From b4f8c49a06657f9c9ce7c314d3e554410dc4c265 Mon Sep 17 00:00:00 2001 From: Andreas Stassivik Date: Fri, 1 Nov 2024 23:48:21 -0700 Subject: [PATCH 1/9] authenticate `turborepo` in GitHub Actions --- .github/workflows/continuous-delivery.yml | 3 +++ .github/workflows/continuous-integration.yml | 2 ++ .github/workflows/security.yml | 2 ++ 3 files changed, 7 insertions(+) diff --git a/.github/workflows/continuous-delivery.yml b/.github/workflows/continuous-delivery.yml index d5e0d17..1141cb6 100644 --- a/.github/workflows/continuous-delivery.yml +++ b/.github/workflows/continuous-delivery.yml @@ -6,7 +6,10 @@ on: jobs: publish-npm: + env: + TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }} if: github.event.pull_request.merged + name: Publish to npm permissions: contents: read id-token: write diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index 0d0b5be..9d5bd5a 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -8,6 +8,8 @@ on: jobs: test: + env: + TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }} name: Test runs-on: ${{ matrix.os }} diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index e486abf..3c341a1 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -10,6 +10,8 @@ on: jobs: codeql: + env: + TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }} name: CodeQL permissions: packages: read From 3e2f5e8327d59d77d6fcea64c416087f74b925d6 Mon Sep 17 00:00:00 2001 From: Andreas Stassivik Date: Sat, 2 Nov 2024 00:44:30 -0700 Subject: [PATCH 2/9] `turbo` telemetry opt-out --- .github/workflows/continuous-delivery.yml | 1 + .github/workflows/continuous-integration.yml | 1 + .github/workflows/security.yml | 1 + 3 files changed, 3 insertions(+) diff --git a/.github/workflows/continuous-delivery.yml b/.github/workflows/continuous-delivery.yml index 1141cb6..287be27 100644 --- a/.github/workflows/continuous-delivery.yml +++ b/.github/workflows/continuous-delivery.yml @@ -7,6 +7,7 @@ on: jobs: publish-npm: env: + TURBO_TELEMETRY_DISABLED: 1 TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }} if: github.event.pull_request.merged name: Publish to npm diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index 9d5bd5a..ca6f16f 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -9,6 +9,7 @@ on: jobs: test: env: + TURBO_TELEMETRY_DISABLED: 1 TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }} name: Test runs-on: ${{ matrix.os }} diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 3c341a1..a48b04e 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -11,6 +11,7 @@ on: jobs: codeql: env: + TURBO_TELEMETRY_DISABLED: 1 TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }} name: CodeQL permissions: From d7d2c988d102c7223a8d907bcdc332b22d1f57ae Mon Sep 17 00:00:00 2001 From: Andreas Stassivik Date: Sat, 2 Nov 2024 13:07:18 -0700 Subject: [PATCH 3/9] =?UTF-8?q?`TURBO=5FTEAM`=20repository=20variable=20re?= =?UTF-8?q?quired=20to=20enable=20remote=20caching=20in=20GitHub=20Actions?= =?UTF-8?q?=20=E2=80=94=20https://turbo.build/repo/docs/guides/ci-vendors/?= =?UTF-8?q?github-actions?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/continuous-delivery.yml | 1 + .github/workflows/continuous-integration.yml | 1 + .github/workflows/security.yml | 1 + 3 files changed, 3 insertions(+) diff --git a/.github/workflows/continuous-delivery.yml b/.github/workflows/continuous-delivery.yml index 287be27..75e4c98 100644 --- a/.github/workflows/continuous-delivery.yml +++ b/.github/workflows/continuous-delivery.yml @@ -7,6 +7,7 @@ on: jobs: publish-npm: env: + TURBO_TEAM: ${{ vars.TURBO_TEAM }} TURBO_TELEMETRY_DISABLED: 1 TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }} if: github.event.pull_request.merged diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index ca6f16f..b8cd6e7 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -9,6 +9,7 @@ on: jobs: test: env: + TURBO_TEAM: ${{ vars.TURBO_TEAM }} TURBO_TELEMETRY_DISABLED: 1 TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }} name: Test diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index a48b04e..8b85a29 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -11,6 +11,7 @@ on: jobs: codeql: env: + TURBO_TEAM: ${{ vars.TURBO_TEAM }} TURBO_TELEMETRY_DISABLED: 1 TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }} name: CodeQL From dd0e3ea78bbe06daba3fce6d909e42945057eadf Mon Sep 17 00:00:00 2001 From: Andreas Stassivik Date: Sat, 2 Nov 2024 14:27:40 -0700 Subject: [PATCH 4/9] `TURBO_TELEMETRY_DISABLED` hoisted to repository variable scope --- .github/workflows/continuous-delivery.yml | 2 +- .github/workflows/continuous-integration.yml | 2 +- .github/workflows/security.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/continuous-delivery.yml b/.github/workflows/continuous-delivery.yml index 75e4c98..8e66910 100644 --- a/.github/workflows/continuous-delivery.yml +++ b/.github/workflows/continuous-delivery.yml @@ -8,7 +8,7 @@ jobs: publish-npm: env: TURBO_TEAM: ${{ vars.TURBO_TEAM }} - TURBO_TELEMETRY_DISABLED: 1 + TURBO_TELEMETRY_DISABLED: ${{ vars.TURBO_TELEMETRY_DISABLED }} TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }} if: github.event.pull_request.merged name: Publish to npm diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index b8cd6e7..c3faa24 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -10,7 +10,7 @@ jobs: test: env: TURBO_TEAM: ${{ vars.TURBO_TEAM }} - TURBO_TELEMETRY_DISABLED: 1 + TURBO_TELEMETRY_DISABLED: ${{ vars.TURBO_TELEMETRY_DISABLED }} TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }} name: Test runs-on: ${{ matrix.os }} diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 8b85a29..c978472 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -12,7 +12,7 @@ jobs: codeql: env: TURBO_TEAM: ${{ vars.TURBO_TEAM }} - TURBO_TELEMETRY_DISABLED: 1 + TURBO_TELEMETRY_DISABLED: ${{ vars.TURBO_TELEMETRY_DISABLED }} TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }} name: CodeQL permissions: From 70f45a0f9c6c776edb47fcd89d323d12290d4989 Mon Sep 17 00:00:00 2001 From: Andreas Stassivik Date: Sun, 3 Nov 2024 00:57:08 -0700 Subject: [PATCH 5/9] update `github/codeql-action@v3.27.0` --- .github/workflows/security.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index c978472..b392ff4 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -38,15 +38,15 @@ jobs: run: npm test - name: Initialization - uses: github/codeql-action/init@v3.26.9 + uses: github/codeql-action/init@v3.27.0 with: languages: 'javascript-typescript' - name: Analysis - uses: github/codeql-action/analyze@v3.26.9 + uses: github/codeql-action/analyze@v3.27.0 - name: Results upload - uses: github/codeql-action/upload-sarif@v3.26.9 + uses: github/codeql-action/upload-sarif@v3.27.0 with: category: codeql-analysis @@ -79,7 +79,7 @@ jobs: args: --sarif-file-output=snyk.sarif - name: Results upload - uses: github/codeql-action/upload-sarif@v3.26.9 + uses: github/codeql-action/upload-sarif@v3.27.0 with: category: snyk-analysis sarif_file: snyk.sarif From a76e3bceb8c56f6c4346b727b6642aa1283dcffd Mon Sep 17 00:00:00 2001 From: Andreas Stassivik Date: Sun, 3 Nov 2024 00:59:49 -0700 Subject: [PATCH 6/9] update `actions/setup-node@v4.1.0` --- .github/workflows/continuous-delivery.yml | 2 +- .github/workflows/continuous-integration.yml | 2 +- .github/workflows/security.yml | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/continuous-delivery.yml b/.github/workflows/continuous-delivery.yml index 8e66910..67b35b9 100644 --- a/.github/workflows/continuous-delivery.yml +++ b/.github/workflows/continuous-delivery.yml @@ -22,7 +22,7 @@ jobs: uses: actions/checkout@v4.1.7 - name: Node.js setup - uses: actions/setup-node@v4.0.4 + uses: actions/setup-node@v4.1.0 with: cache: npm cache-dependency-path: package-lock.json diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index c3faa24..1bda147 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -25,7 +25,7 @@ jobs: uses: actions/checkout@v4.1.7 - name: Node.js setup ${{ matrix.node-version }} - uses: actions/setup-node@v4.0.4 + uses: actions/setup-node@v4.1.0 with: cache: npm cache-dependency-path: package-lock.json diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index b392ff4..4b62117 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -25,7 +25,7 @@ jobs: uses: actions/checkout@v4.1.7 - name: Node.js setup - uses: actions/setup-node@v4.0.4 + uses: actions/setup-node@v4.1.0 with: cache: npm cache-dependency-path: package-lock.json @@ -61,7 +61,7 @@ jobs: uses: actions/checkout@v4.1.7 - name: Node.js setup - uses: actions/setup-node@v4.0.4 + uses: actions/setup-node@v4.1.0 with: cache: npm cache-dependency-path: package-lock.json From c17410d187f850bbd0a190d37d94757bdb95e3c6 Mon Sep 17 00:00:00 2001 From: Andreas Stassivik Date: Sun, 3 Nov 2024 01:03:40 -0700 Subject: [PATCH 7/9] update `actions/checkout@v4.2.2` --- .github/workflows/continuous-delivery.yml | 2 +- .github/workflows/continuous-integration.yml | 2 +- .github/workflows/security.yml | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/continuous-delivery.yml b/.github/workflows/continuous-delivery.yml index 67b35b9..a3a7bd9 100644 --- a/.github/workflows/continuous-delivery.yml +++ b/.github/workflows/continuous-delivery.yml @@ -19,7 +19,7 @@ jobs: steps: - name: Repository checkout - uses: actions/checkout@v4.1.7 + uses: actions/checkout@v4.2.2 - name: Node.js setup uses: actions/setup-node@v4.1.0 diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index 1bda147..a6d8742 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -22,7 +22,7 @@ jobs: steps: - name: Repository checkout - uses: actions/checkout@v4.1.7 + uses: actions/checkout@v4.2.2 - name: Node.js setup ${{ matrix.node-version }} uses: actions/setup-node@v4.1.0 diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 4b62117..720da6f 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -22,7 +22,7 @@ jobs: steps: - name: Repository checkout - uses: actions/checkout@v4.1.7 + uses: actions/checkout@v4.2.2 - name: Node.js setup uses: actions/setup-node@v4.1.0 @@ -58,7 +58,7 @@ jobs: steps: - name: Repository checkout - uses: actions/checkout@v4.1.7 + uses: actions/checkout@v4.2.2 - name: Node.js setup uses: actions/setup-node@v4.1.0 From f8f889e757f7994911e6dfb77fd58ad63dc96abd Mon Sep 17 00:00:00 2001 From: Andreas Stassivik Date: Sun, 3 Nov 2024 01:33:38 -0700 Subject: [PATCH 8/9] update npm lockfile --- package-lock.json | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/package-lock.json b/package-lock.json index 3fd1fd8..a89eb5e 100644 --- a/package-lock.json +++ b/package-lock.json @@ -2347,9 +2347,9 @@ } }, "node_modules/@types/node": { - "version": "22.8.6", - "resolved": "https://registry.npmjs.org/@types/node/-/node-22.8.6.tgz", - "integrity": "sha512-tosuJYKrIqjQIlVCM4PEGxOmyg3FCPa/fViuJChnGeEIhjA46oy8FMVoF9su1/v8PNs2a8Q0iFNyOx0uOF91nw==", + "version": "22.8.7", + "resolved": "https://registry.npmjs.org/@types/node/-/node-22.8.7.tgz", + "integrity": "sha512-LidcG+2UeYIWcMuMUpBKOnryBWG/rnmOHQR5apjn8myTQcx3rinFRn7DcIFhMnS0PPFSC6OafdIKEad0lj6U0Q==", "dev": true, "license": "MIT", "dependencies": { @@ -3798,9 +3798,9 @@ } }, "node_modules/caniuse-lite": { - "version": "1.0.30001676", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001676.tgz", - "integrity": "sha512-Qz6zwGCiPghQXGJvgQAem79esjitvJ+CxSbSQkW9H/UX5hg8XM88d4lp2W+MEQ81j+Hip58Il+jGVdazk1z9cw==", + "version": "1.0.30001677", + "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001677.tgz", + "integrity": "sha512-fmfjsOlJUpMWu+mAAtZZZHz7UEwsUxIIvu1TJfO1HqFQvB/B+ii0xr9B5HpbZY/mC4XZ8SvjHJqtAY6pDPQEog==", "dev": true, "funding": [ { From 4d4990ab6ef7c845c2e081e4cb8deadcb03b6218 Mon Sep 17 00:00:00 2001 From: Andreas Stassivik Date: Sun, 3 Nov 2024 01:38:11 -0700 Subject: [PATCH 9/9] 0.0.74 --- package-lock.json | 4 ++-- package.json | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/package-lock.json b/package-lock.json index a89eb5e..1508e0d 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "@stassi/leaf", - "version": "0.0.73", + "version": "0.0.74", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "@stassi/leaf", - "version": "0.0.73", + "version": "0.0.74", "cpu": [ "arm64", "x64" diff --git a/package.json b/package.json index 905f153..97b0515 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@stassi/leaf", - "version": "0.0.73", + "version": "0.0.74", "description": "Leaflet adapter.", "keywords": [ "cartography",