diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000..526fc81 --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,44 @@ +name: CI + +on: + push: + branches: + - main + pull_request: + branches: + - main + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +permissions: + contents: read + +jobs: + ci: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup Node.js + uses: actions/setup-node@v4 + with: + node-version: '20' + cache: 'npm' + + - name: Install dependencies + run: npm ci + + - name: Type check + run: npx tsc --noEmit + + - name: Lint check + run: npm run check + + - name: Build + run: npm run build + + - name: Security audit + run: npm audit --audit-level=high --omit=dev diff --git a/renovate.json b/renovate.json new file mode 100644 index 0000000..8f2861e --- /dev/null +++ b/renovate.json @@ -0,0 +1,40 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "extends": ["config:recommended"], + "schedule": ["after 10am on saturday"], + "timezone": "Asia/Tokyo", + "packageRules": [ + { + "matchUpdateTypes": ["minor", "patch"], + "matchPackagePatterns": ["*"], + "groupName": "minor and patch dependencies", + "automerge": true + }, + { + "matchUpdateTypes": ["major"], + "matchPackagePatterns": ["*"], + "automerge": false + }, + { + "matchPackagePatterns": ["@ai-sdk/*"], + "groupName": "AI SDK packages" + }, + { + "matchPackagePatterns": ["@radix-ui/*"], + "groupName": "Radix UI packages" + }, + { + "matchPackagePatterns": ["electron", "electron-builder"], + "groupName": "Electron packages", + "automerge": false + }, + { + "matchPackagePatterns": ["@ai-sdk/*", "ai", "next"], + "groupName": "Core framework packages", + "automerge": false + } + ], + "vulnerabilityAlerts": { + "enabled": true + } +}