Skip to content

ci: Comprehensive workflow improvements and new actions#653

Merged
lupu60 merged 6 commits intomasterfrom
ci/workflows-improvement
Jan 27, 2026
Merged

ci: Comprehensive workflow improvements and new actions#653
lupu60 merged 6 commits intomasterfrom
ci/workflows-improvement

Conversation

@lupu60
Copy link
Owner

@lupu60 lupu60 commented Jan 27, 2026

Summary

This PR implements comprehensive improvements to CI/CD workflows and adds new quality assurance workflows.

Changes

Fixed Existing Workflows

  1. codeql-analysis.yml

    • Upgraded to CodeQL v3 actions
    • Added TypeScript language support
    • Added proper build step for TypeScript
    • Configured for monorepo structure

  2. nodejs.yml

    • Split into separate jobs: lint, format, type-check, build, test
    • Added ESLint validation
    • Added Prettier format checking
    • Added TypeScript type checking
    • Added coverage artifact uploads
    • Added test result artifacts
    • Tests all packages (not just changed ones)
    • Matrix testing across Node 18.x, 20.x, 21.x, 22.x

  3. npm-publish.yml (Complete rewrite)

    • Fixed: Now uses Node.js 22.x (was 12!)
    • Upgraded all actions to v4
    • Properly uses Lerna for monorepo publishing
    • Added build-and-test job as prerequisite
    • Added dry-run support via workflow_dispatch
    • Properly handles both npm and GitHub Packages publishing
    • Added Git configuration for Lerna

New Workflows

  1. lint-and-format.yml

    • Dedicated ESLint and Prettier checks
    • Runs on all PRs and pushes
    • Provides helpful error messages

  2. type-check.yml

    • TypeScript type checking for all packages
    • Validates root and package-level configs
    • Fast feedback on type errors

  3. dependency-review.yml

    • Security review of dependency changes
    • Blocks PRs with moderate+ severity issues
    • Blocks GPL licenses

  4. security-audit.yml

    • Weekly scheduled security audits
    • Manual trigger support
    • Creates GitHub issues for vulnerabilities
    • Audits root and all packages

  5. pr-validation.yml

    • Comprehensive PR validation
    • Runs lint, format, type-check, build, tests
    • Posts PR comments with results
    • Single workflow for quick feedback

  6. coverage-report.yml

    • Coverage reporting and tracking
    • Codecov integration (optional token)
    • PR coverage comments
    • Coverage thresholds

Benefits

  • ✅ All workflows use latest stable action versions (v4+)
  • ✅ Proper Node.js version support (18-22)
  • ✅ Comprehensive quality gates
  • ✅ Security scanning on all PRs
  • ✅ Automated vulnerability detection
  • ✅ Better test coverage tracking
  • ✅ Proper Lerna monorepo support
  • ✅ Faster feedback with parallel jobs
  • ✅ Artifact retention for debugging

Testing

  • All workflows validated for syntax
  • Workflows follow GitHub Actions best practices
  • Proper caching configured
  • Artifact uploads configured

Notes

  • Some workflows require optional secrets (CODECOV_TOKEN) but will work without them
  • Security audit creates issues but doesn't fail the workflow
  • Coverage reporting requires Codecov token for full functionality

Related

Addresses the need for modern, comprehensive CI/CD workflows for the monorepo.

lupu60 added 2 commits January 27, 2026 14:59
@lupu60
ci: comprehensive workflow improvements and new actions
5f02787 
- Modernize all workflows to use latest action versions (v4+)
- Fix npm-publish.yml: use Node 22.x, proper Lerna publishing
- Enhance nodejs.yml: add lint, format, type-check, coverage reporting
- Update codeql-analysis.yml: add TypeScript support, latest actions
- Add lint-and-format.yml: dedicated code quality checks
- Add type-check.yml: TypeScript validation workflow
- Add dependency-review.yml: security review for PRs
- Add security-audit.yml: weekly vulnerability scanning
- Add pr-validation.yml: comprehensive PR validation with comments
- Add coverage-report.yml: coverage tracking and reporting

All workflows now properly support the Lerna monorepo structure.
@lupu60
refactor: clean up and optimize code formatting across multiple files
0733611 
- Removed unnecessary line breaks and improved code readability in bunyan-logger.service.ts, spec-parser.ts, typeorm-paginate.ts, and typeorm-upsert.ts.
- Enhanced consistency in function parameter formatting and object assignments.
- Minor adjustments in test files to align with updated code structure.

These changes aim to maintain code quality and improve maintainability.
@github-advanced-security
Copy link
Contributor

github-advanced-security bot commented Jan 27, 2026

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

lupu60 added 4 commits January 27, 2026 15:03
@lupu60
fix: migrate ESLint to v9 flat config and fix linting errors
5afeac2 
- Migrate from .eslintrc.js to eslint.config.js (ESLint 9 flat config)
- Install typescript-eslint packages for TypeScript support
- Fix all linting errors across packages:
  - Replace == with === in bunyan-logger and winston-logger
  - Remove unused error variables
  - Allow snake_case for database column names and API interfaces
  - Allow require() for Node.js built-ins and JSON files
  - Disable overly strict rules for NestJS patterns (Function type)
- Add 'type: module' to package.json for ESLint config
- Update ESLint config to match semistandard/standard style
@lupu60
fix: sync ESLint and Prettier configurations
6d1b19b 
- Install eslint-config-prettier to disable conflicting ESLint formatting rules
- Remove formatting rules from ESLint (semi, quotes, comma-dangle, etc.)
  as Prettier handles all formatting
- Keep code quality rules in ESLint (eqeqeq, curly, no-var, etc.)
- Format and lint now work together without conflicts

This ensures that running 'npm run format' followed by 'npm run lint'
will always pass, and vice versa.
@lupu60
chore: update Node.js version support to include Node 24 LTS
54b3cd6 
- Update engines field to support Node >=18 <=24 (was <=22)
- Update CI test matrix to test Node 24.x instead of 21.x (EoL)
- Node 24 (Krypton) is now Active LTS
- Node 22 (Jod) remains Maintenance LTS
- Node 20 (Iron) remains Maintenance LTS
- Node 18 (Hydrogen) is EoL but kept for backward compatibility
@lupu60
chore: remove coverage report workflow
41532d0 
- Deleted the coverage-report.yml file from GitHub workflows as it is no longer needed for CI/CD processes.
@lupu60 lupu60 merged commit a88c06a into master Jan 27, 2026
18 checks passed
@lupu60 lupu60 deleted the ci/workflows-improvement branch February 2, 2026 11:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@lupu60