chore(deps): bump actions/setup-node from 4.4.0 to 6.4.0 #210
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: ci | |
| on: | |
| pull_request: | |
| permissions: read-all | |
| jobs: | |
| ui: | |
| name: ui (build + test + budget) | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 | |
| - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6 | |
| with: | |
| node-version: '22' | |
| cache: 'npm' | |
| cache-dependency-path: ui/package-lock.json | |
| - name: Install UI dependencies | |
| run: npm --prefix ui ci | |
| - name: npm audit | |
| run: npm --prefix ui audit --audit-level=moderate | |
| - name: Type check | |
| run: npm --prefix ui run typecheck | |
| - name: Vitest | |
| run: npm --prefix ui test -- --run --coverage | |
| - name: Build UI | |
| run: npm --prefix ui run build | |
| - name: Assert bundle budget (≤ 640 KiB JS + CSS, initial chunk) | |
| run: | | |
| set -eu | |
| js_bytes=$(stat -c %s ui/dist/assets/index-*.js 2>/dev/null || stat -f %z ui/dist/assets/index-*.js) | |
| css_bytes=$(stat -c %s ui/dist/assets/index-*.css 2>/dev/null || stat -f %z ui/dist/assets/index-*.css) | |
| total=$((js_bytes + css_bytes)) | |
| echo "bundle: ${js_bytes} js + ${css_bytes} css = ${total} bytes" | |
| if [ "$total" -gt 655360 ]; then | |
| echo "::error::Bundle ${total} B exceeds 640 KiB budget" | |
| exit 1 | |
| fi | |
| - name: Upload ui/dist | |
| uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7 | |
| with: | |
| name: ui-dist | |
| path: ui/dist | |
| retention-days: 1 | |
| if-no-files-found: error | |
| test: | |
| name: test (${{ matrix.os }}) | |
| needs: ui | |
| permissions: | |
| contents: read | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: [ubuntu-latest] | |
| runs-on: ${{ matrix.os }} | |
| env: | |
| CGO_ENABLED: "1" | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 | |
| - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6 | |
| with: | |
| go-version-file: go.mod | |
| - name: Go build cache | |
| uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5 | |
| with: | |
| path: | | |
| ~/.cache/go-build | |
| ~/go/pkg/mod | |
| key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} | |
| restore-keys: | | |
| ${{ runner.os }}-go- | |
| # Hydrate ui/dist with the build artifact produced by the `ui` job so | |
| # the //go:embed ui/dist directive has real assets to embed. | |
| - name: Download ui/dist | |
| uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8 | |
| with: | |
| name: ui-dist | |
| path: ui/dist | |
| - name: go vet (cgo + fts5) | |
| run: CGO_ENABLED=1 go vet -tags sqlite_fts5 $(go list ./... | grep -v /ui/node_modules/) | |
| - name: govulncheck | |
| run: | | |
| set -eu | |
| # govulncheck is a first-party golang.org/x module; @latest is | |
| # acceptable here and dependabot can bump the install target. | |
| go install golang.org/x/vuln/cmd/govulncheck@latest | |
| CGO_ENABLED=1 govulncheck -tags sqlite_fts5 ./... | |
| - name: go test (cgo + fts5) | |
| run: CGO_ENABLED=1 go test -tags sqlite_fts5 -timeout 300s $(go list ./... | grep -v /ui/node_modules/) | |
| - name: go build (cgo + fts5) | |
| run: CGO_ENABLED=1 go build -tags sqlite_fts5 -o docsiq ./ | |
| - name: flake-register (every t.Skip / test.skip has a tracked TODO) | |
| run: | | |
| set -euo pipefail | |
| # Every skip must be either: | |
| # (a) on a line with an inline `// TODO(#N):` comment, OR | |
| # (b) immediately preceded by a `// TODO(#N):` comment line. | |
| # Fuzz-callback skips (input filtering) are excluded: they are | |
| # not flake-register entries and carry no issue. | |
| echo "Scanning for t.Skip( without a tracked TODO..." | |
| violations=0 | |
| # Go side | |
| while IFS=: read -r file lineno _; do | |
| if sed -n "${lineno}p" "$file" | grep -qE '// TODO\(#[0-9]+\):'; then | |
| continue | |
| fi | |
| prev=$((lineno - 1)) | |
| if [ "$prev" -gt 0 ] && sed -n "${prev}p" "$file" | grep -qE '// TODO\(#[0-9]+\):'; then | |
| continue | |
| fi | |
| echo "::error file=$file,line=$lineno::t.Skip without TODO(#N): annotation" | |
| violations=$((violations + 1)) | |
| done < <(grep -rn 't\.Skip(' --include='*.go' . | grep -v '_fuzz_test\.go' | grep -v node_modules || true) | |
| # TypeScript side | |
| while IFS=: read -r file lineno _; do | |
| if sed -n "${lineno}p" "$file" | grep -qE '// TODO\(#[0-9]+\):'; then | |
| continue | |
| fi | |
| prev=$((lineno - 1)) | |
| if [ "$prev" -gt 0 ] && sed -n "${prev}p" "$file" | grep -qE '// TODO\(#[0-9]+\):'; then | |
| continue | |
| fi | |
| echo "::error file=$file,line=$lineno::test.skip without TODO(#N): annotation" | |
| violations=$((violations + 1)) | |
| done < <(grep -rn 'test\.skip(' --include='*.ts' --include='*.tsx' ui/ 2>/dev/null | grep -v node_modules || true) | |
| if [ "$violations" -gt 0 ]; then | |
| echo "::error::Found $violations skipped test(s) without a tracking issue. File a flake-register issue and add // TODO(#N): <why> adjacent to the skip." | |
| exit 1 | |
| fi | |
| echo "All skips accounted for." | |
| - name: Upload docsiq binary | |
| uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7 | |
| with: | |
| name: docsiq-${{ matrix.os }} | |
| path: docsiq | |
| retention-days: 7 | |
| if-no-files-found: error | |
| test-integration: | |
| name: integration tests (-race) | |
| needs: ui | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 | |
| - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6 | |
| with: | |
| go-version-file: go.mod | |
| - name: cache go build | |
| uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5 | |
| with: | |
| path: | | |
| ~/.cache/go-build | |
| ~/go/pkg/mod | |
| key: go-integ-${{ hashFiles('go.sum') }} | |
| - name: Download ui/dist | |
| uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8 | |
| with: | |
| name: ui-dist | |
| path: ui/dist | |
| - name: integration tests | |
| # TestHNSW_Recall10k indexes 10k vectors; under -race this pushes well | |
| # past the old 600s. 1200s gives enough slack without being blanket-lax. | |
| run: CGO_ENABLED=1 go test -tags "sqlite_fts5 integration" -race -timeout 1200s ./... |