Skip to content

[pull] main from google:main #3788

[pull] main from google:main

[pull] main from google:main #3788

name: Lint CSS/JS/MD
on:
push:
# Only run if CSS/JS/MD-related files changed.
paths:
- '**.js'
- '**.cjs'
- '**.ts'
- '**.tsx'
- '**.css'
- 'docs/**/*.md'
- 'packages/**/*.md'
- '.eslint*'
- '.markdownlint*'
- '.npmpackagejsonlintrc.json'
- '.nvmrc'
- '.prettier*'
- '.stylelint*'
- '**/package.json'
- 'package-lock.json'
branches:
- main
- release/*
pull_request:
# Only run if CSS/JS/MD-related files changed.
paths:
- '**.js'
- '**.cjs'
- '**.ts'
- '**.tsx'
- '**.css'
- 'docs/**/*.md'
- 'packages/**/*.md'
- '.eslint*'
- '.markdownlint*'
- '.npmpackagejsonlintrc.json'
- '.nvmrc'
- '.prettier*'
- '.stylelint*'
- '**/package.json'
- 'package-lock.json'
# Cancels all previous workflow runs for pull requests that have not completed.
concurrency:
# The concurrency group contains the workflow name and the (target) branch name.
group: ${{ github.workflow }}-${{ github.head_ref || github.ref }}
cancel-in-progress: true
permissions:
contents: read
jobs:
lint:
name: Lint
runs-on: ubuntu-latest
permissions:
checks: write # for ataylorme/eslint-annotate-action to create checks
contents: read # for actions/checkout to fetch code
pull-requests: read # for ataylorme/eslint-annotate-action to get changed PR files
timeout-minutes: 20
steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f
with:
disable-sudo: true
disable-file-monitoring: true
egress-policy: block
allowed-endpoints: >
api.github.com:443
github.com:443
registry.npmjs.org:443
bun.sh:443
54.185.253.63:443
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
- name: Setup Node
uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af
with:
node-version-file: '.nvmrc'
cache: npm
- name: Install dependencies
run: npm ci
env:
PUPPETEER_SKIP_DOWNLOAD: true
- name: Setup Bun
uses: oven-sh/setup-bun@4bc047ad259df6fc24a6c9b0f9a0cb08cf17fbe5
with:
bun-version: latest
- name: Markdown Lint
run: npm run lint:md
- name: CSS Lint
run: npm run lint:css
- name: package.json Lint
run: npm run lint:package-json
# Do this first so that the types are available to ESLint,
# particularly the more sophisticated `@typescript/eslint` rules.
- name: Type checking
run: npm run workflow:bundle-packages:types
- name: JS Lint
run: npm run lint:js
env:
NODE_OPTIONS: --max-old-space-size=4096
if: >
github.event.pull_request.head.repo.fork == true ||
github.event.pull_request.user.login == 'dependabot[bot]'
- name: JS Lint Report
run: npm run lint:js:report
continue-on-error: true
env:
NODE_OPTIONS: --max-old-space-size=4096
# Prevent generating the ESLint report if PR is from a fork or authored by Dependabot.
if: >
github.event.pull_request.head.repo.fork == false &&
github.event.pull_request.user.login != 'dependabot[bot]'
- name: Annotate JS Lint Results
uses: ataylorme/eslint-annotate-action@3.0.0
with:
repo-token: '${{ secrets.GITHUB_TOKEN }}'
report-json: 'build/lint-js-report.json'
# The action cannot annotate the PR when run from a PR fork or authored by Dependabot.
if: >
github.event.pull_request.head.repo.fork == false &&
github.event.pull_request.user.login != 'dependabot[bot]'
- name: JSON Schema validation
run: npm run test:schema