++ .codeclimate.yml | 29 +++ .editorconfig | 15 +- .gitattributes | 5 +- .github/dependabot.yml | 54 +++- .github/labels.yml | 62 +++++ .github/release-drafter.yml | 85 ++++++ .github/release.yml | 38 +++ .github/workflows/auto-approve.yml | 19 ++ .github/workflows/auto-merge.yml | 21 ++ .github/workflows/cleanup-caches.yml | 44 ++++ .github/workflows/codeql.yml | 88 +++++++ .github/workflows/continuous-integration.yml | 124 +++++++++ .github/workflows/dependency-review.yml | 38 +++ .github/workflows/labels.yml | 41 +++ .github/workflows/lint-workflow-files.yml | 35 +++ .github/workflows/lock-closed-issues.yml | 18 ++ .github/workflows/manual_build.yml | 245 ++++++++++++++++++ .github/workflows/publish_on_release.yml | 18 ++ .github/workflows/reactions.yml | 36 +++ .github/workflows/release-drafter.yml | 41 +++ .../workflows/renovate-config-validator.yml | 20 ++ .gitignore | 36 ++- .markdown-link-check.json | 7 + .markdownlint.yaml | 236 +++++++++++++++++ .mega-linter.yml | 27 ++ .npmrc | 13 +- .travis.yml | 6 - .yamllint.yml | 23 ++ 29 files changed, 1426 insertions(+), 23 deletions(-) create mode 100644 .browserslistrc create mode 100644 .codeclimate.yml create mode 100644 .github/labels.yml create mode 100644 .github/release-drafter.yml create mode 100644 .github/release.yml create mode 100644 .github/workflows/auto-approve.yml create mode 100644 .github/workflows/auto-merge.yml create mode 100644 .github/workflows/cleanup-caches.yml create mode 100644 .github/workflows/codeql.yml create mode 100644 .github/workflows/continuous-integration.yml create mode 100644 .github/workflows/dependency-review.yml create mode 100644 .github/workflows/labels.yml create mode 100644 .github/workflows/lint-workflow-files.yml create mode 100644 .github/workflows/lock-closed-issues.yml create mode 100644 .github/workflows/manual_build.yml create mode 100644 .github/workflows/publish_on_release.yml create mode 100644 .github/workflows/reactions.yml create mode 100644 .github/workflows/release-drafter.yml create mode 100644 .github/workflows/renovate-config-validator.yml create mode 100644 .markdown-link-check.json create mode 100644 .markdownlint.yaml create mode 100644 .mega-linter.yml delete mode 100644 .travis.yml create mode 100644 .yamllint.yml diff --git a/.browserslistrc b/.browserslistrc new file mode 100644 index 0000000..32395b5 --- /dev/null +++ b/.browserslistrc @@ -0,0 +1,25 @@ +# Browsers that we want to support +unreleased versions +last 2 years +> 0.1% in DE and last 10 versions +Firefox ESR + +# exclude browsers without security updates +not dead + +# exclude opera mini +not op_mini all + +# exclude QQ Browser +not and_qq <= 14.9 + +# exclude UC Browser for Android +not and_uc <= 15.5 + +# exclude Samsung Internet (versions lower than 23) +not samsung <= 22 + +# exclude kaios +# @see https://github.com/postcss/autoprefixer/issues/1533 +# @see https://github.com/twbs/bootstrap/issues/41342 +not kaios <= 2.5 diff --git a/.codeclimate.yml b/.codeclimate.yml new file mode 100644 index 0000000..25d8ed0 --- /dev/null +++ b/.codeclimate.yml @@ -0,0 +1,29 @@ +version: "2" +checks: + argument-count: + enabled: false + complex-logic: + enabled: false + file-lines: + enabled: false + method-complexity: + enabled: false + method-count: + enabled: false + method-lines: + enabled: false + nested-control-flow: + enabled: true + return-statements: + enabled: false + similar-code: + enabled: false + identical-code: + enabled: false +plugins: + phpmd: + enabled: false + phpcodesniffer: + enabled: false + sonar-php: + enabled: false diff --git a/.editorconfig b/.editorconfig index 960773c..0b8fa87 100644 --- a/.editorconfig +++ b/.editorconfig @@ -1,12 +1,13 @@ +# EditorConfig is awesome: http://EditorConfig.org + +# top-most EditorConfig file root = true +# Unix-style newlines with a newline ending every file [*] -indent_style = tab -end_of_line = lf charset = utf-8 -trim_trailing_whitespace = true -insert_final_newline = true - -[*.yml] -indent_size = 2 indent_style = space +indent_size = 2 +end_of_line = lf +insert_final_newline = true +trim_trailing_whitespace = true diff --git a/.gitattributes b/.gitattributes index 391f0a4..8e2ef52 100644 --- a/.gitattributes +++ b/.gitattributes @@ -1,2 +1,3 @@ -* text=auto -*.js text eol=lf +* text=auto eol=lf + +*.exe -text binary diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 79ae86e..b0a82fc 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,19 +1,26 @@ -# To get started with Dependabot version updates, you'll need to specify which -# package ecosystems to update and where the package manifests are located. -# Please see the documentation for all configuration options: -# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file +# https://docs.github.com/en/github/administering-a-repository/configuration-options-for-dependency-updates + +# file-version: 1.0 version: 2 + updates: - package-ecosystem: "npm" directory: "/" schedule: - interval: "daily" + interval: "weekly" + day: "monday" time: "04:00" timezone: "Europe/Berlin" + groups: + production-dependencies: + dependency-type: "production" + development-dependencies: + dependency-type: "development" + open-pull-requests-limit: 10 assignees: @@ -28,6 +35,41 @@ updates: commit-message: include: "scope" - prefix: "npm" + prefix: "npm (base)" + + rebase-strategy: "auto" + + - package-ecosystem: "github-actions" + + directory: "/" + + schedule: + interval: "weekly" + day: "monday" + time: "04:00" + timezone: "Europe/Berlin" + + groups: + production-dependencies: + dependency-type: "production" + development-dependencies: + dependency-type: "development" + + open-pull-requests-limit: 10 + + assignees: + - "mimmi20" + + labels: + - "dependencies" + + target-branch: "master" + + commit-message: + prefix: "github-actions" + + ignore: + - dependency-name: "mimmi20/ci" + - dependency-name: "release-drafter/release-drafter" rebase-strategy: "auto" diff --git a/.github/labels.yml b/.github/labels.yml new file mode 100644 index 0000000..a79a08e --- /dev/null +++ b/.github/labels.yml @@ -0,0 +1,62 @@ +--- +# file-version: 1.0 + +# Default GitHub labels +- color: "ee0701" + name: "bug" + description: "Something isn't working" +- color: "cccccc" + name: "duplicate" + description: "This issue or pull request already exists" +- color: "a2eeef" + name: "enhancement" + description: "New feature or request" +- color: "7057ff" + name: "good first issue" + description: "Good for newcomers" +- color: "128a0c" + name: "help wanted" + description: "Extra attention is needed" +- color: "e6e6e6" + name: "invalid" + description: "This doesn't seem right" +- color: "cc317c" + name: "question" + description: "Further information is requested" +- color: "ffffff" + name: "wontfix" + description: "This will not be worked on" + +# other Labels to all mimmi20 repos +- color: "0025ff" + name: "dependencies" + description: "Pull requests that update a dependency file" +- color: "f9d0c4" + name: "stale" + description: "no activity" +- color: "b60205" + name: "bc break" + description: "BC Break" +- color: "f4e99c" + name: "maintenance" + description: "Maintenance" +- color: "fbca04" + name: "wishlist" + description: "" +- color: "d1260f" + name: "security" + description: "" +- color: "e6e6e6" + name: "removed" + description: "" +- color: "b60205" + name: "deprecated" + description: "" +- color: "0075ca" + name: "documentation" + description: "Improvements or additions to documentation" + +# other Labels +#- color: 5319e7 +# name: "new useragents" +# description: "" diff --git a/.github/release-drafter.yml b/.github/release-drafter.yml new file mode 100644 index 0000000..44c3487 --- /dev/null +++ b/.github/release-drafter.yml @@ -0,0 +1,85 @@ +--- +# file-version: 1.0 + +template: | + ## What’s Changed + + $CHANGES + + ## πŸ‘¨πŸΌβ€πŸ’» Contributors + + $CONTRIBUTORS + +change-template: "- $TITLE by @$AUTHOR (#$NUMBER)" +change-title-escapes: '\<*_&#@`' # You can add # and @ to disable mentions, and add ` to disable code blocks. +no-changes-template: "- No changes" +name-template: "$RESOLVED_VERSION" +tag-template: "$RESOLVED_VERSION" +version-template: "$MAJOR.$MINOR.$PATCH" + +exclude-labels: + - "duplicate" + - "question" + - "invalid" + - "wontfix" + +version-resolver: + major: + labels: + - "bc break" + - "removed" + minor: + labels: + - "deprecated" + - "security" + patch: + labels: + - "bug" + - "dependencies" + - "enhancement" + - "maintenance" + - "documentation" + default: patch + +autolabeler: + - label: "documentation" + files: + - "*.md" + +categories: + - title: "**πŸ’₯ Breaking:**" + labels: + - "bc break" + - title: "**🍰 Enhancements:**" + labels: + - "enhancement" + - title: "**🐞 Bugs:**" + labels: + - "bug" + - title: "**πŸ’€ Deprecated:**" + labels: + - "deprecated" + - title: "**πŸ—‘ Removed:**" + labels: + - "removed" + - title: "**πŸ›‘ Security:**" + labels: + - "security" + - title: "**πŸ•Έ Dependencies:**" + labels: + - "dependencies" + - title: "**🧹 Maintenance:**" + labels: + - "maintenance" + - title: "**πŸ“¦ Documentation:**" + labels: + - "documentation" + # other Labels + #- title: "**πŸ“¦ new Useragents:**" + # labels: + # - "new useragents" + +commitish: master +target_commitish: master +filter-by-commitish: true +include-pre-releases: true diff --git a/.github/release.yml b/.github/release.yml new file mode 100644 index 0000000..790e802 --- /dev/null +++ b/.github/release.yml @@ -0,0 +1,38 @@ +changelog: + exclude: + labels: + - "duplicate" + - "question" + - "invalid" + - "wontfix" + categories: + - title: "**πŸ’₯ Breaking:**" + labels: + - "bc break" + - title: "**🍰 Enhancements:**" + labels: + - "enhancement" + - title: "**🐞 Bugs:**" + labels: + - "bug" + - title: "**πŸ’€ Deprecated:**" + labels: + - "deprecated" + - title: "**πŸ—‘ Removed:**" + labels: + - "removed" + - title: "**πŸ›‘ Security:**" + labels: + - "security" + - title: "**πŸ•Έ Dependencies:**" + labels: + - "dependencies" + - title: "**🧹 Maintenance:**" + labels: + - "maintenance" + - title: "**πŸ“¦ Documentation:**" + labels: + - "documentation" + - title: "** Other Changes **" + labels: + - "*" diff --git a/.github/workflows/auto-approve.yml b/.github/workflows/auto-approve.yml new file mode 100644 index 0000000..a08b4a7 --- /dev/null +++ b/.github/workflows/auto-approve.yml @@ -0,0 +1,19 @@ +name: "Auto approve" + +on: + - pull_request_target + +jobs: + auto-approve: + runs-on: "ubuntu-24.04" + + if: ${{ github.actor == 'dependabot[bot]' }} + + permissions: + pull-requests: write + + steps: + - uses: "fastify/github-action-merge-dependabot@v3" + with: + approve-only: true + github-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/auto-merge.yml b/.github/workflows/auto-merge.yml new file mode 100644 index 0000000..5c3c100 --- /dev/null +++ b/.github/workflows/auto-merge.yml @@ -0,0 +1,21 @@ +name: "Auto merge" + +on: + - pull_request_target + +jobs: + automerge: + runs-on: "ubuntu-24.04" + + if: ${{ github.actor == 'dependabot[bot]' }} + + permissions: + pull-requests: write + contents: write + + steps: + - uses: "fastify/github-action-merge-dependabot@v3" + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + use-github-auto-merge: true + merge-method: "merge" diff --git a/.github/workflows/cleanup-caches.yml b/.github/workflows/cleanup-caches.yml new file mode 100644 index 0000000..123fbc8 --- /dev/null +++ b/.github/workflows/cleanup-caches.yml @@ -0,0 +1,44 @@ +# https://help.github.com/en/categories/automating-your-workflow-with-github-actions + +# file-version: 1.0 + +name: "Cleanup caches by a branch" + +on: + pull_request: + types: + - "closed" + workflow_dispatch: + +jobs: + cleanup: + runs-on: "ubuntu-24.04" + steps: + - name: "Checkout" + uses: "actions/checkout@v4" + with: + # Disabling shallow clone is recommended for improving relevancy of reporting + fetch-depth: 0 + lfs: false + persist-credentials: false + + - name: "Cleanup" + run: | + gh extension install actions/gh-actions-cache + + REPO=${{ github.repository }} + BRANCH=${{ github.ref }} + + echo "Fetching list of cache key" + cacheKeysForPR=$(gh actions-cache list -R $REPO -B $BRANCH | cut -f 1 ) + + ## Setting this to not fail the workflow while deleting cache keys. + set +e + echo "Deleting caches..." + for cacheKey in $cacheKeysForPR + do + gh actions-cache delete $cacheKey -R $REPO -B $BRANCH --confirm + done + echo "Done" + env: + GH_TOKEN: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 0000000..9145f86 --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,88 @@ +# For most projects, this workflow file will not need changing; you simply need +# to commit it to your repository. +# +# You may wish to alter this file to override the set of languages analyzed, +# or to provide custom queries or build logic. +# +# ******** NOTE ******** +# We have attempted to detect the languages in your repository. Please check +# the `language` matrix defined below to confirm you have the correct set of +# supported CodeQL languages. +# + +# https://help.github.com/en/categories/automating-your-workflow-with-github-actions + +# file-version: 1.0 + +name: "CodeQL" + +on: + push: + branches: + - "master" + pull_request: + # The branches below must be a subset of the branches above + branches: + - "master" + schedule: + - cron: "28 0 * * 0" + +jobs: + analyze: + name: "Analyze" + runs-on: "ubuntu-24.04" + permissions: + actions: read + contents: read + security-events: write + + strategy: + fail-fast: false + matrix: + language: + - "javascript" + # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ] + # Use only 'java' to analyze code written in Java, Kotlin or both + # Use only 'javascript' to analyze code written in JavaScript, TypeScript or both + # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support + + steps: + - name: "Checkout" + uses: "actions/checkout@v4" + with: + # Disabling shallow clone is recommended for improving relevancy of reporting + fetch-depth: 0 + lfs: false + persist-credentials: false + + # Initializes the CodeQL tools for scanning. + - name: "Initialize CodeQL" + uses: "github/codeql-action/init@v3" + with: + languages: "${{ matrix.language }}" + # If you wish to specify custom queries, you can do so here or in a config file. + # By default, queries listed here will override any specified in a config file. + # Prefix the list here with "+" to use these queries and those in the config file. + + # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs + # queries: security-extended,security-and-quality + + # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java). + # If this step fails, then you should remove it and run the build manually (see below) + - name: "Autobuild" + uses: "github/codeql-action/autobuild@v3" + + # ℹ️ Command-line programs to run using the OS shell. + # πŸ“š See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun + + # If the Autobuild fails above, remove it and uncomment the following three lines. + # modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance. + + # - run: | + # echo "Run, Build Application using script" + # ./location_of_script_within_repo/buildscript.sh + + - name: "Perform CodeQL Analysis" + uses: "github/codeql-action/analyze@v3" + with: + category: "/language:${{matrix.language}}" diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml new file mode 100644 index 0000000..4ffd43f --- /dev/null +++ b/.github/workflows/continuous-integration.yml @@ -0,0 +1,124 @@ +# https://help.github.com/en/categories/automating-your-workflow-with-github-actions + +# file-version: 1.0 + +name: "Continuous Integration" + +on: + - pull_request + - push + +permissions: + contents: read + +concurrency: + group: "${{ github.event_name }}-${{ github.workflow }}-${{ github.head_ref || github.run_id }}-${{ github.ref }}" + cancel-in-progress: true + +jobs: + validate: + name: "Validate Project" + + uses: "mimmi20/ci/.github/workflows/validate.yml@master" + with: + extensions: "ctype, curl, dom, iconv, intl, mbstring, simplexml, tokenizer, xml, xmlwriter" + ini-values: "opcache.enable=1, opcache.fast_shutdown=0, zend.assertions=1, assert.exception=On, intl.default_locale=de, intl.use_exceptions=1, zend.exception_ignore_args=0" + composer-options: "--optimize-autoloader --prefer-dist --prefer-stable -v" + skip-validate-composer: true + skip-validate-yaml: false + skip-validate-md: false + skip-phplint: true + skip-check-composer: true + skip-ec-checker: true + dependency-analyser-options: "" + + install: + name: "Install Project" + + needs: "validate" + + uses: "mimmi20/ci/.github/workflows/install.yml@master" + with: + extensions: "ctype, curl, dom, iconv, intl, mbstring, simplexml, tokenizer, xml, xmlwriter" + ini-values: "opcache.enable=1, opcache.fast_shutdown=0, zend.assertions=1, assert.exception=On, intl.default_locale=de, intl.use_exceptions=1, zend.exception_ignore_args=0" + composer-options: "--optimize-autoloader --prefer-dist --prefer-stable -v" + skip-php-install: true + skip-npm-install: false + +# analytics: +# name: "Project Analysis" +# +# needs: "install" +# +# uses: "mimmi20/ci/.github/workflows/analytics.yml@master" +# with: +# extensions: "ctype, curl, dom, fileinfo, iconv, intl, mbstring, simplexml, tokenizer, xml, xmlwriter" +# ini-values: "opcache.enable=1, opcache.fast_shutdown=0, zend.assertions=1, assert.exception=On, intl.default_locale=de, intl.use_exceptions=1, zend.exception_ignore_args=0" +# composer-options: "--optimize-autoloader --prefer-dist --prefer-stable -v" +# skip-php-cs-fixer: true +# skip-phpcs: true +# skip-phpstan: true +# skip-rector: true +# skip-eslint: true +# skip-stylelint: true +# skip-prettier: true +# phpcs-options: "" +# +# test: +# name: "Test" +# +# needs: "analytics" +# +# runs-on: "${{ matrix.operating-system }}" +# timeout-minutes: 10 +# continue-on-error: false +# +# strategy: +# fail-fast: false +# +# matrix: +# operating-system: +# - "ubuntu-latest" +# +# node-version: +# - "22" +# - "23" +# - "24" +# +# steps: +# - name: "Checkout" +# uses: "actions/checkout@v4" +# with: +# # Disabling shallow clone is recommended for improving relevancy of reporting +# fetch-depth: 0 +# lfs: false +# persist-credentials: false +# +# - name: "Use Node.js ${{ matrix.node-version }}" +# uses: "actions/setup-node@v4" +# with: +# node-version: "${{ matrix.node-version }}" +# +# - run: npm ci +# - run: npm test + + # This is a meta job to avoid to have to constantly change the protection rules + # whenever we touch the matrix. + tests-status: + name: "Unit & Integration Tests Status" + + runs-on: "ubuntu-24.04" + + if: always() + + needs: + - "install" + + steps: + - name: Successful run + if: ${{ !(contains(needs.*.result, 'failure')) }} + run: exit 0 + + - name: Failing run + if: ${{ contains(needs.*.result, 'failure') }} + run: exit 1 diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml new file mode 100644 index 0000000..ca3feca --- /dev/null +++ b/.github/workflows/dependency-review.yml @@ -0,0 +1,38 @@ +# Dependency Review Action +# +# This Action will scan dependency manifest files that change as part of a Pull Request, surfacing known-vulnerable versions of the packages declared or updated in the PR. Once installed, if the workflow run is marked as required, PRs introducing known-vulnerable packages will be blocked from merging. +# +# Source repository: https://github.com/actions/dependency-review-action +# Public documentation: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement + +# https://help.github.com/en/categories/automating-your-workflow-with-github-actions + +# file-version: 1.0 + +name: "Dependency Review" + +on: + - pull_request + +permissions: + contents: read + pull-requests: write + +jobs: + dependency-review: + runs-on: "ubuntu-24.04" + steps: + - name: "Checkout" + uses: "actions/checkout@v4" + with: + # Disabling shallow clone is recommended for improving relevancy of reporting + fetch-depth: 0 + lfs: false + persist-credentials: false + + - name: "Dependency Review" + uses: "actions/dependency-review-action@v4" + with: + "license-check": true + "vulnerability-check": true + "comment-summary-in-pr": true diff --git a/.github/workflows/labels.yml b/.github/workflows/labels.yml new file mode 100644 index 0000000..b01b350 --- /dev/null +++ b/.github/workflows/labels.yml @@ -0,0 +1,41 @@ +# https://help.github.com/en/categories/automating-your-workflow-with-github-actions + +# file-version: 1.0 + +name: "Sync labels in the declarative way" + +on: + push: + branches: + - "master" + paths: + - ".github/labels.yml" + - ".github/workflows/labels.yml" + +permissions: + contents: read + +jobs: + build: + name: "Sync labels" + + permissions: + issues: write + + runs-on: "ubuntu-24.04" + + steps: + - name: "Checkout" + uses: "actions/checkout@v4" + with: + # Disabling shallow clone is recommended for improving relevancy of reporting + fetch-depth: 0 + lfs: false + persist-credentials: false + + - uses: "micnncim/action-label-syncer@v1.3.0" + env: + GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" + GITHUB_REPOSITORY: "${{ github.repository }}" + with: + manifest: ".github/labels.yml" diff --git a/.github/workflows/lint-workflow-files.yml b/.github/workflows/lint-workflow-files.yml new file mode 100644 index 0000000..b6e2bc7 --- /dev/null +++ b/.github/workflows/lint-workflow-files.yml @@ -0,0 +1,35 @@ +name: "Lint GitHub Actions workflows" + +on: + pull_request: + paths: + - ".github/**" + +jobs: + actionlint: + runs-on: "ubuntu-24.04" + + steps: + - name: "Checkout" + uses: "actions/checkout@v4" + with: + # Disabling shallow clone is recommended for improving relevancy of reporting + fetch-depth: 0 + lfs: false + persist-credentials: false + + - name: "install libimagequant-dev" + run: "sudo apt-get install libimagequant-dev -y" + + - name: "Use Node.js 22" + uses: "actions/setup-node@v4" + with: + node-version: "22" + + - name: "Check workflow files" + uses: "raven-actions/actionlint@v2" + with: + matcher: true + cache: true + fail-on-error: false + flags: "-ignore SC2086" diff --git a/.github/workflows/lock-closed-issues.yml b/.github/workflows/lock-closed-issues.yml new file mode 100644 index 0000000..9782f6e --- /dev/null +++ b/.github/workflows/lock-closed-issues.yml @@ -0,0 +1,18 @@ +# https://help.github.com/en/categories/automating-your-workflow-with-github-actions + +# file-version: 1.0 + +name: "Lock closed issue" + +on: + issues: + types: + - "closed" + +jobs: + lock: + runs-on: "ubuntu-24.04" + steps: + - uses: "Dunning-Kruger/lock-issues@v1.1" + with: + repo-token: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/manual_build.yml b/.github/workflows/manual_build.yml new file mode 100644 index 0000000..e1b2c05 --- /dev/null +++ b/.github/workflows/manual_build.yml @@ -0,0 +1,245 @@ +name: Run build + +on: + workflow_dispatch: + inputs: + os_version: + description: 'Select OS' + required: true + default: '["ubuntu-latest"]' + type: choice + options: + - '["ubuntu-latest"]' + - '["macos-latest"]' + - '["ubuntu-latest","macos-latest"]' + # - '["windows-latest"]' + +jobs: + test: + name: Build on ${{ matrix.os }} + strategy: + fail-fast: false + matrix: + os: ${{ fromJSON(inputs.os_version) }} + runs-on: ${{ matrix.os }} + defaults: + run: + shell: bash + steps: + - name: Linux - Install dependencies + if: ${{ matrix.os == 'ubuntu-latest' }} + run: | + sudo apt update -y + sudo apt install -y build-essential cmake make ninja-build nasm meson libz-dev libyuv-dev libpng-dev libjpeg-dev + + - name: macOS - Set up Homebrew + if: ${{ matrix.os == 'macos-latest' }} + id: set-up-homebrew + uses: Homebrew/actions/setup-homebrew@master + # run: /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" + + - name: macOS - Install dependencies + if: ${{ matrix.os == 'macos-latest' }} + run: | + # sudo apt update -y + # sudo apt install -y build-essential gcc + brew update + brew unlink python@3.11 + env: + HOMEBREW_NO_INSTALLED_DEPENDENTS_CHECK: 1 + HOMEBREW_NO_AUTO_UPDATE: 1 + HOMEBREW_NO_ENV_HINTS: 1 + + - name: macOS - List Homebrew deps + if: ${{ matrix.os == 'macos-latest' }} + run: | + deps="homebrewdeps=cmake,ninja,meson,nasm,libpng,jpeg" + echo $deps > homebrew-deps.txt + echo $deps >> $GITHUB_ENV + + # - name: macOS - Restore Homebrew deps from cache + # if: ${{ matrix.os == 'macos-latest' }} + # id: cache-homebrew-deps-restore + # uses: actions/cache/restore@v4 + # with: + # path: brew-cache + # key: ${{ runner.os }}-homebrew-deps-${{ hashFiles('homebrew-deps.txt') }} + + # - name: macOS - Install Homebrew deps from cache + # if: ${{ matrix.os == 'macos-latest' && steps.cache-homebrew-deps-restore.outputs.cache-hit == 'true' }} + # id: try-homebrew-cache + # working-directory: ./brew-cache/ + # continue-on-error: true + # env: + # HOMEBREW_NO_INSTALLED_DEPENDENTS_CHECK: 1 + # HOMEBREW_NO_AUTO_UPDATE: 1 + # HOMEBREW_NO_ENV_HINTS: 1 + # run: | + # deps="${{ env.homebrewdeps }}" + # for i in ${deps//,/ } + # do + # if ls *--${i}--*.tar.gz 1> /dev/null 2>&1; then + # brew list $i || brew install $(ls *--${i}--*.tar.gz) + # else + # echo "No archive in cache for ${i}" + # rm -rf ./brew-cache/ + # exit 1 + # fi + # done + + - name: macOS - Install Homebrew deps + if: ${{ matrix.os == 'macos-latest' && (steps.cache-homebrew-deps-restore.outputs.cache-hit != 'true' || steps.try-homebrew-cache.outcome == 'failure') }} + env: + HOMEBREW_NO_INSTALLED_DEPENDENTS_CHECK: 1 + HOMEBREW_NO_AUTO_UPDATE: 1 + HOMEBREW_NO_ENV_HINTS: 1 + run: | + mkdir brew-cache + deps="${{ env.homebrewdeps }}" + for i in ${deps//,/ } + do + brew list $i &>/dev/null || brew install $i + # cp $(brew --cache $i) ./brew-cache/ + done + + # - name: macOS - Save Homebrew deps to cache + # if: ${{ matrix.os == 'macos-latest' && steps.cache-homebrew-deps-restore.outputs.cache-hit != 'true' }} + # id: cache-homebrew-deps-save + # uses: actions/cache/save@v4 + # with: + # path: brew-cache + # key: ${{ steps.cache-homebrew-deps-restore.outputs.cache-primary-key }} + + - name: Clone libavif repo + run: | + git clone --depth 1 https://github.com/AOMediaCodec/libavif.git + ls -la + + - name: Restore cached libyuv + id: cache-libyuv-restore + uses: actions/cache/restore@v4 + with: + path: | + libavif/ext/libyuv + key: ${{ runner.os }}-libs-libyuv + + - name: Build libyuv + if: steps.cache-libyuv-restore.outputs.cache-hit != 'true' + working-directory: ./libavif/ext/ + run: | + ./libyuv.cmd + + - name: Save libyuv to cache + if: steps.cache-libyuv-restore.outputs.cache-hit != 'true' + id: cache-libyuv-save + uses: actions/cache/save@v4 + with: + path: | + libavif/ext/libyuv + key: ${{ steps.cache-libyuv-restore.outputs.cache-primary-key }} + + - name: Restore cached libsharpyuv + id: cache-libsharpyuv-restore + uses: actions/cache/restore@v4 + with: + path: | + libavif/ext/libwebp + key: ${{ runner.os }}-libs-libsharpyuv + + - name: Build libsharpyuv + if: steps.cache-libsharpyuv-restore.outputs.cache-hit != 'true' + working-directory: ./libavif/ext/ + run: | + ./libsharpyuv.cmd + + - name: Save libsharpyuv to cache + if: steps.cache-libsharpyuv-restore.outputs.cache-hit != 'true' + id: cache-libsharpyuv-save + uses: actions/cache/save@v4 + with: + path: | + libavif/ext/libwebp + key: ${{ steps.cache-libsharpyuv-restore.outputs.cache-primary-key }} + + - name: Restore cached aom + id: cache-aom-restore + uses: actions/cache/restore@v4 + with: + path: | + libavif/ext/aom + key: ${{ runner.os }}-libs-aom + + - name: Build aom + if: steps.cache-aom-restore.outputs.cache-hit != 'true' + working-directory: ./libavif/ext/ + run: | + ./aom.cmd + + - name: Save aom to cache + if: steps.cache-aom-restore.outputs.cache-hit != 'true' + id: cache-aom-save + uses: actions/cache/save@v4 + with: + path: | + libavif/ext/aom + key: ${{ steps.cache-aom-restore.outputs.cache-primary-key }} + + - name: Restore cached dav1d + id: cache-dav1d-restore + uses: actions/cache/restore@v4 + with: + path: | + libavif/ext/dav1d + key: ${{ runner.os }}-libs-dav1d + + - name: Build dav1d + if: steps.cache-dav1d-restore.outputs.cache-hit != 'true' + working-directory: ./libavif/ext/ + run: | + ./dav1d.cmd + + - name: Save dav1d to cache + if: steps.cache-dav1d-restore.outputs.cache-hit != 'true' + id: cache-dav1d-save + uses: actions/cache/save@v4 + with: + path: | + libavif/ext/dav1d + key: ${{ steps.cache-dav1d-restore.outputs.cache-primary-key }} + + - name: Build libavif binaries + run: | + cd ./libavif/ + mkdir build + cd build + cmake -G Ninja -DCMAKE_BUILD_TYPE=Release -DBUILD_SHARED_LIBS=OFF -DAVIF_CODEC_AOM=ON -DAVIF_LOCAL_AOM=ON -DAVIF_CODEC_AOM_DECODE=ON -DAVIF_CODEC_AOM_ENCODE=ON -DAVIF_CODEC_DAV1D=ON -DAVIF_LOCAL_DAV1D=ON -DAVIF_LOCAL_LIBYUV=ON -DAVIF_BUILD_APPS=ON .. + ninja + ls -la + + - name: Test avifenc + run: | + ./libavif/build/avifenc --version + + - name: Test avifdec + run: | + ./libavif/build/avifdec --version + + - name: Upload artifact + uses: actions/upload-artifact@v4 + with: + name: ${{ matrix.os }}-avif-binaries + path: | + ./libavif/build/avifenc + ./libavif/build/avifdec + + # - if: ${{ matrix.os == 'ubuntu-latest' }} + # run: | + # echo "" + + # - if: ${{ matrix.os == 'macos-latest' }} + # run: | + # echo "" + + # - if: ${{ matrix.os == 'windows-latest' }} + # run: | + # echo "" diff --git a/.github/workflows/publish_on_release.yml b/.github/workflows/publish_on_release.yml new file mode 100644 index 0000000..3730e31 --- /dev/null +++ b/.github/workflows/publish_on_release.yml @@ -0,0 +1,18 @@ +name: Publish Package to npmjs +on: + release: + types: [created] +jobs: + build: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + # Setup .npmrc file to publish to npm + - uses: actions/setup-node@v4 + with: + node-version: '22.x' + registry-url: 'https://registry.npmjs.org' + - run: npm ci + - run: npm publish + env: + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} diff --git a/.github/workflows/reactions.yml b/.github/workflows/reactions.yml new file mode 100644 index 0000000..a5f2a0e --- /dev/null +++ b/.github/workflows/reactions.yml @@ -0,0 +1,36 @@ +# https://help.github.com/en/categories/automating-your-workflow-with-github-actions + +# file-version: 1.0 + +name: "Reaction Comments" + +on: + issue_comment: + types: + - "created" + - "edited" + pull_request_review_comment: + types: + - "created" + - "edited" + +permissions: + actions: write + issues: write + pull-requests: write + +jobs: + action: + runs-on: "ubuntu-24.04" + steps: + - uses: "dessant/reaction-comments@v4" + with: + github-token: "${{ secrets.GITHUB_TOKEN }}" + issue-comment: > + :wave: @{comment-author}, would you like to leave + a reaction instead? + pr-comment: > + :wave: @{comment-author}, would you like to leave + a reaction instead? + process-only: '' + log-output: false diff --git a/.github/workflows/release-drafter.yml b/.github/workflows/release-drafter.yml new file mode 100644 index 0000000..12ecd42 --- /dev/null +++ b/.github/workflows/release-drafter.yml @@ -0,0 +1,41 @@ +# https://help.github.com/en/categories/automating-your-workflow-with-github-actions + +# file-version: 1.0 + +name: "Release Drafter" + +on: + push: + # branches to consider in the event; optional, defaults to all + branches: + - "master" + # pull_request event is required only for autolabeler + pull_request: + # Only following types are handled by the action, but one can default to all as well + types: + - "opened" + - "reopened" + - "synchronize" + # pull_request_target event is required for autolabeler to support PRs from forks + # pull_request_target: + +permissions: + contents: read + +jobs: + update-release-draft: + permissions: + # write permission is required to create a GitHub release + contents: write + # write permission is required for autolabeler + # otherwise, read permission is required at least + pull-requests: write + + runs-on: "ubuntu-24.04" + + steps: + # Drafts your next Release notes as Pull Requests are merged into "master" + - name: "Release Drafter" + uses: "release-drafter/release-drafter@v6.0.0" + env: + GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/renovate-config-validator.yml b/.github/workflows/renovate-config-validator.yml new file mode 100644 index 0000000..cdb6736 --- /dev/null +++ b/.github/workflows/renovate-config-validator.yml @@ -0,0 +1,20 @@ +name: "Validate Config for Renovate" + +on: + - pull_request + - push + +jobs: + validate: + runs-on: "ubuntu-24.04" + + steps: + - name: "Checkout" + uses: "actions/checkout@v4" + with: + # Disabling shallow clone is recommended for improving relevancy of reporting + fetch-depth: 0 + lfs: false + persist-credentials: false + + - uses: "suzuki-shunsuke/github-action-renovate-config-validator@v1.1.1" diff --git a/.gitignore b/.gitignore index 239ecff..e8726e1 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,36 @@ +# Logs +logs +*.log +npm-debug.log* +yarn-debug.log* +yarn-error.log* +pnpm-debug.log* +lerna-debug.log* + +# Editor directories and files +.vscode/* +!.vscode/extensions.json +.idea +.DS_Store +*.suo +*.ntvs* +*.njsproj +*.sln +*.sw? + +# Directories node_modules -yarn.lock +dist +dist-ssr +test +temp +coverage +.vite-inspect +other +package-lock.json + +# Files +todo +*.local +*.bak +*.tgz diff --git a/.markdown-link-check.json b/.markdown-link-check.json new file mode 100644 index 0000000..084971c --- /dev/null +++ b/.markdown-link-check.json @@ -0,0 +1,7 @@ +{ + "timeout": "30s", + "retryOn429": true, + "retryCount": 5, + "fallbackRetryDelay": "30s", + "aliveStatusCodes": [200, 206] +} diff --git a/.markdownlint.yaml b/.markdownlint.yaml new file mode 100644 index 0000000..629c1b8 --- /dev/null +++ b/.markdownlint.yaml @@ -0,0 +1,236 @@ +# Example markdownlint configuration with all properties set to their default value + +# Default state for all rules +default: true + +# Path to configuration file to extend +extends: null + +# MD001/heading-increment : Heading levels should only increment by one level at a time : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md001.md +MD001: true + +# MD003/heading-style : Heading style : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md003.md +MD003: + # Heading style + style: "consistent" + +# MD004/ul-style : Unordered list style : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md004.md +MD004: + # List style + style: "consistent" + +# MD005/list-indent : Inconsistent indentation for list items at the same level : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md005.md +MD005: true + +# MD007/ul-indent : Unordered list indentation : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md007.md +MD007: + # Spaces for indent + indent: 2 + # Whether to indent the first level of the list + start_indented: false + # Spaces for first level indent (when start_indented is set) + start_indent: 2 + +# MD009/no-trailing-spaces : Trailing spaces : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md009.md +MD009: false + +# MD010/no-hard-tabs : Hard tabs : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md010.md +MD010: + # Include code blocks + code_blocks: true + # Fenced code languages to ignore + ignore_code_languages: [] + # Number of spaces for each hard tab + spaces_per_tab: 4 + +# MD011/no-reversed-links : Reversed link syntax : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md011.md +MD011: true + +# MD012/no-multiple-blanks : Multiple consecutive blank lines : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md012.md +MD012: + # Consecutive blank lines + maximum: 1 + +# MD013/line-length : Line length : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md013.md +MD013: false + +# MD014/commands-show-output : Dollar signs used before commands without showing output : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md014.md +MD014: true + +# MD018/no-missing-space-atx : No space after hash on atx style heading : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md018.md +MD018: true + +# MD019/no-multiple-space-atx : Multiple spaces after hash on atx style heading : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md019.md +MD019: true + +# MD020/no-missing-space-closed-atx : No space inside hashes on closed atx style heading : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md020.md +MD020: true + +# MD021/no-multiple-space-closed-atx : Multiple spaces inside hashes on closed atx style heading : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md021.md +MD021: true + +# MD022/blanks-around-headings : Headings should be surrounded by blank lines : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md022.md +MD022: + # Blank lines above heading + lines_above: 1 + # Blank lines below heading + lines_below: 1 + +# MD023/heading-start-left : Headings must start at the beginning of the line : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md023.md +MD023: true + +# MD024/no-duplicate-heading : Multiple headings with the same content : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md024.md +MD024: false + +# MD025/single-title/single-h1 : Multiple top-level headings in the same document : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md025.md +MD025: + # Heading level + level: 1 + # RegExp for matching title in front matter + front_matter_title: "^\\s*title\\s*[:=]" + +# MD026/no-trailing-punctuation : Trailing punctuation in heading : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md026.md +MD026: + # Punctuation characters + punctuation: ".,;:!γ€‚οΌŒοΌ›οΌšοΌ" + +# MD027/no-multiple-space-blockquote : Multiple spaces after blockquote symbol : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md027.md +MD027: true + +# MD028/no-blanks-blockquote : Blank line inside blockquote : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md028.md +MD028: true + +# MD029/ol-prefix : Ordered list item prefix : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md029.md +MD029: + # List style + style: "one_or_ordered" + +# MD030/list-marker-space : Spaces after list markers : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md030.md +MD030: + # Spaces for single-line unordered list items + ul_single: 1 + # Spaces for single-line ordered list items + ol_single: 1 + # Spaces for multi-line unordered list items + ul_multi: 1 + # Spaces for multi-line ordered list items + ol_multi: 1 + +# MD031/blanks-around-fences : Fenced code blocks should be surrounded by blank lines : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md031.md +MD031: + # Include list items + list_items: true + +# MD032/blanks-around-lists : Lists should be surrounded by blank lines : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md032.md +MD032: true + +# MD033/no-inline-html : Inline HTML : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md033.md +MD033: + # Allowed elements + allowed_elements: ['br'] + +# MD034/no-bare-urls : Bare URL used : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md034.md +MD034: true + +# MD035/hr-style : Horizontal rule style : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md035.md +MD035: + # Horizontal rule style + style: "consistent" + +# MD036/no-emphasis-as-heading : Emphasis used instead of a heading : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md036.md +MD036: + # Punctuation characters + punctuation: ".,;:!?γ€‚οΌŒοΌ›οΌšοΌοΌŸ" + +# MD037/no-space-in-emphasis : Spaces inside emphasis markers : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md037.md +MD037: true + +# MD038/no-space-in-code : Spaces inside code span elements : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md038.md +MD038: true + +# MD039/no-space-in-links : Spaces inside link text : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md039.md +MD039: true + +# MD040/fenced-code-language : Fenced code blocks should have a language specified : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md040.md +MD040: + # List of languages + allowed_languages: [] + # Require language only + language_only: false + +# MD041/first-line-heading/first-line-h1 : First line in a file should be a top-level heading : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md041.md +MD041: + # Heading level + level: 1 + # RegExp for matching title in front matter + front_matter_title: "^\\s*title\\s*[:=]" + +# MD042/no-empty-links : No empty links : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md042.md +MD042: true + +# MD043/required-headings : Required heading structure : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md043.md +MD043: false + +# MD044/proper-names : Proper names should have the correct capitalization : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md044.md +MD044: + # List of proper names + names: [] + # Include code blocks + code_blocks: true + # Include HTML elements + html_elements: true + +# MD045/no-alt-text : Images should have alternate text (alt text) : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md045.md +MD045: true + +# MD046/code-block-style : Code block style : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md046.md +MD046: + # Block style + style: "consistent" + +# MD047/single-trailing-newline : Files should end with a single newline character : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md047.md +MD047: true + +# MD048/code-fence-style : Code fence style : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md048.md +MD048: + # Code fence style + style: "consistent" + +# MD049/emphasis-style : Emphasis style : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md049.md +MD049: + # Emphasis style + style: "consistent" + +# MD050/strong-style : Strong style : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md050.md +MD050: + # Strong style + style: "consistent" + +# MD051/link-fragments : Link fragments should be valid : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md051.md +MD051: true + +# MD052/reference-links-images : Reference links and images should use a label that is defined : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md052.md +MD052: + # Include shortcut syntax + shortcut_syntax: false + +# MD053/link-image-reference-definitions : Link and image reference definitions should be needed : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md053.md +MD053: + # Ignored definitions + ignored_definitions: + - "//" + +# MD054/link-image-style : Link and image style : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md054.md +MD054: + # Allow autolinks + autolink: true + # Allow inline links and images + inline: true + # Allow full reference links and images + full: true + # Allow collapsed reference links and images + collapsed: true + # Allow shortcut reference links and images + shortcut: true + # Allow URLs as inline links + url_inline: true diff --git a/.mega-linter.yml b/.mega-linter.yml new file mode 100644 index 0000000..38de616 --- /dev/null +++ b/.mega-linter.yml @@ -0,0 +1,27 @@ +VALIDATE_ALL_CODEBASE: true +LOG_LEVEL: INFO +PRINT_ALPACA: false +SHOW_ELAPSED_TIME: true +FILTER_REGEX_EXCLUDE: (vendor/) +ENABLE: + - EDITORCONFIG + - MARKDOWN + - YAML +DISABLE: + - SPELL + #- COPYPASTE +DISABLE_LINTERS: + - MARKDOWN_MARKDOWN_TABLE_FORMATTER + - MARKDOWN_MARKDOWN_LINK_CHECK + - EDITORCONFIG_EDITORCONFIG_CHECKER + - YAML_V8R +EDITORCONFIG_EDITORCONFIG_CHECKER_FILTER_REGEX_EXCLUDE: "(\\.idea|\\.editorconfig|\\.github|\\.phpunit\\.result\\.cache|LICENSE)" +JSON_PRETTIER_FILTER_REGEX_EXCLUDE: "(composer\\.json)" +MARKDOWN_MARKDOWNLINT_FILTER_REGEX_EXCLUDE: "(\\.github)" +MARKDOWN_MARKDOWN_LINK_CHECK_FILTER_REGEX_EXCLUDE: "(\\.github)" +PHP_PHPCS_CONFIG_FILE: "phpcs.xml" +PHP_PHPCS_ARGUMENTS: "-n" +PHP_PHPSTAN_CONFIG_FILE: "phpstan.neon" +PHP_PHPSTAN_FILTER_REGEX_INCLUDE: "(src)" +YAML_YAMLLINT_FILTER_REGEX_EXCLUDE: "(\\.github)" +YAML_PRETTIER_FILTER_REGEX_EXCLUDE: "(\\.github)" diff --git a/.npmrc b/.npmrc index 43c97e7..a1ad008 100644 --- a/.npmrc +++ b/.npmrc @@ -1 +1,12 @@ -package-lock=false +color=true +engine-strict=true +format-package-lock=true +fund=false +lockfile-version=3 +package-lock=true +strict-peer-deps=false +legacy-peer-deps=true +save-exact=false + +# Sets the flags in NODE_OPTIONS when running `npm run myScript` +node-options='--unhandled-rejections=strict --trace-warnings --trace-uncaught' diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index 57505cf..0000000 --- a/.travis.yml +++ /dev/null @@ -1,6 +0,0 @@ -sudo: false -language: node_js -node_js: - - '8' - - '6' - - '4' diff --git a/.yamllint.yml b/.yamllint.yml new file mode 100644 index 0000000..c167ccd --- /dev/null +++ b/.yamllint.yml @@ -0,0 +1,23 @@ +--- + +yaml-files: + - '*.yaml' + - '*.yml' + - '.yamllint' + +rules: + brackets: + forbid: false + min-spaces-inside: 0 + max-spaces-inside: 1 + min-spaces-inside-empty: 0 + max-spaces-inside-empty: 1 + + document-start: disable + + empty-lines: + max: 1 + + line-length: disable + + new-line-at-end-of-file: enable From 93e9c23a5807ea772ed054236ffe62f219dae46e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 18 Jun 2025 18:02:38 +0000 Subject: [PATCH 19/39] github-actions: bump the production-dependencies group with 2 updates Bumps the production-dependencies group with 2 updates: [actions/checkout](https://github.com/actions/checkout) and [actions/setup-node](https://github.com/actions/setup-node). Updates `actions/checkout` from 2 to 4 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v2...v4) Updates `actions/setup-node` from 2 to 4 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/v2...v4) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major dependency-group: production-dependencies - dependency-name: actions/setup-node dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major dependency-group: production-dependencies ... Signed-off-by: dependabot[bot] --- .github/workflows/test.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 3edf199..f83480f 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -16,8 +16,8 @@ jobs: os: - ubuntu-latest steps: - - uses: actions/checkout@v2 - - uses: actions/setup-node@v2 + - uses: actions/checkout@v4 + - uses: actions/setup-node@v4 with: node-version: ${{ matrix.node-version }} - run: npm install From eeeb21c10e33eea8e7eeabe916561b4abb4ee8a6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Thu, 19 Jun 2025 16:31:43 +0200 Subject: [PATCH 20/39] fix issue --- readme.md | 18 +++++++----------- 1 file changed, 7 insertions(+), 11 deletions(-) diff --git a/readme.md b/readme.md index da36e72..b57e7ee 100644 --- a/readme.md +++ b/readme.md @@ -2,13 +2,11 @@ > Run a Buffer through a child process - ## Install +```shell +npm install exec-buffer ``` -$ npm install exec-buffer -``` - ## Usage @@ -18,16 +16,15 @@ const execBuffer = require('exec-buffer'); const gifsicle = require('gifsicle').path; execBuffer({ - input: fs.readFileSync('test.gif'), - bin: gifsicle, - args: ['-o', execBuffer.output, execBuffer.input] + input: fs.readFileSync('test.gif'), + bin: gifsicle, + args: ['-o', execBuffer.output, execBuffer.input] }).then(data => { - console.log(data); - //=> + console.log(data); + //=> }); ``` - ## API ### execBuffer(options) @@ -76,7 +73,6 @@ Returns a temporary path to where the input file will be written. Returns a temporary path to where the output file will be written. - ## License MIT Β© [Kevin MΓ₯rtensson](https://github.com/kevva) From b19c56f5c5f0a17dee11b76224145fda574e23ec Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Thu, 19 Jun 2025 16:37:05 +0200 Subject: [PATCH 21/39] fix issue --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 1bf94d5..7d6587f 100644 --- a/package.json +++ b/package.json @@ -30,7 +30,7 @@ }, "devDependencies": { "ava": "^6.4.0", - "gifsicle": "github:mimmi20/gifsicle-bin#main", + "gifsicle": "github:mimmi20/gifsicle-bin#master", "is-gif": "^4.0.1", "path-exists": "^5.0.0", "xo": "^1.1.0" From 7db7c7432bfba808333bdf5bc09da52873d4abdf Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 23 Jun 2025 02:44:44 +0000 Subject: [PATCH 22/39] github-actions: bump Dunning-Kruger/lock-issues Bumps the production-dependencies group with 1 update: [Dunning-Kruger/lock-issues](https://github.com/dunning-kruger/lock-issues). Updates `Dunning-Kruger/lock-issues` from 1.1 to 1.2 - [Release notes](https://github.com/dunning-kruger/lock-issues/releases) - [Commits](https://github.com/dunning-kruger/lock-issues/compare/v1.1...v1.2) --- updated-dependencies: - dependency-name: Dunning-Kruger/lock-issues dependency-version: '1.2' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies ... Signed-off-by: dependabot[bot] --- .github/workflows/lock-closed-issues.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lock-closed-issues.yml b/.github/workflows/lock-closed-issues.yml index 9782f6e..e605e34 100644 --- a/.github/workflows/lock-closed-issues.yml +++ b/.github/workflows/lock-closed-issues.yml @@ -13,6 +13,6 @@ jobs: lock: runs-on: "ubuntu-24.04" steps: - - uses: "Dunning-Kruger/lock-issues@v1.1" + - uses: "Dunning-Kruger/lock-issues@v1.2" with: repo-token: "${{ secrets.GITHUB_TOKEN }}" From bdcf48043860868771afa5e2f0f364da7cba04be Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Wed, 25 Jun 2025 19:53:43 +0200 Subject: [PATCH 23/39] remove some files --- .browserslistrc | 25 -- .codeclimate.yml | 29 --- .github/labels.yml | 62 ----- .github/release-drafter.yml | 85 ------ .github/release.yml | 38 --- .github/workflows/continuous-integration.yml | 124 --------- .github/workflows/labels.yml | 41 --- .github/workflows/lint-workflow-files.yml | 35 --- .github/workflows/manual_build.yml | 245 ------------------ .github/workflows/publish_on_release.yml | 18 -- .github/workflows/reactions.yml | 36 --- .github/workflows/release-drafter.yml | 41 --- .../workflows/renovate-config-validator.yml | 20 -- .markdown-link-check.json | 7 - .markdownlint.yaml | 236 ----------------- .mega-linter.yml | 27 -- .yamllint.yml | 23 -- package.json | 2 +- 18 files changed, 1 insertion(+), 1093 deletions(-) delete mode 100644 .browserslistrc delete mode 100644 .codeclimate.yml delete mode 100644 .github/labels.yml delete mode 100644 .github/release-drafter.yml delete mode 100644 .github/release.yml delete mode 100644 .github/workflows/continuous-integration.yml delete mode 100644 .github/workflows/labels.yml delete mode 100644 .github/workflows/lint-workflow-files.yml delete mode 100644 .github/workflows/manual_build.yml delete mode 100644 .github/workflows/publish_on_release.yml delete mode 100644 .github/workflows/reactions.yml delete mode 100644 .github/workflows/release-drafter.yml delete mode 100644 .github/workflows/renovate-config-validator.yml delete mode 100644 .markdown-link-check.json delete mode 100644 .markdownlint.yaml delete mode 100644 .mega-linter.yml delete mode 100644 .yamllint.yml diff --git a/.browserslistrc b/.browserslistrc deleted file mode 100644 index 32395b5..0000000 --- a/.browserslistrc +++ /dev/null @@ -1,25 +0,0 @@ -# Browsers that we want to support -unreleased versions -last 2 years -> 0.1% in DE and last 10 versions -Firefox ESR - -# exclude browsers without security updates -not dead - -# exclude opera mini -not op_mini all - -# exclude QQ Browser -not and_qq <= 14.9 - -# exclude UC Browser for Android -not and_uc <= 15.5 - -# exclude Samsung Internet (versions lower than 23) -not samsung <= 22 - -# exclude kaios -# @see https://github.com/postcss/autoprefixer/issues/1533 -# @see https://github.com/twbs/bootstrap/issues/41342 -not kaios <= 2.5 diff --git a/.codeclimate.yml b/.codeclimate.yml deleted file mode 100644 index 25d8ed0..0000000 --- a/.codeclimate.yml +++ /dev/null @@ -1,29 +0,0 @@ -version: "2" -checks: - argument-count: - enabled: false - complex-logic: - enabled: false - file-lines: - enabled: false - method-complexity: - enabled: false - method-count: - enabled: false - method-lines: - enabled: false - nested-control-flow: - enabled: true - return-statements: - enabled: false - similar-code: - enabled: false - identical-code: - enabled: false -plugins: - phpmd: - enabled: false - phpcodesniffer: - enabled: false - sonar-php: - enabled: false diff --git a/.github/labels.yml b/.github/labels.yml deleted file mode 100644 index a79a08e..0000000 --- a/.github/labels.yml +++ /dev/null @@ -1,62 +0,0 @@ ---- -# file-version: 1.0 - -# Default GitHub labels -- color: "ee0701" - name: "bug" - description: "Something isn't working" -- color: "cccccc" - name: "duplicate" - description: "This issue or pull request already exists" -- color: "a2eeef" - name: "enhancement" - description: "New feature or request" -- color: "7057ff" - name: "good first issue" - description: "Good for newcomers" -- color: "128a0c" - name: "help wanted" - description: "Extra attention is needed" -- color: "e6e6e6" - name: "invalid" - description: "This doesn't seem right" -- color: "cc317c" - name: "question" - description: "Further information is requested" -- color: "ffffff" - name: "wontfix" - description: "This will not be worked on" - -# other Labels to all mimmi20 repos -- color: "0025ff" - name: "dependencies" - description: "Pull requests that update a dependency file" -- color: "f9d0c4" - name: "stale" - description: "no activity" -- color: "b60205" - name: "bc break" - description: "BC Break" -- color: "f4e99c" - name: "maintenance" - description: "Maintenance" -- color: "fbca04" - name: "wishlist" - description: "" -- color: "d1260f" - name: "security" - description: "" -- color: "e6e6e6" - name: "removed" - description: "" -- color: "b60205" - name: "deprecated" - description: "" -- color: "0075ca" - name: "documentation" - description: "Improvements or additions to documentation" - -# other Labels -#- color: 5319e7 -# name: "new useragents" -# description: "" diff --git a/.github/release-drafter.yml b/.github/release-drafter.yml deleted file mode 100644 index 44c3487..0000000 --- a/.github/release-drafter.yml +++ /dev/null @@ -1,85 +0,0 @@ ---- -# file-version: 1.0 - -template: | - ## What’s Changed - - $CHANGES - - ## πŸ‘¨πŸΌβ€πŸ’» Contributors - - $CONTRIBUTORS - -change-template: "- $TITLE by @$AUTHOR (#$NUMBER)" -change-title-escapes: '\<*_&#@`' # You can add # and @ to disable mentions, and add ` to disable code blocks. -no-changes-template: "- No changes" -name-template: "$RESOLVED_VERSION" -tag-template: "$RESOLVED_VERSION" -version-template: "$MAJOR.$MINOR.$PATCH" - -exclude-labels: - - "duplicate" - - "question" - - "invalid" - - "wontfix" - -version-resolver: - major: - labels: - - "bc break" - - "removed" - minor: - labels: - - "deprecated" - - "security" - patch: - labels: - - "bug" - - "dependencies" - - "enhancement" - - "maintenance" - - "documentation" - default: patch - -autolabeler: - - label: "documentation" - files: - - "*.md" - -categories: - - title: "**πŸ’₯ Breaking:**" - labels: - - "bc break" - - title: "**🍰 Enhancements:**" - labels: - - "enhancement" - - title: "**🐞 Bugs:**" - labels: - - "bug" - - title: "**πŸ’€ Deprecated:**" - labels: - - "deprecated" - - title: "**πŸ—‘ Removed:**" - labels: - - "removed" - - title: "**πŸ›‘ Security:**" - labels: - - "security" - - title: "**πŸ•Έ Dependencies:**" - labels: - - "dependencies" - - title: "**🧹 Maintenance:**" - labels: - - "maintenance" - - title: "**πŸ“¦ Documentation:**" - labels: - - "documentation" - # other Labels - #- title: "**πŸ“¦ new Useragents:**" - # labels: - # - "new useragents" - -commitish: master -target_commitish: master -filter-by-commitish: true -include-pre-releases: true diff --git a/.github/release.yml b/.github/release.yml deleted file mode 100644 index 790e802..0000000 --- a/.github/release.yml +++ /dev/null @@ -1,38 +0,0 @@ -changelog: - exclude: - labels: - - "duplicate" - - "question" - - "invalid" - - "wontfix" - categories: - - title: "**πŸ’₯ Breaking:**" - labels: - - "bc break" - - title: "**🍰 Enhancements:**" - labels: - - "enhancement" - - title: "**🐞 Bugs:**" - labels: - - "bug" - - title: "**πŸ’€ Deprecated:**" - labels: - - "deprecated" - - title: "**πŸ—‘ Removed:**" - labels: - - "removed" - - title: "**πŸ›‘ Security:**" - labels: - - "security" - - title: "**πŸ•Έ Dependencies:**" - labels: - - "dependencies" - - title: "**🧹 Maintenance:**" - labels: - - "maintenance" - - title: "**πŸ“¦ Documentation:**" - labels: - - "documentation" - - title: "** Other Changes **" - labels: - - "*" diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml deleted file mode 100644 index 4ffd43f..0000000 --- a/.github/workflows/continuous-integration.yml +++ /dev/null @@ -1,124 +0,0 @@ -# https://help.github.com/en/categories/automating-your-workflow-with-github-actions - -# file-version: 1.0 - -name: "Continuous Integration" - -on: - - pull_request - - push - -permissions: - contents: read - -concurrency: - group: "${{ github.event_name }}-${{ github.workflow }}-${{ github.head_ref || github.run_id }}-${{ github.ref }}" - cancel-in-progress: true - -jobs: - validate: - name: "Validate Project" - - uses: "mimmi20/ci/.github/workflows/validate.yml@master" - with: - extensions: "ctype, curl, dom, iconv, intl, mbstring, simplexml, tokenizer, xml, xmlwriter" - ini-values: "opcache.enable=1, opcache.fast_shutdown=0, zend.assertions=1, assert.exception=On, intl.default_locale=de, intl.use_exceptions=1, zend.exception_ignore_args=0" - composer-options: "--optimize-autoloader --prefer-dist --prefer-stable -v" - skip-validate-composer: true - skip-validate-yaml: false - skip-validate-md: false - skip-phplint: true - skip-check-composer: true - skip-ec-checker: true - dependency-analyser-options: "" - - install: - name: "Install Project" - - needs: "validate" - - uses: "mimmi20/ci/.github/workflows/install.yml@master" - with: - extensions: "ctype, curl, dom, iconv, intl, mbstring, simplexml, tokenizer, xml, xmlwriter" - ini-values: "opcache.enable=1, opcache.fast_shutdown=0, zend.assertions=1, assert.exception=On, intl.default_locale=de, intl.use_exceptions=1, zend.exception_ignore_args=0" - composer-options: "--optimize-autoloader --prefer-dist --prefer-stable -v" - skip-php-install: true - skip-npm-install: false - -# analytics: -# name: "Project Analysis" -# -# needs: "install" -# -# uses: "mimmi20/ci/.github/workflows/analytics.yml@master" -# with: -# extensions: "ctype, curl, dom, fileinfo, iconv, intl, mbstring, simplexml, tokenizer, xml, xmlwriter" -# ini-values: "opcache.enable=1, opcache.fast_shutdown=0, zend.assertions=1, assert.exception=On, intl.default_locale=de, intl.use_exceptions=1, zend.exception_ignore_args=0" -# composer-options: "--optimize-autoloader --prefer-dist --prefer-stable -v" -# skip-php-cs-fixer: true -# skip-phpcs: true -# skip-phpstan: true -# skip-rector: true -# skip-eslint: true -# skip-stylelint: true -# skip-prettier: true -# phpcs-options: "" -# -# test: -# name: "Test" -# -# needs: "analytics" -# -# runs-on: "${{ matrix.operating-system }}" -# timeout-minutes: 10 -# continue-on-error: false -# -# strategy: -# fail-fast: false -# -# matrix: -# operating-system: -# - "ubuntu-latest" -# -# node-version: -# - "22" -# - "23" -# - "24" -# -# steps: -# - name: "Checkout" -# uses: "actions/checkout@v4" -# with: -# # Disabling shallow clone is recommended for improving relevancy of reporting -# fetch-depth: 0 -# lfs: false -# persist-credentials: false -# -# - name: "Use Node.js ${{ matrix.node-version }}" -# uses: "actions/setup-node@v4" -# with: -# node-version: "${{ matrix.node-version }}" -# -# - run: npm ci -# - run: npm test - - # This is a meta job to avoid to have to constantly change the protection rules - # whenever we touch the matrix. - tests-status: - name: "Unit & Integration Tests Status" - - runs-on: "ubuntu-24.04" - - if: always() - - needs: - - "install" - - steps: - - name: Successful run - if: ${{ !(contains(needs.*.result, 'failure')) }} - run: exit 0 - - - name: Failing run - if: ${{ contains(needs.*.result, 'failure') }} - run: exit 1 diff --git a/.github/workflows/labels.yml b/.github/workflows/labels.yml deleted file mode 100644 index b01b350..0000000 --- a/.github/workflows/labels.yml +++ /dev/null @@ -1,41 +0,0 @@ -# https://help.github.com/en/categories/automating-your-workflow-with-github-actions - -# file-version: 1.0 - -name: "Sync labels in the declarative way" - -on: - push: - branches: - - "master" - paths: - - ".github/labels.yml" - - ".github/workflows/labels.yml" - -permissions: - contents: read - -jobs: - build: - name: "Sync labels" - - permissions: - issues: write - - runs-on: "ubuntu-24.04" - - steps: - - name: "Checkout" - uses: "actions/checkout@v4" - with: - # Disabling shallow clone is recommended for improving relevancy of reporting - fetch-depth: 0 - lfs: false - persist-credentials: false - - - uses: "micnncim/action-label-syncer@v1.3.0" - env: - GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" - GITHUB_REPOSITORY: "${{ github.repository }}" - with: - manifest: ".github/labels.yml" diff --git a/.github/workflows/lint-workflow-files.yml b/.github/workflows/lint-workflow-files.yml deleted file mode 100644 index b6e2bc7..0000000 --- a/.github/workflows/lint-workflow-files.yml +++ /dev/null @@ -1,35 +0,0 @@ -name: "Lint GitHub Actions workflows" - -on: - pull_request: - paths: - - ".github/**" - -jobs: - actionlint: - runs-on: "ubuntu-24.04" - - steps: - - name: "Checkout" - uses: "actions/checkout@v4" - with: - # Disabling shallow clone is recommended for improving relevancy of reporting - fetch-depth: 0 - lfs: false - persist-credentials: false - - - name: "install libimagequant-dev" - run: "sudo apt-get install libimagequant-dev -y" - - - name: "Use Node.js 22" - uses: "actions/setup-node@v4" - with: - node-version: "22" - - - name: "Check workflow files" - uses: "raven-actions/actionlint@v2" - with: - matcher: true - cache: true - fail-on-error: false - flags: "-ignore SC2086" diff --git a/.github/workflows/manual_build.yml b/.github/workflows/manual_build.yml deleted file mode 100644 index e1b2c05..0000000 --- a/.github/workflows/manual_build.yml +++ /dev/null @@ -1,245 +0,0 @@ -name: Run build - -on: - workflow_dispatch: - inputs: - os_version: - description: 'Select OS' - required: true - default: '["ubuntu-latest"]' - type: choice - options: - - '["ubuntu-latest"]' - - '["macos-latest"]' - - '["ubuntu-latest","macos-latest"]' - # - '["windows-latest"]' - -jobs: - test: - name: Build on ${{ matrix.os }} - strategy: - fail-fast: false - matrix: - os: ${{ fromJSON(inputs.os_version) }} - runs-on: ${{ matrix.os }} - defaults: - run: - shell: bash - steps: - - name: Linux - Install dependencies - if: ${{ matrix.os == 'ubuntu-latest' }} - run: | - sudo apt update -y - sudo apt install -y build-essential cmake make ninja-build nasm meson libz-dev libyuv-dev libpng-dev libjpeg-dev - - - name: macOS - Set up Homebrew - if: ${{ matrix.os == 'macos-latest' }} - id: set-up-homebrew - uses: Homebrew/actions/setup-homebrew@master - # run: /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" - - - name: macOS - Install dependencies - if: ${{ matrix.os == 'macos-latest' }} - run: | - # sudo apt update -y - # sudo apt install -y build-essential gcc - brew update - brew unlink python@3.11 - env: - HOMEBREW_NO_INSTALLED_DEPENDENTS_CHECK: 1 - HOMEBREW_NO_AUTO_UPDATE: 1 - HOMEBREW_NO_ENV_HINTS: 1 - - - name: macOS - List Homebrew deps - if: ${{ matrix.os == 'macos-latest' }} - run: | - deps="homebrewdeps=cmake,ninja,meson,nasm,libpng,jpeg" - echo $deps > homebrew-deps.txt - echo $deps >> $GITHUB_ENV - - # - name: macOS - Restore Homebrew deps from cache - # if: ${{ matrix.os == 'macos-latest' }} - # id: cache-homebrew-deps-restore - # uses: actions/cache/restore@v4 - # with: - # path: brew-cache - # key: ${{ runner.os }}-homebrew-deps-${{ hashFiles('homebrew-deps.txt') }} - - # - name: macOS - Install Homebrew deps from cache - # if: ${{ matrix.os == 'macos-latest' && steps.cache-homebrew-deps-restore.outputs.cache-hit == 'true' }} - # id: try-homebrew-cache - # working-directory: ./brew-cache/ - # continue-on-error: true - # env: - # HOMEBREW_NO_INSTALLED_DEPENDENTS_CHECK: 1 - # HOMEBREW_NO_AUTO_UPDATE: 1 - # HOMEBREW_NO_ENV_HINTS: 1 - # run: | - # deps="${{ env.homebrewdeps }}" - # for i in ${deps//,/ } - # do - # if ls *--${i}--*.tar.gz 1> /dev/null 2>&1; then - # brew list $i || brew install $(ls *--${i}--*.tar.gz) - # else - # echo "No archive in cache for ${i}" - # rm -rf ./brew-cache/ - # exit 1 - # fi - # done - - - name: macOS - Install Homebrew deps - if: ${{ matrix.os == 'macos-latest' && (steps.cache-homebrew-deps-restore.outputs.cache-hit != 'true' || steps.try-homebrew-cache.outcome == 'failure') }} - env: - HOMEBREW_NO_INSTALLED_DEPENDENTS_CHECK: 1 - HOMEBREW_NO_AUTO_UPDATE: 1 - HOMEBREW_NO_ENV_HINTS: 1 - run: | - mkdir brew-cache - deps="${{ env.homebrewdeps }}" - for i in ${deps//,/ } - do - brew list $i &>/dev/null || brew install $i - # cp $(brew --cache $i) ./brew-cache/ - done - - # - name: macOS - Save Homebrew deps to cache - # if: ${{ matrix.os == 'macos-latest' && steps.cache-homebrew-deps-restore.outputs.cache-hit != 'true' }} - # id: cache-homebrew-deps-save - # uses: actions/cache/save@v4 - # with: - # path: brew-cache - # key: ${{ steps.cache-homebrew-deps-restore.outputs.cache-primary-key }} - - - name: Clone libavif repo - run: | - git clone --depth 1 https://github.com/AOMediaCodec/libavif.git - ls -la - - - name: Restore cached libyuv - id: cache-libyuv-restore - uses: actions/cache/restore@v4 - with: - path: | - libavif/ext/libyuv - key: ${{ runner.os }}-libs-libyuv - - - name: Build libyuv - if: steps.cache-libyuv-restore.outputs.cache-hit != 'true' - working-directory: ./libavif/ext/ - run: | - ./libyuv.cmd - - - name: Save libyuv to cache - if: steps.cache-libyuv-restore.outputs.cache-hit != 'true' - id: cache-libyuv-save - uses: actions/cache/save@v4 - with: - path: | - libavif/ext/libyuv - key: ${{ steps.cache-libyuv-restore.outputs.cache-primary-key }} - - - name: Restore cached libsharpyuv - id: cache-libsharpyuv-restore - uses: actions/cache/restore@v4 - with: - path: | - libavif/ext/libwebp - key: ${{ runner.os }}-libs-libsharpyuv - - - name: Build libsharpyuv - if: steps.cache-libsharpyuv-restore.outputs.cache-hit != 'true' - working-directory: ./libavif/ext/ - run: | - ./libsharpyuv.cmd - - - name: Save libsharpyuv to cache - if: steps.cache-libsharpyuv-restore.outputs.cache-hit != 'true' - id: cache-libsharpyuv-save - uses: actions/cache/save@v4 - with: - path: | - libavif/ext/libwebp - key: ${{ steps.cache-libsharpyuv-restore.outputs.cache-primary-key }} - - - name: Restore cached aom - id: cache-aom-restore - uses: actions/cache/restore@v4 - with: - path: | - libavif/ext/aom - key: ${{ runner.os }}-libs-aom - - - name: Build aom - if: steps.cache-aom-restore.outputs.cache-hit != 'true' - working-directory: ./libavif/ext/ - run: | - ./aom.cmd - - - name: Save aom to cache - if: steps.cache-aom-restore.outputs.cache-hit != 'true' - id: cache-aom-save - uses: actions/cache/save@v4 - with: - path: | - libavif/ext/aom - key: ${{ steps.cache-aom-restore.outputs.cache-primary-key }} - - - name: Restore cached dav1d - id: cache-dav1d-restore - uses: actions/cache/restore@v4 - with: - path: | - libavif/ext/dav1d - key: ${{ runner.os }}-libs-dav1d - - - name: Build dav1d - if: steps.cache-dav1d-restore.outputs.cache-hit != 'true' - working-directory: ./libavif/ext/ - run: | - ./dav1d.cmd - - - name: Save dav1d to cache - if: steps.cache-dav1d-restore.outputs.cache-hit != 'true' - id: cache-dav1d-save - uses: actions/cache/save@v4 - with: - path: | - libavif/ext/dav1d - key: ${{ steps.cache-dav1d-restore.outputs.cache-primary-key }} - - - name: Build libavif binaries - run: | - cd ./libavif/ - mkdir build - cd build - cmake -G Ninja -DCMAKE_BUILD_TYPE=Release -DBUILD_SHARED_LIBS=OFF -DAVIF_CODEC_AOM=ON -DAVIF_LOCAL_AOM=ON -DAVIF_CODEC_AOM_DECODE=ON -DAVIF_CODEC_AOM_ENCODE=ON -DAVIF_CODEC_DAV1D=ON -DAVIF_LOCAL_DAV1D=ON -DAVIF_LOCAL_LIBYUV=ON -DAVIF_BUILD_APPS=ON .. - ninja - ls -la - - - name: Test avifenc - run: | - ./libavif/build/avifenc --version - - - name: Test avifdec - run: | - ./libavif/build/avifdec --version - - - name: Upload artifact - uses: actions/upload-artifact@v4 - with: - name: ${{ matrix.os }}-avif-binaries - path: | - ./libavif/build/avifenc - ./libavif/build/avifdec - - # - if: ${{ matrix.os == 'ubuntu-latest' }} - # run: | - # echo "" - - # - if: ${{ matrix.os == 'macos-latest' }} - # run: | - # echo "" - - # - if: ${{ matrix.os == 'windows-latest' }} - # run: | - # echo "" diff --git a/.github/workflows/publish_on_release.yml b/.github/workflows/publish_on_release.yml deleted file mode 100644 index 3730e31..0000000 --- a/.github/workflows/publish_on_release.yml +++ /dev/null @@ -1,18 +0,0 @@ -name: Publish Package to npmjs -on: - release: - types: [created] -jobs: - build: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - # Setup .npmrc file to publish to npm - - uses: actions/setup-node@v4 - with: - node-version: '22.x' - registry-url: 'https://registry.npmjs.org' - - run: npm ci - - run: npm publish - env: - NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} diff --git a/.github/workflows/reactions.yml b/.github/workflows/reactions.yml deleted file mode 100644 index a5f2a0e..0000000 --- a/.github/workflows/reactions.yml +++ /dev/null @@ -1,36 +0,0 @@ -# https://help.github.com/en/categories/automating-your-workflow-with-github-actions - -# file-version: 1.0 - -name: "Reaction Comments" - -on: - issue_comment: - types: - - "created" - - "edited" - pull_request_review_comment: - types: - - "created" - - "edited" - -permissions: - actions: write - issues: write - pull-requests: write - -jobs: - action: - runs-on: "ubuntu-24.04" - steps: - - uses: "dessant/reaction-comments@v4" - with: - github-token: "${{ secrets.GITHUB_TOKEN }}" - issue-comment: > - :wave: @{comment-author}, would you like to leave - a reaction instead? - pr-comment: > - :wave: @{comment-author}, would you like to leave - a reaction instead? - process-only: '' - log-output: false diff --git a/.github/workflows/release-drafter.yml b/.github/workflows/release-drafter.yml deleted file mode 100644 index 12ecd42..0000000 --- a/.github/workflows/release-drafter.yml +++ /dev/null @@ -1,41 +0,0 @@ -# https://help.github.com/en/categories/automating-your-workflow-with-github-actions - -# file-version: 1.0 - -name: "Release Drafter" - -on: - push: - # branches to consider in the event; optional, defaults to all - branches: - - "master" - # pull_request event is required only for autolabeler - pull_request: - # Only following types are handled by the action, but one can default to all as well - types: - - "opened" - - "reopened" - - "synchronize" - # pull_request_target event is required for autolabeler to support PRs from forks - # pull_request_target: - -permissions: - contents: read - -jobs: - update-release-draft: - permissions: - # write permission is required to create a GitHub release - contents: write - # write permission is required for autolabeler - # otherwise, read permission is required at least - pull-requests: write - - runs-on: "ubuntu-24.04" - - steps: - # Drafts your next Release notes as Pull Requests are merged into "master" - - name: "Release Drafter" - uses: "release-drafter/release-drafter@v6.0.0" - env: - GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/renovate-config-validator.yml b/.github/workflows/renovate-config-validator.yml deleted file mode 100644 index cdb6736..0000000 --- a/.github/workflows/renovate-config-validator.yml +++ /dev/null @@ -1,20 +0,0 @@ -name: "Validate Config for Renovate" - -on: - - pull_request - - push - -jobs: - validate: - runs-on: "ubuntu-24.04" - - steps: - - name: "Checkout" - uses: "actions/checkout@v4" - with: - # Disabling shallow clone is recommended for improving relevancy of reporting - fetch-depth: 0 - lfs: false - persist-credentials: false - - - uses: "suzuki-shunsuke/github-action-renovate-config-validator@v1.1.1" diff --git a/.markdown-link-check.json b/.markdown-link-check.json deleted file mode 100644 index 084971c..0000000 --- a/.markdown-link-check.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "timeout": "30s", - "retryOn429": true, - "retryCount": 5, - "fallbackRetryDelay": "30s", - "aliveStatusCodes": [200, 206] -} diff --git a/.markdownlint.yaml b/.markdownlint.yaml deleted file mode 100644 index 629c1b8..0000000 --- a/.markdownlint.yaml +++ /dev/null @@ -1,236 +0,0 @@ -# Example markdownlint configuration with all properties set to their default value - -# Default state for all rules -default: true - -# Path to configuration file to extend -extends: null - -# MD001/heading-increment : Heading levels should only increment by one level at a time : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md001.md -MD001: true - -# MD003/heading-style : Heading style : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md003.md -MD003: - # Heading style - style: "consistent" - -# MD004/ul-style : Unordered list style : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md004.md -MD004: - # List style - style: "consistent" - -# MD005/list-indent : Inconsistent indentation for list items at the same level : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md005.md -MD005: true - -# MD007/ul-indent : Unordered list indentation : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md007.md -MD007: - # Spaces for indent - indent: 2 - # Whether to indent the first level of the list - start_indented: false - # Spaces for first level indent (when start_indented is set) - start_indent: 2 - -# MD009/no-trailing-spaces : Trailing spaces : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md009.md -MD009: false - -# MD010/no-hard-tabs : Hard tabs : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md010.md -MD010: - # Include code blocks - code_blocks: true - # Fenced code languages to ignore - ignore_code_languages: [] - # Number of spaces for each hard tab - spaces_per_tab: 4 - -# MD011/no-reversed-links : Reversed link syntax : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md011.md -MD011: true - -# MD012/no-multiple-blanks : Multiple consecutive blank lines : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md012.md -MD012: - # Consecutive blank lines - maximum: 1 - -# MD013/line-length : Line length : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md013.md -MD013: false - -# MD014/commands-show-output : Dollar signs used before commands without showing output : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md014.md -MD014: true - -# MD018/no-missing-space-atx : No space after hash on atx style heading : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md018.md -MD018: true - -# MD019/no-multiple-space-atx : Multiple spaces after hash on atx style heading : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md019.md -MD019: true - -# MD020/no-missing-space-closed-atx : No space inside hashes on closed atx style heading : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md020.md -MD020: true - -# MD021/no-multiple-space-closed-atx : Multiple spaces inside hashes on closed atx style heading : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md021.md -MD021: true - -# MD022/blanks-around-headings : Headings should be surrounded by blank lines : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md022.md -MD022: - # Blank lines above heading - lines_above: 1 - # Blank lines below heading - lines_below: 1 - -# MD023/heading-start-left : Headings must start at the beginning of the line : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md023.md -MD023: true - -# MD024/no-duplicate-heading : Multiple headings with the same content : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md024.md -MD024: false - -# MD025/single-title/single-h1 : Multiple top-level headings in the same document : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md025.md -MD025: - # Heading level - level: 1 - # RegExp for matching title in front matter - front_matter_title: "^\\s*title\\s*[:=]" - -# MD026/no-trailing-punctuation : Trailing punctuation in heading : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md026.md -MD026: - # Punctuation characters - punctuation: ".,;:!γ€‚οΌŒοΌ›οΌšοΌ" - -# MD027/no-multiple-space-blockquote : Multiple spaces after blockquote symbol : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md027.md -MD027: true - -# MD028/no-blanks-blockquote : Blank line inside blockquote : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md028.md -MD028: true - -# MD029/ol-prefix : Ordered list item prefix : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md029.md -MD029: - # List style - style: "one_or_ordered" - -# MD030/list-marker-space : Spaces after list markers : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md030.md -MD030: - # Spaces for single-line unordered list items - ul_single: 1 - # Spaces for single-line ordered list items - ol_single: 1 - # Spaces for multi-line unordered list items - ul_multi: 1 - # Spaces for multi-line ordered list items - ol_multi: 1 - -# MD031/blanks-around-fences : Fenced code blocks should be surrounded by blank lines : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md031.md -MD031: - # Include list items - list_items: true - -# MD032/blanks-around-lists : Lists should be surrounded by blank lines : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md032.md -MD032: true - -# MD033/no-inline-html : Inline HTML : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md033.md -MD033: - # Allowed elements - allowed_elements: ['br'] - -# MD034/no-bare-urls : Bare URL used : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md034.md -MD034: true - -# MD035/hr-style : Horizontal rule style : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md035.md -MD035: - # Horizontal rule style - style: "consistent" - -# MD036/no-emphasis-as-heading : Emphasis used instead of a heading : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md036.md -MD036: - # Punctuation characters - punctuation: ".,;:!?γ€‚οΌŒοΌ›οΌšοΌοΌŸ" - -# MD037/no-space-in-emphasis : Spaces inside emphasis markers : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md037.md -MD037: true - -# MD038/no-space-in-code : Spaces inside code span elements : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md038.md -MD038: true - -# MD039/no-space-in-links : Spaces inside link text : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md039.md -MD039: true - -# MD040/fenced-code-language : Fenced code blocks should have a language specified : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md040.md -MD040: - # List of languages - allowed_languages: [] - # Require language only - language_only: false - -# MD041/first-line-heading/first-line-h1 : First line in a file should be a top-level heading : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md041.md -MD041: - # Heading level - level: 1 - # RegExp for matching title in front matter - front_matter_title: "^\\s*title\\s*[:=]" - -# MD042/no-empty-links : No empty links : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md042.md -MD042: true - -# MD043/required-headings : Required heading structure : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md043.md -MD043: false - -# MD044/proper-names : Proper names should have the correct capitalization : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md044.md -MD044: - # List of proper names - names: [] - # Include code blocks - code_blocks: true - # Include HTML elements - html_elements: true - -# MD045/no-alt-text : Images should have alternate text (alt text) : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md045.md -MD045: true - -# MD046/code-block-style : Code block style : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md046.md -MD046: - # Block style - style: "consistent" - -# MD047/single-trailing-newline : Files should end with a single newline character : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md047.md -MD047: true - -# MD048/code-fence-style : Code fence style : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md048.md -MD048: - # Code fence style - style: "consistent" - -# MD049/emphasis-style : Emphasis style : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md049.md -MD049: - # Emphasis style - style: "consistent" - -# MD050/strong-style : Strong style : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md050.md -MD050: - # Strong style - style: "consistent" - -# MD051/link-fragments : Link fragments should be valid : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md051.md -MD051: true - -# MD052/reference-links-images : Reference links and images should use a label that is defined : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md052.md -MD052: - # Include shortcut syntax - shortcut_syntax: false - -# MD053/link-image-reference-definitions : Link and image reference definitions should be needed : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md053.md -MD053: - # Ignored definitions - ignored_definitions: - - "//" - -# MD054/link-image-style : Link and image style : https://github.com/DavidAnson/markdownlint/blob/v0.32.1/doc/md054.md -MD054: - # Allow autolinks - autolink: true - # Allow inline links and images - inline: true - # Allow full reference links and images - full: true - # Allow collapsed reference links and images - collapsed: true - # Allow shortcut reference links and images - shortcut: true - # Allow URLs as inline links - url_inline: true diff --git a/.mega-linter.yml b/.mega-linter.yml deleted file mode 100644 index 38de616..0000000 --- a/.mega-linter.yml +++ /dev/null @@ -1,27 +0,0 @@ -VALIDATE_ALL_CODEBASE: true -LOG_LEVEL: INFO -PRINT_ALPACA: false -SHOW_ELAPSED_TIME: true -FILTER_REGEX_EXCLUDE: (vendor/) -ENABLE: - - EDITORCONFIG - - MARKDOWN - - YAML -DISABLE: - - SPELL - #- COPYPASTE -DISABLE_LINTERS: - - MARKDOWN_MARKDOWN_TABLE_FORMATTER - - MARKDOWN_MARKDOWN_LINK_CHECK - - EDITORCONFIG_EDITORCONFIG_CHECKER - - YAML_V8R -EDITORCONFIG_EDITORCONFIG_CHECKER_FILTER_REGEX_EXCLUDE: "(\\.idea|\\.editorconfig|\\.github|\\.phpunit\\.result\\.cache|LICENSE)" -JSON_PRETTIER_FILTER_REGEX_EXCLUDE: "(composer\\.json)" -MARKDOWN_MARKDOWNLINT_FILTER_REGEX_EXCLUDE: "(\\.github)" -MARKDOWN_MARKDOWN_LINK_CHECK_FILTER_REGEX_EXCLUDE: "(\\.github)" -PHP_PHPCS_CONFIG_FILE: "phpcs.xml" -PHP_PHPCS_ARGUMENTS: "-n" -PHP_PHPSTAN_CONFIG_FILE: "phpstan.neon" -PHP_PHPSTAN_FILTER_REGEX_INCLUDE: "(src)" -YAML_YAMLLINT_FILTER_REGEX_EXCLUDE: "(\\.github)" -YAML_PRETTIER_FILTER_REGEX_EXCLUDE: "(\\.github)" diff --git a/.yamllint.yml b/.yamllint.yml deleted file mode 100644 index c167ccd..0000000 --- a/.yamllint.yml +++ /dev/null @@ -1,23 +0,0 @@ ---- - -yaml-files: - - '*.yaml' - - '*.yml' - - '.yamllint' - -rules: - brackets: - forbid: false - min-spaces-inside: 0 - max-spaces-inside: 1 - min-spaces-inside-empty: 0 - max-spaces-inside-empty: 1 - - document-start: disable - - empty-lines: - max: 1 - - line-length: disable - - new-line-at-end-of-file: enable diff --git a/package.json b/package.json index 7d6587f..ec7fadf 100644 --- a/package.json +++ b/package.json @@ -30,7 +30,7 @@ }, "devDependencies": { "ava": "^6.4.0", - "gifsicle": "github:mimmi20/gifsicle-bin#master", + "gifsicle": "^7.0.1", "is-gif": "^4.0.1", "path-exists": "^5.0.0", "xo": "^1.1.0" From fef4ffdf6790c1d138f731fb6ed535767010d19f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Wed, 25 Jun 2025 19:55:48 +0200 Subject: [PATCH 24/39] remove xo --- package.json | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/package.json b/package.json index ec7fadf..cd9f884 100644 --- a/package.json +++ b/package.json @@ -10,7 +10,7 @@ "url": "https://github.com/kevva" }, "engines": { - "node": ">=4" + "node": ">=20" }, "scripts": { "test": "ava" @@ -32,8 +32,7 @@ "ava": "^6.4.0", "gifsicle": "^7.0.1", "is-gif": "^4.0.1", - "path-exists": "^5.0.0", - "xo": "^1.1.0" + "path-exists": "^5.0.0" }, "type": "module", "exports": "./index.js" From eed9933967062c9f94f2917d7f1c6a01987f667d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 14 Jul 2025 03:29:15 +0000 Subject: [PATCH 25/39] npm (base)(deps-dev): update ava requirement Updates the requirements on [ava](https://github.com/avajs/ava) to permit the latest version. Updates `ava` to 6.4.1 - [Release notes](https://github.com/avajs/ava/releases) - [Commits](https://github.com/avajs/ava/compare/v6.4.0...v6.4.1) --- updated-dependencies: - dependency-name: ava dependency-version: 6.4.1 dependency-type: direct:development dependency-group: development-dependencies ... Signed-off-by: dependabot[bot] --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index cd9f884..9732065 100644 --- a/package.json +++ b/package.json @@ -29,7 +29,7 @@ "tempfile": "^5.0.0" }, "devDependencies": { - "ava": "^6.4.0", + "ava": "^6.4.1", "gifsicle": "^7.0.1", "is-gif": "^4.0.1", "path-exists": "^5.0.0" From dd259c8f280a42e2947cbaecd79f132a75de3f5b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 21 Jul 2025 03:34:00 +0000 Subject: [PATCH 26/39] npm (base)(deps): bump p-finally in the production-dependencies group Bumps the production-dependencies group with 1 update: [p-finally](https://github.com/sindresorhus/p-finally). Updates `p-finally` from 2.0.1 to 3.0.0 - [Release notes](https://github.com/sindresorhus/p-finally/releases) - [Commits](https://github.com/sindresorhus/p-finally/compare/v2.0.1...v3.0.0) --- updated-dependencies: - dependency-name: p-finally dependency-version: 3.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: production-dependencies ... Signed-off-by: dependabot[bot] --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 9732065..cdf40cf 100644 --- a/package.json +++ b/package.json @@ -24,7 +24,7 @@ ], "dependencies": { "execa": "^9.6.0", - "p-finally": "^2.0.1", + "p-finally": "^3.0.0", "rimraf": "^6.0.1", "tempfile": "^5.0.0" }, From 76a2c808d75cc8812f6fa8f77f9912b78e74658a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 18 Aug 2025 04:18:29 +0000 Subject: [PATCH 27/39] github-actions: bump actions/checkout Bumps the production-dependencies group with 1 update: [actions/checkout](https://github.com/actions/checkout). Updates `actions/checkout` from 4 to 5 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: production-dependencies ... Signed-off-by: dependabot[bot] --- .github/workflows/cleanup-caches.yml | 2 +- .github/workflows/codeql.yml | 2 +- .github/workflows/dependency-review.yml | 2 +- .github/workflows/test.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/cleanup-caches.yml b/.github/workflows/cleanup-caches.yml index 123fbc8..d67733d 100644 --- a/.github/workflows/cleanup-caches.yml +++ b/.github/workflows/cleanup-caches.yml @@ -15,7 +15,7 @@ jobs: runs-on: "ubuntu-24.04" steps: - name: "Checkout" - uses: "actions/checkout@v4" + uses: "actions/checkout@v5" with: # Disabling shallow clone is recommended for improving relevancy of reporting fetch-depth: 0 diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 9145f86..06fd992 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -48,7 +48,7 @@ jobs: steps: - name: "Checkout" - uses: "actions/checkout@v4" + uses: "actions/checkout@v5" with: # Disabling shallow clone is recommended for improving relevancy of reporting fetch-depth: 0 diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index ca3feca..944a9b1 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -23,7 +23,7 @@ jobs: runs-on: "ubuntu-24.04" steps: - name: "Checkout" - uses: "actions/checkout@v4" + uses: "actions/checkout@v5" with: # Disabling shallow clone is recommended for improving relevancy of reporting fetch-depth: 0 diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index f83480f..b898a98 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -16,7 +16,7 @@ jobs: os: - ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - uses: actions/setup-node@v4 with: node-version: ${{ matrix.node-version }} From 3d7245951056bfe4392e195403829f2882a864ed Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 8 Sep 2025 02:45:08 +0000 Subject: [PATCH 28/39] github-actions: bump actions/setup-node Bumps the production-dependencies group with 1 update: [actions/setup-node](https://github.com/actions/setup-node). Updates `actions/setup-node` from 4 to 5 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/setup-node dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: production-dependencies ... Signed-off-by: dependabot[bot] --- .github/workflows/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index b898a98..31280ef 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -17,7 +17,7 @@ jobs: - ubuntu-latest steps: - uses: actions/checkout@v5 - - uses: actions/setup-node@v4 + - uses: actions/setup-node@v5 with: node-version: ${{ matrix.node-version }} - run: npm install From 4eee5e62bb8571e3f9ea27709e0ebaf427ec1fc6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Fri, 19 Sep 2025 21:14:54 +0200 Subject: [PATCH 29/39] remove deprecated dependency --- .github/workflows/auto-approve.yml | 19 ------------------- .github/workflows/auto-merge.yml | 21 --------------------- index.js | 17 ++++++++++++++++- package.json | 1 - 4 files changed, 16 insertions(+), 42 deletions(-) delete mode 100644 .github/workflows/auto-approve.yml delete mode 100644 .github/workflows/auto-merge.yml diff --git a/.github/workflows/auto-approve.yml b/.github/workflows/auto-approve.yml deleted file mode 100644 index a08b4a7..0000000 --- a/.github/workflows/auto-approve.yml +++ /dev/null @@ -1,19 +0,0 @@ -name: "Auto approve" - -on: - - pull_request_target - -jobs: - auto-approve: - runs-on: "ubuntu-24.04" - - if: ${{ github.actor == 'dependabot[bot]' }} - - permissions: - pull-requests: write - - steps: - - uses: "fastify/github-action-merge-dependabot@v3" - with: - approve-only: true - github-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/auto-merge.yml b/.github/workflows/auto-merge.yml deleted file mode 100644 index 5c3c100..0000000 --- a/.github/workflows/auto-merge.yml +++ /dev/null @@ -1,21 +0,0 @@ -name: "Auto merge" - -on: - - pull_request_target - -jobs: - automerge: - runs-on: "ubuntu-24.04" - - if: ${{ github.actor == 'dependabot[bot]' }} - - permissions: - pull-requests: write - contents: write - - steps: - - uses: "fastify/github-action-merge-dependabot@v3" - with: - github-token: ${{ secrets.GITHUB_TOKEN }} - use-github-auto-merge: true - merge-method: "merge" diff --git a/index.js b/index.js index f5b5d40..7f5f93c 100644 --- a/index.js +++ b/index.js @@ -1,12 +1,27 @@ import { writeFile, readFile } from 'node:fs/promises'; import { execa } from 'execa'; -import pFinally from 'p-finally'; import { rimraf } from 'rimraf' import tempfile from 'tempfile'; export const input = Symbol('inputPath'); export const output = Symbol('outputPath'); +const pFinally = async function( + promise, + onFinally = (() => {}) +) { + let value; + try { + value = await promise; + } catch (error) { + await onFinally(); + throw error; + } + + await onFinally(); + return value; +}; + const func = async opts => { opts = Object.assign({}, opts); diff --git a/package.json b/package.json index cdf40cf..e65091e 100644 --- a/package.json +++ b/package.json @@ -24,7 +24,6 @@ ], "dependencies": { "execa": "^9.6.0", - "p-finally": "^3.0.0", "rimraf": "^6.0.1", "tempfile": "^5.0.0" }, From afeb787235a7a097ff853368dd10fdfa098ee732 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Mon, 29 Sep 2025 19:50:52 +0200 Subject: [PATCH 30/39] update workflows --- .github/CODEOWNERS | 2 + .github/dependabot.yml | 4 +- .github/release-drafter.yml | 81 +++++++++++++++++++++++ .github/workflows/cleanup-caches.yml | 5 +- .github/workflows/codeql.yml | 5 +- .github/workflows/dependency-review.yml | 2 +- .github/workflows/labels.yml | 41 ++++++++++++ .github/workflows/lint-workflow-files.yml | 36 ++++++++++ .github/workflows/lock-closed-issues.yml | 13 ++-- .github/workflows/reactions.yml | 37 +++++++++++ .github/workflows/release-drafter.yml | 41 ++++++++++++ .github/workflows/security.yml | 21 ++++++ .github/workflows/test.yml | 4 ++ 13 files changed, 283 insertions(+), 9 deletions(-) create mode 100644 .github/CODEOWNERS create mode 100644 .github/release-drafter.yml create mode 100644 .github/workflows/labels.yml create mode 100644 .github/workflows/lint-workflow-files.yml create mode 100644 .github/workflows/reactions.yml create mode 100644 .github/workflows/release-drafter.yml create mode 100644 .github/workflows/security.yml diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS new file mode 100644 index 0000000..0070a8e --- /dev/null +++ b/.github/CODEOWNERS @@ -0,0 +1,2 @@ +* @mimmi20 +* @kevva diff --git a/.github/dependabot.yml b/.github/dependabot.yml index b0a82fc..c1dc5ff 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -37,7 +37,7 @@ updates: include: "scope" prefix: "npm (base)" - rebase-strategy: "auto" + rebase-strategy: "disabled" - package-ecosystem: "github-actions" @@ -72,4 +72,4 @@ updates: - dependency-name: "mimmi20/ci" - dependency-name: "release-drafter/release-drafter" - rebase-strategy: "auto" + rebase-strategy: "disabled" diff --git a/.github/release-drafter.yml b/.github/release-drafter.yml new file mode 100644 index 0000000..57529a0 --- /dev/null +++ b/.github/release-drafter.yml @@ -0,0 +1,81 @@ +--- +# file-version: 1.0 + +template: | + ## What’s Changed + + $CHANGES + + ## πŸ‘¨πŸΌβ€πŸ’» Contributors + + $CONTRIBUTORS + +change-template: "- $TITLE by @$AUTHOR (#$NUMBER)" +change-title-escapes: '\<*_&#@`' # You can add # and @ to disable mentions, and add ` to disable code blocks. +no-changes-template: "- No changes" +name-template: "$RESOLVED_VERSION" +tag-template: "$RESOLVED_VERSION" +version-template: "$MAJOR.$MINOR.$PATCH" + +exclude-labels: + - "duplicate" + - "question" + - "invalid" + - "wontfix" + +version-resolver: + major: + labels: + - "bc break" + - "removed" + minor: + labels: + - "deprecated" + - "security" + patch: + labels: + - "bug" + - "dependencies" + - "enhancement" + - "maintenance" + - "documentation" + default: patch + +autolabeler: + - label: "documentation" + files: + - "*.md" + +categories: + - title: "**πŸ’₯ Breaking:**" + labels: + - "bc break" + - title: "**🍰 Enhancements:**" + labels: + - "enhancement" + - title: "**🐞 Bugs:**" + labels: + - "bug" + - title: "**πŸ’€ Deprecated:**" + labels: + - "deprecated" + - title: "**πŸ—‘ Removed:**" + labels: + - "removed" + - title: "**πŸ›‘ Security:**" + labels: + - "security" + - title: "**πŸ•Έ Dependencies:**" + labels: + - "dependencies" + - title: "**🧹 Maintenance:**" + labels: + - "maintenance" + - title: "**πŸ“¦ Documentation:**" + labels: + - "documentation" + +commitish: master +target_commitish: master +filter-by-commitish: true +include-pre-releases: true diff --git a/.github/workflows/cleanup-caches.yml b/.github/workflows/cleanup-caches.yml index d67733d..32dcb7e 100644 --- a/.github/workflows/cleanup-caches.yml +++ b/.github/workflows/cleanup-caches.yml @@ -10,9 +10,12 @@ on: - "closed" workflow_dispatch: +permissions: + contents: read + jobs: cleanup: - runs-on: "ubuntu-24.04" + runs-on: "ubuntu-latest" steps: - name: "Checkout" uses: "actions/checkout@v5" diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 06fd992..37e3937 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -27,10 +27,13 @@ on: schedule: - cron: "28 0 * * 0" +permissions: + contents: read + jobs: analyze: name: "Analyze" - runs-on: "ubuntu-24.04" + runs-on: "ubuntu-latest" permissions: actions: read contents: read diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 944a9b1..53b560a 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -20,7 +20,7 @@ permissions: jobs: dependency-review: - runs-on: "ubuntu-24.04" + runs-on: "ubuntu-latest" steps: - name: "Checkout" uses: "actions/checkout@v5" diff --git a/.github/workflows/labels.yml b/.github/workflows/labels.yml new file mode 100644 index 0000000..acc69aa --- /dev/null +++ b/.github/workflows/labels.yml @@ -0,0 +1,41 @@ +# https://help.github.com/en/categories/automating-your-workflow-with-github-actions + +# file-version: 1.0 + +name: "Sync labels in the declarative way" + +on: + push: + branches: + - "master" + paths: + - ".github/labels.yml" + - ".github/workflows/labels.yml" + +permissions: + contents: read + +jobs: + build: + name: "Sync labels" + + permissions: + issues: write + + runs-on: "ubuntu-latest" + + steps: + - name: "Checkout" + uses: "actions/checkout@v5" + with: + # Disabling shallow clone is recommended for improving relevancy of reporting + fetch-depth: 0 + lfs: false + persist-credentials: false + + - uses: "micnncim/action-label-syncer@v1.3.0" + env: + GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" + GITHUB_REPOSITORY: "${{ github.repository }}" + with: + manifest: ".github/labels.yml" diff --git a/.github/workflows/lint-workflow-files.yml b/.github/workflows/lint-workflow-files.yml new file mode 100644 index 0000000..892b391 --- /dev/null +++ b/.github/workflows/lint-workflow-files.yml @@ -0,0 +1,36 @@ +name: "Lint GitHub Actions workflows" + +on: + pull_request: + paths: + - ".github/**" + +permissions: + contents: read + +jobs: + actionlint: + uses: "mimmi20/ci/.github/workflows/lint-actions.yml@8.3" + with: + skip-nasm-install: false + skip-libimagequant-install: false + + # This is a meta job to avoid to have to constantly change the protection rules + # whenever we touch the matrix. + lint-status: + name: "Lint Status" + + runs-on: "ubuntu-latest" + + if: always() + + needs: "actionlint" + + steps: + - name: Failing run + if: ${{ contains(needs.*.result, 'failure') }} + run: exit 1 + + - name: Successful run + if: ${{ !(contains(needs.*.result, 'failure')) }} + run: exit 0 diff --git a/.github/workflows/lock-closed-issues.yml b/.github/workflows/lock-closed-issues.yml index e605e34..4ee3ff5 100644 --- a/.github/workflows/lock-closed-issues.yml +++ b/.github/workflows/lock-closed-issues.yml @@ -9,10 +9,15 @@ on: types: - "closed" +permissions: + contents: read + jobs: lock: - runs-on: "ubuntu-24.04" + name: "Lock" + runs-on: "ubuntu-latest" + permissions: + issues: write steps: - - uses: "Dunning-Kruger/lock-issues@v1.2" - with: - repo-token: "${{ secrets.GITHUB_TOKEN }}" + - name: "Lock issue" + uses: "IOrlandoni/lock-issues@v1.2.1" diff --git a/.github/workflows/reactions.yml b/.github/workflows/reactions.yml new file mode 100644 index 0000000..d79fae1 --- /dev/null +++ b/.github/workflows/reactions.yml @@ -0,0 +1,37 @@ +# https://help.github.com/en/categories/automating-your-workflow-with-github-actions + +# file-version: 1.0 + +name: "Reaction Comments" + +on: + issue_comment: + types: + - "created" + - "edited" + pull_request_review_comment: + types: + - "created" + - "edited" + +permissions: + contents: read + actions: write + issues: write + pull-requests: write + +jobs: + action: + runs-on: "ubuntu-latest" + steps: + - uses: "dessant/reaction-comments@v4" + with: + github-token: "${{ secrets.GITHUB_TOKEN }}" + issue-comment: > + :wave: @{comment-author}, would you like to leave + a reaction instead? + pr-comment: > + :wave: @{comment-author}, would you like to leave + a reaction instead? + process-only: '' + log-output: false diff --git a/.github/workflows/release-drafter.yml b/.github/workflows/release-drafter.yml new file mode 100644 index 0000000..f4b2d5e --- /dev/null +++ b/.github/workflows/release-drafter.yml @@ -0,0 +1,41 @@ +# https://help.github.com/en/categories/automating-your-workflow-with-github-actions + +# file-version: 1.0 + +name: "Release Drafter" + +on: + push: + # branches to consider in the event; optional, defaults to all + branches: + - "master" + # pull_request event is required only for autolabeler + pull_request: + # Only following types are handled by the action, but one can default to all as well + types: + - "opened" + - "reopened" + - "synchronize" + # pull_request_target event is required for autolabeler to support PRs from forks + # pull_request_target: + +permissions: + contents: read + +jobs: + update-release-draft: + permissions: + # write permission is required to create a GitHub release + contents: write + # write permission is required for autolabeler + # otherwise, read permission is required at least + pull-requests: write + + runs-on: "ubuntu-latest" + + steps: + # Drafts your next Release notes as Pull Requests are merged into "master" + - name: "Release Drafter" + uses: "release-drafter/release-drafter@v6.0.0" + env: + GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml new file mode 100644 index 0000000..e5267b4 --- /dev/null +++ b/.github/workflows/security.yml @@ -0,0 +1,21 @@ +name: "OX Security Scan" +on: + push: + branches: + - "master" + pull_request: + types: ["opened", "reopened", "synchronize"] + branches: + - "master" + +permissions: + contents: read + +jobs: + security: + runs-on: "ubuntu-latest" + steps: + - name: "Run OX Security Scan to check for vulnerabilities" + with: + ox_api_key: ${{ secrets.OX_API_KEY }} + uses: "oxsecurity/ox-security-scan@1.0.0" diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 31280ef..a6b746f 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -2,6 +2,10 @@ name: test on: - push - pull_request + +permissions: + contents: read + jobs: test: name: Node.js ${{ matrix.node-version }} on ${{ matrix.os }} From 93a3f11e2a52a36810df89186b12dcf2cbd019a9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Fri, 3 Oct 2025 14:05:37 +0200 Subject: [PATCH 31/39] Update dependabot.yml --- .github/dependabot.yml | 54 +++++++++++++----------------------------- 1 file changed, 17 insertions(+), 37 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index c1dc5ff..52176e6 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -4,24 +4,26 @@ version: 2 -updates: - - package-ecosystem: "npm" - - directory: "/" - +multi-ecosystem-groups: + maintenance-master: schedule: interval: "weekly" day: "monday" time: "04:00" timezone: "Europe/Berlin" + cooldown: + default-days: 7 + groups: production-dependencies: dependency-type: "production" development-dependencies: dependency-type: "development" - open-pull-requests-limit: 10 + versioning-strategy: "increase" + + rebase-strategy: "disabled" assignees: - "mimmi20" @@ -29,47 +31,25 @@ updates: labels: - "dependencies" - versioning-strategy: "increase" - target-branch: "master" - commit-message: - include: "scope" - prefix: "npm (base)" - - rebase-strategy: "disabled" - - - package-ecosystem: "github-actions" +updates: + - package-ecosystem: "npm" directory: "/" - schedule: - interval: "weekly" - day: "monday" - time: "04:00" - timezone: "Europe/Berlin" - - groups: - production-dependencies: - dependency-type: "production" - development-dependencies: - dependency-type: "development" + multi-ecosystem-group: "maintenance-master" - open-pull-requests-limit: 10 + patterns: [ "*" ] - assignees: - - "mimmi20" - - labels: - - "dependencies" - - target-branch: "master" + - package-ecosystem: "github-actions" - commit-message: - prefix: "github-actions" + directory: "/" ignore: - dependency-name: "mimmi20/ci" - dependency-name: "release-drafter/release-drafter" - rebase-strategy: "disabled" + multi-ecosystem-group: "maintenance-master" + + patterns: [ "*" ] From 3bd7572e7fd1a7b6a311e39fad0b0f29c764c680 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 13 Oct 2025 02:47:19 +0000 Subject: [PATCH 32/39] Bump github/codeql-action from 3 to 4 in the maintenance-master group Bumps the maintenance-master group with 1 update: [github/codeql-action](https://github.com/github/codeql-action). Updates `github/codeql-action` from 3 to 4 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v3...v4) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major dependency-group: maintenance-master ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 37e3937..83dc4d6 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -60,7 +60,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: "Initialize CodeQL" - uses: "github/codeql-action/init@v3" + uses: "github/codeql-action/init@v4" with: languages: "${{ matrix.language }}" # If you wish to specify custom queries, you can do so here or in a config file. @@ -73,7 +73,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: "Autobuild" - uses: "github/codeql-action/autobuild@v3" + uses: "github/codeql-action/autobuild@v4" # ℹ️ Command-line programs to run using the OS shell. # πŸ“š See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -86,6 +86,6 @@ jobs: # ./location_of_script_within_repo/buildscript.sh - name: "Perform CodeQL Analysis" - uses: "github/codeql-action/analyze@v3" + uses: "github/codeql-action/analyze@v4" with: category: "/language:${{matrix.language}}" From f8004f0608c273abc625d57de84f406f615001a1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Mon, 13 Oct 2025 06:26:40 +0200 Subject: [PATCH 33/39] Update dependabot.yml --- .github/dependabot.yml | 52 +++++++++++++++++++++++++++++------------- 1 file changed, 36 insertions(+), 16 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 52176e6..e42f890 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -4,8 +4,11 @@ version: 2 -multi-ecosystem-groups: - maintenance-master: +updates: + - package-ecosystem: "npm" + + directory: "/" + schedule: interval: "weekly" day: "monday" @@ -21,35 +24,52 @@ multi-ecosystem-groups: development-dependencies: dependency-type: "development" - versioning-strategy: "increase" - - rebase-strategy: "disabled" - assignees: - "mimmi20" labels: - "dependencies" - target-branch: "master" + versioning-strategy: "increase" -updates: - - package-ecosystem: "npm" + commit-message: + include: "scope" + prefix: "npm (master)" + + # Disable rebasing for all pull requests + rebase-strategy: "disabled" + + - package-ecosystem: "github-actions" directory: "/" - multi-ecosystem-group: "maintenance-master" + schedule: + interval: "weekly" + day: "monday" + time: "04:00" + timezone: "Europe/Berlin" + + cooldown: + default-days: 7 - patterns: [ "*" ] + groups: + production-dependencies: + dependency-type: "production" + development-dependencies: + dependency-type: "development" - - package-ecosystem: "github-actions" + assignees: + - "mimmi20" - directory: "/" + labels: + - "dependencies" + + commit-message: + prefix: "github-actions (master)" ignore: - dependency-name: "mimmi20/ci" - dependency-name: "release-drafter/release-drafter" - multi-ecosystem-group: "maintenance-master" - - patterns: [ "*" ] + # Disable rebasing for all pull requests + rebase-strategy: "disabled" From fb06267586cb87233d2fa36fe74730a0c39edfba Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Sun, 19 Oct 2025 17:49:19 +0200 Subject: [PATCH 34/39] update workflow --- .github/dependabot.yml | 10 ++++------ .github/workflows/lint-workflow-files.yml | 2 +- 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index e42f890..a0d9405 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -10,9 +10,8 @@ updates: directory: "/" schedule: - interval: "weekly" - day: "monday" - time: "04:00" + interval: "cron" + cronjob: "0 4 15 * *" timezone: "Europe/Berlin" cooldown: @@ -44,9 +43,8 @@ updates: directory: "/" schedule: - interval: "weekly" - day: "monday" - time: "04:00" + interval: "cron" + cronjob: "0 4 15 * *" timezone: "Europe/Berlin" cooldown: diff --git a/.github/workflows/lint-workflow-files.yml b/.github/workflows/lint-workflow-files.yml index 892b391..8ad01fa 100644 --- a/.github/workflows/lint-workflow-files.yml +++ b/.github/workflows/lint-workflow-files.yml @@ -10,7 +10,7 @@ permissions: jobs: actionlint: - uses: "mimmi20/ci/.github/workflows/lint-actions.yml@8.3" + uses: "mimmi20/ci/.github/workflows/lint-actions.yml@8.4" with: skip-nasm-install: false skip-libimagequant-install: false From 4877a00e02721218782451760870d640ec31ae31 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 15 Nov 2025 03:26:45 +0000 Subject: [PATCH 35/39] npm (master)(deps): update rimraf requirement Updates the requirements on [rimraf](https://github.com/isaacs/rimraf) to permit the latest version. Updates `rimraf` to 6.1.0 - [Changelog](https://github.com/isaacs/rimraf/blob/main/CHANGELOG.md) - [Commits](https://github.com/isaacs/rimraf/compare/v6.0.1...v6.1.0) --- updated-dependencies: - dependency-name: rimraf dependency-version: 6.1.0 dependency-type: direct:production dependency-group: production-dependencies ... Signed-off-by: dependabot[bot] --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index e65091e..42ca93d 100644 --- a/package.json +++ b/package.json @@ -24,7 +24,7 @@ ], "dependencies": { "execa": "^9.6.0", - "rimraf": "^6.0.1", + "rimraf": "^6.1.0", "tempfile": "^5.0.0" }, "devDependencies": { From db1c854d8063e05b96839544cc6c4619a9b48608 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 15 Nov 2025 03:27:25 +0000 Subject: [PATCH 36/39] github-actions (master): bump actions/setup-node Bumps the production-dependencies group with 1 update: [actions/setup-node](https://github.com/actions/setup-node). Updates `actions/setup-node` from 5 to 6 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/v5...v6) --- updated-dependencies: - dependency-name: actions/setup-node dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: production-dependencies ... Signed-off-by: dependabot[bot] --- .github/workflows/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index a6b746f..13c6ca9 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -21,7 +21,7 @@ jobs: - ubuntu-latest steps: - uses: actions/checkout@v5 - - uses: actions/setup-node@v5 + - uses: actions/setup-node@v6 with: node-version: ${{ matrix.node-version }} - run: npm install From 74f0ca679b01fac83258ae02380e8b6f55a006a5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 15 Dec 2025 03:27:55 +0000 Subject: [PATCH 37/39] npm (master)(deps): bump the production-dependencies group with 2 updates Updates the requirements on [execa](https://github.com/sindresorhus/execa) and [rimraf](https://github.com/isaacs/rimraf) to permit the latest version. Updates `execa` to 9.6.1 - [Release notes](https://github.com/sindresorhus/execa/releases) - [Commits](https://github.com/sindresorhus/execa/compare/v9.6.0...v9.6.1) Updates `rimraf` to 6.1.2 - [Changelog](https://github.com/isaacs/rimraf/blob/main/CHANGELOG.md) - [Commits](https://github.com/isaacs/rimraf/compare/v6.1.0...v6.1.2) --- updated-dependencies: - dependency-name: execa dependency-version: 9.6.1 dependency-type: direct:production dependency-group: production-dependencies - dependency-name: rimraf dependency-version: 6.1.2 dependency-type: direct:production dependency-group: production-dependencies ... Signed-off-by: dependabot[bot] --- package.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/package.json b/package.json index 42ca93d..a345eeb 100644 --- a/package.json +++ b/package.json @@ -23,8 +23,8 @@ "exec" ], "dependencies": { - "execa": "^9.6.0", - "rimraf": "^6.1.0", + "execa": "^9.6.1", + "rimraf": "^6.1.2", "tempfile": "^5.0.0" }, "devDependencies": { From 9c91645b56d2ea3048c1d3a5334e0677301b4f0d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Mon, 15 Dec 2025 11:16:54 +0100 Subject: [PATCH 38/39] update workflows --- .github/workflows/cleanup-caches.yml | 52 +++++++++++------------ .github/workflows/dependency-review.yml | 35 +++++++++------ .github/workflows/labels.yml | 37 +++++++++------- .github/workflows/lint-workflow-files.yml | 2 + .github/workflows/reactions.yml | 1 + 5 files changed, 69 insertions(+), 58 deletions(-) diff --git a/.github/workflows/cleanup-caches.yml b/.github/workflows/cleanup-caches.yml index 32dcb7e..f4303eb 100644 --- a/.github/workflows/cleanup-caches.yml +++ b/.github/workflows/cleanup-caches.yml @@ -15,33 +15,29 @@ permissions: jobs: cleanup: + name: "Cleanup Caches" + uses: "mimmi20/ci/.github/workflows/cleanup-cache.yml@8.4" + with: + repository: ${{ github.repository }} + ref: ${{ github.ref }} + + # This is a meta job to avoid to have to constantly change the protection rules + # whenever we touch the matrix. + cleanup-status: + name: "Cleanup Status" + runs-on: "ubuntu-latest" + + if: always() + + needs: + - "cleanup" + steps: - - name: "Checkout" - uses: "actions/checkout@v5" - with: - # Disabling shallow clone is recommended for improving relevancy of reporting - fetch-depth: 0 - lfs: false - persist-credentials: false - - - name: "Cleanup" - run: | - gh extension install actions/gh-actions-cache - - REPO=${{ github.repository }} - BRANCH=${{ github.ref }} - - echo "Fetching list of cache key" - cacheKeysForPR=$(gh actions-cache list -R $REPO -B $BRANCH | cut -f 1 ) - - ## Setting this to not fail the workflow while deleting cache keys. - set +e - echo "Deleting caches..." - for cacheKey in $cacheKeysForPR - do - gh actions-cache delete $cacheKey -R $REPO -B $BRANCH --confirm - done - echo "Done" - env: - GH_TOKEN: "${{ secrets.GITHUB_TOKEN }}" + - name: Successful run + if: ${{ !(contains(needs.*.result, 'failure')) }} + run: exit 0 + + - name: Failing run + if: ${{ contains(needs.*.result, 'failure') }} + run: exit 1 diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 53b560a..adf0dcd 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -20,19 +20,26 @@ permissions: jobs: dependency-review: + name: "Review" + uses: "mimmi20/ci/.github/workflows/review-dependency.yml@8.4" + + # This is a meta job to avoid to have to constantly change the protection rules + # whenever we touch the matrix. + review-status: + name: "Review Status" + runs-on: "ubuntu-latest" + + if: always() + + needs: + - "dependency-review" + steps: - - name: "Checkout" - uses: "actions/checkout@v5" - with: - # Disabling shallow clone is recommended for improving relevancy of reporting - fetch-depth: 0 - lfs: false - persist-credentials: false - - - name: "Dependency Review" - uses: "actions/dependency-review-action@v4" - with: - "license-check": true - "vulnerability-check": true - "comment-summary-in-pr": true + - name: Successful run + if: ${{ !(contains(needs.*.result, 'failure')) }} + run: exit 0 + + - name: Failing run + if: ${{ contains(needs.*.result, 'failure') }} + run: exit 1 diff --git a/.github/workflows/labels.yml b/.github/workflows/labels.yml index acc69aa..dc9bed8 100644 --- a/.github/workflows/labels.yml +++ b/.github/workflows/labels.yml @@ -14,28 +14,33 @@ on: permissions: contents: read + issues: write jobs: build: name: "Sync labels" + uses: "mimmi20/ci/.github/workflows/sync-labels.yml@8.4" + with: + repository: ${{ github.repository }} + manifest: ".github/labels.yml" - permissions: - issues: write + # This is a meta job to avoid to have to constantly change the protection rules + # whenever we touch the matrix. + label-status: + name: "Sync Label Status" runs-on: "ubuntu-latest" + if: always() + + needs: + - "build" + steps: - - name: "Checkout" - uses: "actions/checkout@v5" - with: - # Disabling shallow clone is recommended for improving relevancy of reporting - fetch-depth: 0 - lfs: false - persist-credentials: false - - - uses: "micnncim/action-label-syncer@v1.3.0" - env: - GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" - GITHUB_REPOSITORY: "${{ github.repository }}" - with: - manifest: ".github/labels.yml" + - name: Successful run + if: ${{ !(contains(needs.*.result, 'failure')) }} + run: exit 0 + + - name: Failing run + if: ${{ contains(needs.*.result, 'failure') }} + run: exit 1 diff --git a/.github/workflows/lint-workflow-files.yml b/.github/workflows/lint-workflow-files.yml index 8ad01fa..62b07e1 100644 --- a/.github/workflows/lint-workflow-files.yml +++ b/.github/workflows/lint-workflow-files.yml @@ -14,6 +14,8 @@ jobs: with: skip-nasm-install: false skip-libimagequant-install: false + skip-librabbitmq-install: true + skip-libgif-install: true # This is a meta job to avoid to have to constantly change the protection rules # whenever we touch the matrix. diff --git a/.github/workflows/reactions.yml b/.github/workflows/reactions.yml index d79fae1..99ef3ad 100644 --- a/.github/workflows/reactions.yml +++ b/.github/workflows/reactions.yml @@ -23,6 +23,7 @@ permissions: jobs: action: runs-on: "ubuntu-latest" + steps: - uses: "dessant/reaction-comments@v4" with: From f25d4b081e531f1e7386bb4e601f58e13fd7a236 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 15 Dec 2025 10:22:16 +0000 Subject: [PATCH 39/39] github-actions (master): bump actions/checkout Bumps the production-dependencies group with 1 update: [actions/checkout](https://github.com/actions/checkout). Updates `actions/checkout` from 5 to 6 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v5...v6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: production-dependencies ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql.yml | 2 +- .github/workflows/test.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 83dc4d6..68906ae 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -51,7 +51,7 @@ jobs: steps: - name: "Checkout" - uses: "actions/checkout@v5" + uses: "actions/checkout@v6" with: # Disabling shallow clone is recommended for improving relevancy of reporting fetch-depth: 0 diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 13c6ca9..80a38ed 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -20,7 +20,7 @@ jobs: os: - ubuntu-latest steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 - uses: actions/setup-node@v6 with: node-version: ${{ matrix.node-version }}