From 5d1e14f2c74429b16dffa71d93bf0fc41e6f14a3 Mon Sep 17 00:00:00 2001 From: Varderes Barsegyan Date: Thu, 12 Mar 2026 12:36:34 -0500 Subject: [PATCH 1/6] chore: upgrade GitHub Actions for Node 24 --- .github/workflows/ci.yml | 4 ++-- .github/workflows/codeql.yml | 2 +- .github/workflows/release.yml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index bcf8ac9..36a3ceb 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Setup Node.js uses: actions/setup-node@v4 @@ -60,7 +60,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Setup Node.js uses: actions/setup-node@v4 diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 2a5aaff..eef64bd 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -28,7 +28,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Initialize CodeQL uses: github/codeql-action/init@v3 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 00273cf..08c0965 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Setup Node.js uses: actions/setup-node@v4 From 36a52b02b0c89d5e7a64d95d97ecae383e6d0ed6 Mon Sep 17 00:00:00 2001 From: Codex Date: Thu, 12 Mar 2026 15:33:47 -0500 Subject: [PATCH 2/6] chore: update GitHub Actions for Node 24 --- .github/workflows/ci.yml | 6 +++--- .github/workflows/codeql.yml | 6 +++--- .github/workflows/release.yml | 2 +- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 36a3ceb..152d598 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -17,7 +17,7 @@ jobs: uses: actions/checkout@v5 - name: Setup Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@v6 with: node-version-file: .node-version @@ -39,7 +39,7 @@ jobs: run: bun run test:coverage - name: Upload coverage artifact - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: coverage path: coverage/ @@ -63,7 +63,7 @@ jobs: uses: actions/checkout@v5 - name: Setup Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@v6 with: node-version-file: .node-version diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index eef64bd..fa73d9f 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -31,12 +31,12 @@ jobs: uses: actions/checkout@v5 - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@v4 with: languages: ${{ matrix.language }} - name: Setup Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@v6 with: node-version-file: .node-version @@ -52,6 +52,6 @@ jobs: run: bun run build - name: Perform CodeQL analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@v4 with: category: "/language:${{ matrix.language }}" diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 08c0965..384c3e5 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -20,7 +20,7 @@ jobs: uses: actions/checkout@v5 - name: Setup Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@v6 with: node-version-file: .node-version registry-url: https://registry.npmjs.org From 2dc0083e211d1acf2d47fd952318178961a48b56 Mon Sep 17 00:00:00 2001 From: Varderes Barsegyan Date: Thu, 12 Mar 2026 17:30:52 -0500 Subject: [PATCH 3/6] Reduce remaining Node 20 workflow warnings --- .github/workflows/ci.yml | 5 ++++- .github/workflows/codeql.yml | 3 +++ .github/workflows/release.yml | 3 +++ 3 files changed, 10 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 152d598..9224fd3 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -8,6 +8,9 @@ on: permissions: contents: read +env: + FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: "true" + jobs: test: name: Unit, Integration, and Coverage @@ -49,7 +52,7 @@ jobs: env: CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} if: ${{ env.CODECOV_TOKEN != '' }} - uses: codecov/codecov-action@v4 + uses: codecov/codecov-action@v5 with: token: ${{ env.CODECOV_TOKEN }} files: coverage/lcov.info diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index fa73d9f..57913ba 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -16,6 +16,9 @@ permissions: contents: read security-events: write +env: + FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: "true" + jobs: analyze: name: Analyze (JavaScript/TypeScript) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 384c3e5..6bef83e 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -11,6 +11,9 @@ permissions: artifact-metadata: write packages: write +env: + FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: "true" + jobs: npm-publish: name: Publish npm Package From a5bd8914dc0a6814df39a79123e63036b9657bf6 Mon Sep 17 00:00:00 2001 From: Varderes Barsegyan Date: Thu, 12 Mar 2026 17:40:09 -0500 Subject: [PATCH 4/6] Replace Bun setup action in workflows --- .github/workflows/ci.yml | 26 ++++++++++++++++++++------ .github/workflows/codeql.yml | 13 ++++++++++--- .github/workflows/release.yml | 13 ++++++++++--- 3 files changed, 40 insertions(+), 12 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 9224fd3..6db91a7 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -25,9 +25,16 @@ jobs: node-version-file: .node-version - name: Setup Bun - uses: oven-sh/setup-bun@v2 - with: - bun-version-file: .bun-version + run: | + BUN_VERSION="$(tr -d '\n' < .bun-version)" + BUN_VERSION="${BUN_VERSION#bun-v}" + BUN_VERSION="${BUN_VERSION#v}" + if ! command -v unzip >/dev/null; then + sudo apt-get update + sudo apt-get install -y unzip + fi + curl -fsSL https://bun.sh/install | bash -s "bun-v${BUN_VERSION}" + echo "$HOME/.bun/bin" >> "$GITHUB_PATH" - name: Install dependencies run: bun install --frozen-lockfile @@ -71,9 +78,16 @@ jobs: node-version-file: .node-version - name: Setup Bun - uses: oven-sh/setup-bun@v2 - with: - bun-version-file: .bun-version + run: | + BUN_VERSION="$(tr -d '\n' < .bun-version)" + BUN_VERSION="${BUN_VERSION#bun-v}" + BUN_VERSION="${BUN_VERSION#v}" + if ! command -v unzip >/dev/null; then + sudo apt-get update + sudo apt-get install -y unzip + fi + curl -fsSL https://bun.sh/install | bash -s "bun-v${BUN_VERSION}" + echo "$HOME/.bun/bin" >> "$GITHUB_PATH" - name: Install dependencies run: bun install --frozen-lockfile diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 57913ba..263e1ab 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -44,9 +44,16 @@ jobs: node-version-file: .node-version - name: Setup Bun - uses: oven-sh/setup-bun@v2 - with: - bun-version-file: .bun-version + run: | + BUN_VERSION="$(tr -d '\n' < .bun-version)" + BUN_VERSION="${BUN_VERSION#bun-v}" + BUN_VERSION="${BUN_VERSION#v}" + if ! command -v unzip >/dev/null; then + sudo apt-get update + sudo apt-get install -y unzip + fi + curl -fsSL https://bun.sh/install | bash -s "bun-v${BUN_VERSION}" + echo "$HOME/.bun/bin" >> "$GITHUB_PATH" - name: Install dependencies run: bun install --frozen-lockfile diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 6bef83e..b62f4bb 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -29,9 +29,16 @@ jobs: registry-url: https://registry.npmjs.org - name: Setup Bun - uses: oven-sh/setup-bun@v2 - with: - bun-version-file: .bun-version + run: | + BUN_VERSION="$(tr -d '\n' < .bun-version)" + BUN_VERSION="${BUN_VERSION#bun-v}" + BUN_VERSION="${BUN_VERSION#v}" + if ! command -v unzip >/dev/null; then + sudo apt-get update + sudo apt-get install -y unzip + fi + curl -fsSL https://bun.sh/install | bash -s "bun-v${BUN_VERSION}" + echo "$HOME/.bun/bin" >> "$GITHUB_PATH" - name: Install dependencies run: bun install --frozen-lockfile From 1228b7f9f503e42a71cd738e58d1ee8e34ec7a25 Mon Sep 17 00:00:00 2001 From: Varderes Barsegyan Date: Fri, 13 Mar 2026 08:13:56 -0500 Subject: [PATCH 5/6] fix: upload OCO coverage with the Codecov CLI --- .github/workflows/ci.yml | 24 +++++++++++++++++++----- 1 file changed, 19 insertions(+), 5 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 6db91a7..8784883 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -59,11 +59,25 @@ jobs: env: CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} if: ${{ env.CODECOV_TOKEN != '' }} - uses: codecov/codecov-action@v5 - with: - token: ${{ env.CODECOV_TOKEN }} - files: coverage/lcov.info - fail_ci_if_error: false + run: | + python3 -m pip install --user codecov-cli + export PATH="$HOME/.local/bin:$PATH" + + args=( + do-upload + --git-service github + --token "$CODECOV_TOKEN" + --slug "$GITHUB_REPOSITORY" + --commit-sha "$GITHUB_SHA" + --file coverage/lcov.info + --disable-search + ) + + if [ "${{ github.event_name }}" = "pull_request" ]; then + args+=( --pull-request-number "${{ github.event.pull_request.number }}" ) + fi + + codecovcli "${args[@]}" || echo "Codecov upload failed; continuing because fail_ci_if_error is disabled." security-audit: name: Dependency Security Audit From 98941bdaa52edb72479a74a5809bf5dbb76ec15a Mon Sep 17 00:00:00 2001 From: Varderes Barsegyan Date: Fri, 13 Mar 2026 08:17:06 -0500 Subject: [PATCH 6/6] refactor: share bun setup across workflows --- .github/workflows/ci.yml | 22 ++-------------------- .github/workflows/codeql.yml | 11 +---------- .github/workflows/release.yml | 11 +---------- scripts/setup-bun.sh | 15 +++++++++++++++ 4 files changed, 19 insertions(+), 40 deletions(-) create mode 100644 scripts/setup-bun.sh diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 8784883..f9efab6 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -25,16 +25,7 @@ jobs: node-version-file: .node-version - name: Setup Bun - run: | - BUN_VERSION="$(tr -d '\n' < .bun-version)" - BUN_VERSION="${BUN_VERSION#bun-v}" - BUN_VERSION="${BUN_VERSION#v}" - if ! command -v unzip >/dev/null; then - sudo apt-get update - sudo apt-get install -y unzip - fi - curl -fsSL https://bun.sh/install | bash -s "bun-v${BUN_VERSION}" - echo "$HOME/.bun/bin" >> "$GITHUB_PATH" + run: bash ./scripts/setup-bun.sh - name: Install dependencies run: bun install --frozen-lockfile @@ -92,16 +83,7 @@ jobs: node-version-file: .node-version - name: Setup Bun - run: | - BUN_VERSION="$(tr -d '\n' < .bun-version)" - BUN_VERSION="${BUN_VERSION#bun-v}" - BUN_VERSION="${BUN_VERSION#v}" - if ! command -v unzip >/dev/null; then - sudo apt-get update - sudo apt-get install -y unzip - fi - curl -fsSL https://bun.sh/install | bash -s "bun-v${BUN_VERSION}" - echo "$HOME/.bun/bin" >> "$GITHUB_PATH" + run: bash ./scripts/setup-bun.sh - name: Install dependencies run: bun install --frozen-lockfile diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 263e1ab..f16d6d6 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -44,16 +44,7 @@ jobs: node-version-file: .node-version - name: Setup Bun - run: | - BUN_VERSION="$(tr -d '\n' < .bun-version)" - BUN_VERSION="${BUN_VERSION#bun-v}" - BUN_VERSION="${BUN_VERSION#v}" - if ! command -v unzip >/dev/null; then - sudo apt-get update - sudo apt-get install -y unzip - fi - curl -fsSL https://bun.sh/install | bash -s "bun-v${BUN_VERSION}" - echo "$HOME/.bun/bin" >> "$GITHUB_PATH" + run: bash ./scripts/setup-bun.sh - name: Install dependencies run: bun install --frozen-lockfile diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index b62f4bb..b0eb50f 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -29,16 +29,7 @@ jobs: registry-url: https://registry.npmjs.org - name: Setup Bun - run: | - BUN_VERSION="$(tr -d '\n' < .bun-version)" - BUN_VERSION="${BUN_VERSION#bun-v}" - BUN_VERSION="${BUN_VERSION#v}" - if ! command -v unzip >/dev/null; then - sudo apt-get update - sudo apt-get install -y unzip - fi - curl -fsSL https://bun.sh/install | bash -s "bun-v${BUN_VERSION}" - echo "$HOME/.bun/bin" >> "$GITHUB_PATH" + run: bash ./scripts/setup-bun.sh - name: Install dependencies run: bun install --frozen-lockfile diff --git a/scripts/setup-bun.sh b/scripts/setup-bun.sh new file mode 100644 index 0000000..9b513e9 --- /dev/null +++ b/scripts/setup-bun.sh @@ -0,0 +1,15 @@ +#!/usr/bin/env bash + +set -euo pipefail + +BUN_VERSION="$(tr -d '\n' < .bun-version)" +BUN_VERSION="${BUN_VERSION#bun-v}" +BUN_VERSION="${BUN_VERSION#v}" + +if ! command -v unzip >/dev/null; then + sudo apt-get update + sudo apt-get install -y unzip +fi + +curl -fsSL https://bun.sh/install | bash -s "bun-v${BUN_VERSION}" +echo "$HOME/.bun/bin" >> "$GITHUB_PATH"