Add support for linting annotations and other static analysis workflow improvements #76120
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -33,6 +33,12 @@ jobs: | |
| event: ['${{ github.event_name }}'] | ||
| node: ['20', '22', '24'] | ||
| os: ['macos-15', 'ubuntu-24.04', 'windows-2025'] | ||
|
|
||
| include: | ||
| # Only generate annotations once. | ||
| - node: '24' | ||
| os: 'ubuntu-24.04' | ||
| annotations: true | ||
| exclude: | ||
| # On PRs: Only test Node 20 on Ubuntu and Windows | ||
| - event: 'pull_request' | ||
|
|
@@ -50,11 +56,12 @@ jobs: | |
| uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0 | ||
| with: | ||
| node-version: ${{ matrix.node }} | ||
| cache: npm | ||
|
Member
There was a problem hiding this comment. This seems like it'll be a nice win as a standalone change 👍 Surprised we didn't have this or that it's not a default. Though reading the relevant documentation, it does have me thinking whether we should have
Member
Author
There was a problem hiding this comment.
Ah, good catch. That is a relatively new addition to I'm torn for this one. On one hand it's good to have it on by default for the sake of better performance. But on the other, making it an intentional addition makes it a conscious choice and could help guard against cache poisoning attacks when production assets are being built or commits are being pushed to the repository. It's also possible that someone could submit a PR to add I am leaning towards adding it now and auditing where |
||
|
|
||
| - name: Pin npm version for consistency | ||
| run: npm install -g npm@10 | ||
|
|
||
| - name: npm install | ||
| # A "full" install is executed, since `npm ci` does not always exit | ||
| # with an error status code if the lock file is inaccurate. This also | ||
| # helps to catch dependencies not being installed with exact version. | ||
|
|
@@ -63,8 +70,22 @@ jobs: | |
| # See: https://github.com/WordPress/gutenberg/pull/39865 | ||
| run: npm install | ||
|
|
||
|
Member
There was a problem hiding this comment. Noting a couple things about this change to use granular scripts:
Member
Author
There was a problem hiding this comment.
Yes, that is possible. One approach to make sure this scenario is caught could be to run We likely need to just have better documentation and guidance around this within packages. Each package should have a section detailing where any automation or CI/CD testing should be added when updating the package as a reminder. Maybe that could be a reason to introduce a |
||
| - name: Lint package.json files | ||
| run: npm run lint:pkg-json | ||
|
|
||
| - name: Lint package-lock.json file | ||
| run: npm run lint:lockfile | ||
|
|
||
| - name: Validate TypeScript config | ||
| run: npm run lint:tsconfig | ||
|
|
||
| - name: Lint JavaScript | ||
| if: ${{ matrix.annotations }} | ||
| run: npm run lint:js -- --format compact | ||
|
|
||
| - name: Lint Styles | ||
| if: ${{ matrix.annotations }} | ||
| run: npm run lint:css -- --formatter compact | ||
|
|
||
desrosj marked this conversation as resolved.
Show resolved
Hide resolved
|
||
| - name: Type checking | ||
| run: npm run build | ||
|
|
||
Uh oh!
There was an error while loading. Please reload this page.