From 255cb6e523c8d782020df767a94b53d469737f49 Mon Sep 17 00:00:00 2001 From: ROBOT Date: Tue, 1 Jul 2025 19:17:45 +0900 Subject: [PATCH 1/2] docs: add SECURITY.md to outline vulnerability reporting process --- .github/SECURITY.md | 1 + 1 file changed, 1 insertion(+) create mode 100644 .github/SECURITY.md diff --git a/.github/SECURITY.md b/.github/SECURITY.md new file mode 100644 index 0000000..bb3d45c --- /dev/null +++ b/.github/SECURITY.md @@ -0,0 +1 @@ +If you find a vulnerability, please contact robot@thunlights.com. From 9e86dbec407f632efd205cf4d8e88afae73ec618 Mon Sep 17 00:00:00 2001 From: ROBOT Date: Tue, 1 Jul 2025 19:19:10 +0900 Subject: [PATCH 2/2] ci: switch dependency installation from npm to bun in CI workflows --- .github/workflows/ci.yml | 9 ++++++++- .github/workflows/release.yml | 6 +++++- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 480aa90..3ca1b3d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -19,8 +19,15 @@ jobs: with: node-version: 22 + - uses: oven-sh/setup-bun@v2 + with: + bun-version: latest + - name: Install Dependencies - run: npm install + run: bun install + + - name: Build Check + run: npm run build - name: Lint Check run: npm run lint diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index f6b1b22..a7a7df9 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -25,8 +25,12 @@ jobs: with: node-version: 22 + - uses: oven-sh/setup-bun@v2 + with: + bun-version: latest + - name: Install Dependencies - run: npm install + run: bun install - name: Create Release Pull Request uses: changesets/action@v1