chore(deps): bump @vercel/speed-insights from 1.2.0 to 1.3.1 #100
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI/CD Pipeline | |
| on: | |
| push: | |
| branches: [main] | |
| pull_request: | |
| branches: [main] | |
| workflow_dispatch: | |
| env: | |
| NODE_OPTIONS: --max-old-space-size=4096 | |
| jobs: | |
| # Job 1: Quality Gates (Type checking, Testing, Building) | |
| quality-gates: | |
| name: Quality Gates | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| node-version: [20, 22, 24] | |
| os: [ubuntu-latest, windows-latest] | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Setup Node.js ${{ matrix.node-version }} | |
| uses: actions/setup-node@v6 | |
| with: | |
| node-version: ${{ matrix.node-version }} | |
| cache: 'npm' | |
| registry-url: https://registry.npmjs.org | |
| - name: Cache node modules | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/.npm | |
| key: ${{ runner.os }}-node-${{ matrix.node-version }}-${{ hashFiles('**/package-lock.json') }} | |
| restore-keys: | | |
| ${{ runner.os }}-node-${{ matrix.node-version }}- | |
| ${{ runner.os }}-node- | |
| - name: Install dependencies | |
| shell: bash | |
| run: | | |
| if [ -f package-lock.json ]; then | |
| npm ci | |
| else | |
| npm install | |
| fi | |
| - name: Build core package first | |
| run: npm run build --workspace=packages/core | |
| - name: TypeScript type checking | |
| run: npm run typecheck | |
| - name: Run tests with coverage | |
| run: npm run test:coverage | |
| env: | |
| CI: true | |
| - name: Build all packages | |
| run: npm run build | |
| - name: Upload test coverage (Ubuntu Node 22 only) | |
| if: matrix.os == 'ubuntu-latest' && matrix.node-version == 22 | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: coverage-report | |
| path: packages/core/coverage/ | |
| retention-days: 7 | |
| - name: Upload build artifacts (Ubuntu Node 22 only) | |
| if: matrix.os == 'ubuntu-latest' && matrix.node-version == 22 | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: dist-artifacts | |
| path: packages/core/dist/ | |
| retention-days: 7 | |
| - name: Verify package integrity | |
| if: matrix.os == 'ubuntu-latest' && matrix.node-version == 22 | |
| shell: bash | |
| run: | | |
| echo "Running package integrity verification..." | |
| # Test dry run first | |
| npm pack --dry-run | |
| # Create actual package for inspection | |
| echo "Creating test package..." | |
| PACKAGE_FILE=$(npm pack --silent 2>/dev/null) || { | |
| echo "β Failed to create package" | |
| exit 1 | |
| } | |
| if [ -z "$PACKAGE_FILE" ]; then | |
| echo "β Package file name is empty" | |
| exit 1 | |
| fi | |
| echo "Package created: $PACKAGE_FILE" | |
| # Verify package exists and is readable | |
| if [ ! -f "$PACKAGE_FILE" ]; then | |
| echo "β Package file not found: $PACKAGE_FILE" | |
| exit 1 | |
| fi | |
| # Show package size | |
| PACKAGE_SIZE=$(du -h "$PACKAGE_FILE" | cut -f1) | |
| echo "Package size: $PACKAGE_SIZE" | |
| # List package contents safely | |
| echo "Package contents (first 20 files):" | |
| tar -tzf "$PACKAGE_FILE" 2>/dev/null | head -20 || { | |
| echo "β οΈ Could not list package contents, but package was created successfully" | |
| } | |
| # Clean up | |
| echo "Cleaning up test package..." | |
| rm -f "$PACKAGE_FILE" | |
| echo "β Package integrity verification completed" | |
| # Job 2: Package Publishing (only on main branch success) | |
| publish: | |
| name: Publish to NPM | |
| needs: quality-gates | |
| runs-on: ubuntu-latest | |
| if: github.ref == 'refs/heads/main' && (github.event_name == 'push' || github.event_name == 'workflow_dispatch') | |
| permissions: | |
| contents: write | |
| packages: write | |
| pull-requests: read | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Setup Node.js 22 | |
| uses: actions/setup-node@v6 | |
| with: | |
| node-version: 22 | |
| cache: npm | |
| registry-url: https://registry.npmjs.org | |
| - name: Install dependencies | |
| shell: bash | |
| run: | | |
| if [ -f package-lock.json ]; then | |
| npm ci | |
| else | |
| npm install | |
| fi | |
| - name: Build core package for publishing | |
| run: npm run build --workspace=packages/core | |
| - name: Verify build output before publishing | |
| shell: bash | |
| run: | | |
| echo "Verifying build completed successfully..." | |
| ls -la packages/core/dist/ | |
| if [ ! -f "packages/core/dist/index.js" ]; then | |
| echo "Error: Build did not generate index.js" | |
| exit 1 | |
| fi | |
| if [ ! -f "packages/core/dist/index.d.ts" ]; then | |
| echo "Error: Build did not generate index.d.ts" | |
| exit 1 | |
| fi | |
| echo "Build verification passed - ready for publishing" | |
| - name: Check if version changed | |
| id: version-check | |
| shell: bash | |
| run: | | |
| CURRENT_VERSION=$(node -p "require('./packages/core/package.json').version") | |
| # Check if this version exists on npm | |
| if npm view @koalafacts/hero-crypto-csv-parser@$CURRENT_VERSION version 2>/dev/null; then | |
| echo "Version $CURRENT_VERSION already published" | |
| echo "should_publish=false" >> $GITHUB_OUTPUT | |
| else | |
| echo "Version $CURRENT_VERSION not found on npm" | |
| echo "should_publish=true" >> $GITHUB_OUTPUT | |
| fi | |
| echo "current_version=$CURRENT_VERSION" >> $GITHUB_OUTPUT | |
| - name: Publish to NPM | |
| if: steps.version-check.outputs.should_publish == 'true' | |
| working-directory: packages/core | |
| run: npm publish --access public | |
| env: | |
| NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} | |
| - name: Create git tag | |
| if: steps.version-check.outputs.should_publish == 'true' | |
| shell: bash | |
| run: | | |
| VERSION="${{ steps.version-check.outputs.current_version }}" | |
| git config --local user.email "action@github.com" | |
| git config --local user.name "GitHub Action" | |
| git tag -a "v$VERSION" -m "Release v$VERSION" | |
| git push origin "v$VERSION" | |
| - name: Create GitHub Release | |
| if: steps.version-check.outputs.should_publish == 'true' | |
| shell: bash | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| VERSION="${{ steps.version-check.outputs.current_version }}" | |
| # Create release body | |
| cat > release_notes.md << EOF | |
| ## π @koalafacts/hero-crypto-csv-parser v$VERSION | |
| This release includes the latest features and improvements to the Hero Crypto CSV Parser library. | |
| ### π¦ Installation | |
| \`\`\`bash | |
| npm install @koalafacts/hero-crypto-csv-parser@$VERSION | |
| \`\`\` | |
| ### π What's New | |
| - Check the commit history for detailed changes since the last release | |
| ### π§ͺ Quality Assurance | |
| - β All tests passed on Node.js 20, 22, 24 | |
| - β TypeScript compilation verified | |
| - β Security audit passed | |
| - β Package integrity verified | |
| **Full Changelog**: https://github.com/${{ github.repository }}/commits/v$VERSION | |
| EOF | |
| # Create the release | |
| gh release create "v$VERSION" \ | |
| --title "Release v$VERSION" \ | |
| --notes-file release_notes.md \ | |
| --latest | |
| - name: Post-publish verification | |
| if: steps.version-check.outputs.should_publish == 'true' | |
| shell: bash | |
| run: | | |
| echo "Waiting for package to be available..." | |
| sleep 30 | |
| # Verify the package was published successfully | |
| PUBLISHED_VERSION=$(npm view @koalafacts/hero-crypto-csv-parser version) | |
| EXPECTED_VERSION="${{ steps.version-check.outputs.current_version }}" | |
| if [ "$PUBLISHED_VERSION" = "$EXPECTED_VERSION" ]; then | |
| echo "β Package published successfully: v$PUBLISHED_VERSION" | |
| else | |
| echo "β Package publication verification failed" | |
| echo "Expected: v$EXPECTED_VERSION" | |
| echo "Published: v$PUBLISHED_VERSION" | |
| exit 1 | |
| fi | |
| # Job 3: Security and Quality Analysis | |
| security-analysis: | |
| name: Security Analysis | |
| needs: quality-gates | |
| runs-on: ubuntu-latest | |
| if: always() && needs.quality-gates.result == 'success' | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Setup Node.js 22 | |
| uses: actions/setup-node@v6 | |
| with: | |
| node-version: 22 | |
| cache: npm | |
| - name: Install dependencies | |
| shell: bash | |
| run: | | |
| if [ -f package-lock.json ]; then | |
| npm ci | |
| else | |
| npm install | |
| fi | |
| - name: Run npm audit | |
| shell: bash | |
| run: | | |
| echo "Running npm audit..." | |
| npm audit --audit-level=moderate || true | |
| - name: Check for sensitive files | |
| shell: bash | |
| run: | | |
| echo "Checking for sensitive files..." | |
| # Check for common sensitive file patterns | |
| SENSITIVE_FILES=$(find . -type f \( -name "*.env*" -o -name "*.key" -o -name "*.pem" -o -name "*.p12" -o -name "*.pfx" \) -not -path "./node_modules/*" -not -path "./.git/*" || true) | |
| if [ -n "$SENSITIVE_FILES" ]; then | |
| echo "β οΈ Potentially sensitive files found:" | |
| echo "$SENSITIVE_FILES" | |
| else | |
| echo "β No sensitive files detected" | |
| fi | |
| - name: Verify package.json integrity | |
| shell: bash | |
| run: | | |
| echo "Verifying core package.json configuration..." | |
| # Check for required fields | |
| node -e " | |
| const pkg = require('./packages/core/package.json'); | |
| const required = ['name', 'version', 'description', 'license', 'exports']; | |
| const missing = required.filter(field => !pkg[field]); | |
| if (missing.length > 0) { | |
| console.error('Missing required fields:', missing); | |
| process.exit(1); | |
| } | |
| // Verify exports configuration | |
| if (!pkg.exports['.'] || !pkg.exports['.'].import || !pkg.exports['.'].types) { | |
| console.error('Invalid exports configuration'); | |
| process.exit(1); | |
| } | |
| console.log('β Package.json validation passed'); | |
| " | |
| # Job 4: Performance Benchmarks (optional) | |
| performance: | |
| name: Performance Benchmarks | |
| needs: quality-gates | |
| runs-on: ubuntu-latest | |
| if: github.event_name == 'pull_request' | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Setup Node.js 22 | |
| uses: actions/setup-node@v6 | |
| with: | |
| node-version: 22 | |
| cache: npm | |
| - name: Install dependencies | |
| shell: bash | |
| run: | | |
| if [ -f package-lock.json ]; then | |
| npm ci | |
| else | |
| npm install | |
| fi | |
| - name: Build package | |
| run: npm run build | |
| - name: Bundle size analysis | |
| shell: bash | |
| run: | | |
| echo "Analyzing bundle size..." | |
| # Get the size of the main export | |
| MAIN_SIZE=$(stat -c%s "packages/core/dist/index.js" 2>/dev/null || stat -f%z "packages/core/dist/index.js" 2>/dev/null || echo "0") | |
| MAIN_SIZE_KB=$((MAIN_SIZE / 1024)) | |
| echo "π¦ Bundle Analysis:" | |
| echo "Main bundle size: ${MAIN_SIZE_KB}KB" | |
| # List all files in dist with sizes | |
| echo "" | |
| echo "π Core package dist contents:" | |
| ls -lah packages/core/dist/ || true | |
| # Check if bundle size is reasonable (warn if > 1MB) | |
| if [ $MAIN_SIZE -gt 1048576 ]; then | |
| echo "β οΈ Warning: Bundle size is quite large (>${MAIN_SIZE_KB}KB)" | |
| else | |
| echo "β Bundle size looks good" | |
| fi |