Skip to content

Update security policy #3119

Update security policy

Update security policy #3119

Workflow file for this run

name: Linting
# Trigger each time HEAD branch is updated in a pull request
# see https://github.com/orgs/community/discussions/26366
on:
pull_request:
types: [opened, reopened, synchronize, ready_for_review]
jobs:
rubocop:
name: RuboCop (Ruby)
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 2 # to also fetch parent of PR (used to get changed files)
- name: Get changed files
id: rb-changed
uses: ./.github/actions/changed_files/
with:
file-extensions: \.rb$
- name: Set up Ruby 3
if: ${{ steps.rb-changed.outputs.changed-files != ''}}
uses: ruby/setup-ruby@v1
with:
ruby-version: 3.1.4
bundler-cache: true
- name: Run RuboCop
if: ${{ steps.rb-changed.outputs.changed-files != ''}}
run: |
echo "🚨 Running RuboCop version: $(bundle info rubocop | head -1)"
bundle exec rubocop --format github --fail-level 'convention' --force-exclusion -- $CHANGED_FILES
eslint:
name: ESLint (JS)
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 2 # to also fetch parent of PR (used to get changed files)
- name: Get changed files
id: js-changed
uses: ./.github/actions/changed_files/
with:
# .(mjs is only used for eslint.config.mjs as of January 2024)
file-extensions: \.js$|\.mjs$|\.js.erb$
- name: Setup Node.js
if: ${{ steps.js-changed.outputs.changed-files != ''}}
uses: actions/setup-node@v4
with:
node-version: '20' # End of Life (EOL): April 2026
cache: 'yarn'
- name: Install dependencies
if: ${{ steps.js-changed.outputs.changed-files != ''}}
run: yarn install
# with ESLint v9 --ignore-path does not exist anymore
# see [1] for the PR. However, my feeling for this is totally reflected
# by [2]. Hopefully, it will come back in future versions.
# [1] https://github.com/eslint/eslint/pull/16355
# [2] https://github.com/eslint/eslint/issues/16264#issuecomment-1292858747
- name: Run ESLint
if: ${{ steps.js-changed.outputs.changed-files != ''}}
run: |
echo "🚨 Running ESLint version: $(yarn run --silent eslint --version)"
yarn run eslint --config ./.config/eslint.mjs --max-warnings 0 --no-warn-ignored ${{ steps.js-changed.outputs.changed-files }}