diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 8a00c658..8eda2a33 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,7 +1,12 @@ version: 2 updates: + # GitHub Actions version updates are scoped by GitHub to `directory: /`. + # This checks workflow files under `/.github/workflows` on the `dev` branch. + # Composite actions under `/.github/actions/*/action.yml` are not separately + # configurable for Dependabot version updates in `dependabot.yml`. - package-ecosystem: github-actions directory: / + target-branch: dev schedule: interval: weekly day: monday @@ -18,6 +23,7 @@ updates: - package-ecosystem: cargo directory: / + target-branch: dev schedule: interval: weekly day: monday @@ -34,6 +40,7 @@ updates: - package-ecosystem: npm directory: / + target-branch: dev schedule: interval: weekly day: monday @@ -50,6 +57,7 @@ updates: - package-ecosystem: npm directory: /cli + target-branch: dev schedule: interval: weekly day: monday @@ -64,8 +72,43 @@ updates: patterns: - '*' + - package-ecosystem: npm + directory: /sdk + target-branch: dev + schedule: + interval: weekly + day: monday + time: '09:00' + timezone: Asia/Shanghai + open-pull-requests-limit: 5 + labels: + - dependencies + - javascript + groups: + npm-sdk: + patterns: + - '*' + + - package-ecosystem: npm + directory: /mcp + target-branch: dev + schedule: + interval: weekly + day: monday + time: '09:00' + timezone: Asia/Shanghai + open-pull-requests-limit: 5 + labels: + - dependencies + - javascript + groups: + npm-mcp: + patterns: + - '*' + - package-ecosystem: npm directory: /gui + target-branch: dev schedule: interval: weekly day: monday @@ -82,6 +125,7 @@ updates: - package-ecosystem: npm directory: /doc + target-branch: dev schedule: interval: weekly day: monday @@ -98,6 +142,7 @@ updates: - package-ecosystem: npm directory: /libraries/logger + target-branch: dev schedule: interval: weekly day: monday @@ -114,6 +159,7 @@ updates: - package-ecosystem: npm directory: /libraries/md-compiler + target-branch: dev schedule: interval: weekly day: monday @@ -130,6 +176,7 @@ updates: - package-ecosystem: npm directory: /libraries/script-runtime + target-branch: dev schedule: interval: weekly day: monday diff --git a/.github/mergify.yml b/.github/mergify.yml new file mode 100644 index 00000000..7e1c8b91 --- /dev/null +++ b/.github/mergify.yml @@ -0,0 +1,38 @@ +pull_request_rules: + - name: auto-approve and merge Dependabot docs updates into dev + conditions: + - author = dependabot[bot] + - base = dev + - -draft + - files ~= ^doc/ + - check-success = check-doc + actions: + review: + type: APPROVE + message: Automatically approving Dependabot docs update after docs CI passes. + merge: + method: merge + + - name: auto-approve and merge Dependabot updates into dev + conditions: + - author = dependabot[bot] + - base = dev + - -draft + - check-success = release-preflight + - check-success = gui-release-preflight + - check-success = build + - check-success = lint + - check-success = check-type + - check-success = test + - check-success = test-gui + - check-success = test-sdk + - check-success = test-cli + - check-success = test-mcp + - check-success = test-libraries + - check-success = test-rust + actions: + review: + type: APPROVE + message: Automatically approving Dependabot update after all dev CI checks pass. + merge: + method: merge diff --git a/.github/workflows/pull-request-doc.yml b/.github/workflows/pull-request-doc.yml index 25cb459f..f2fe0c5e 100644 --- a/.github/workflows/pull-request-doc.yml +++ b/.github/workflows/pull-request-doc.yml @@ -4,6 +4,7 @@ on: pull_request: branches: - main + - dev types: [opened, synchronize, reopened, ready_for_review] paths: - doc/** diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml index a845e063..cc4fb100 100644 --- a/.github/workflows/pull-request.yml +++ b/.github/workflows/pull-request.yml @@ -4,6 +4,7 @@ on: pull_request: branches: - main + - dev types: [opened, synchronize, reopened, ready_for_review] paths-ignore: - .attachments/** diff --git a/.github/workflows/release-cli.yml b/.github/workflows/release-cli.yml index 36e2feef..1aaa6646 100644 --- a/.github/workflows/release-cli.yml +++ b/.github/workflows/release-cli.yml @@ -252,7 +252,20 @@ jobs: shell: bash run: | shopt -s nullglob - min_size=$((1024 * 1024)) + get_min_size_for_binding() { + local node_file="$1" + case "$(basename "$node_file")" in + napi-logger.*.node|napi-script-runtime.*.node) + echo $((512 * 1024)) + ;; + napi-md-compiler.*.node|napi-memory-sync-cli.*.node) + echo $((1024 * 1024)) + ;; + *) + echo $((256 * 1024)) + ;; + esac + } for target_dir in cli/npm/*/; do if [ ! -f "${target_dir}package.json" ]; then continue @@ -261,6 +274,7 @@ jobs: if [ ! -f "$node_file" ]; then continue fi + min_size=$(get_min_size_for_binding "$node_file") size=$(stat -c%s "$node_file" 2>/dev/null || stat -f%z "$node_file" 2>/dev/null || echo 0) if [ "$size" -lt "$min_size" ]; then echo "ERROR: ${node_file} is too small (${size} bytes), expected at least ${min_size} bytes" diff --git a/renovate.json b/renovate.json new file mode 100644 index 00000000..302ef8eb --- /dev/null +++ b/renovate.json @@ -0,0 +1,42 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "extends": [ + "config:recommended", + "helpers:pinGitHubActionDigests" + ], + "baseBranchPatterns": [ + "dev" + ], + "dependencyDashboard": true, + "prConcurrentLimit": 5, + "branchConcurrentLimit": 5, + "labels": [ + "dependencies" + ], + "packageRules": [ + { + "matchManagers": [ + "github-actions" + ], + "addLabels": [ + "github-actions" + ] + }, + { + "matchManagers": [ + "npm" + ], + "addLabels": [ + "javascript" + ] + }, + { + "matchManagers": [ + "cargo" + ], + "addLabels": [ + "rust" + ] + } + ] +}