chore: Workflows (#174)

* update workflow files * lock change * different test * not so needed class services * no sinon chai * jest-codemods * Moving to jest cuz why tf not * copy+pasta mess-up * renames * Fix pathing issue * move to different package for testing * Pulling debug consoles
O-Mutt · Jan 2, 2024 · 309bf70 · 309bf70
1 parent 2f38e52
commit 309bf70
Show file tree

Hide file tree

Showing 55 changed files with 11,178 additions and 8,211 deletions.
diff --git a/.eslintignore b/.eslintignore
@@ -1,6 +1,3 @@
 # build artefacts
 dist/*
-coverage/*
-
-# configs
-/**/*.js
+coverage/*
diff --git a/.eslintrc b/.eslintrc
diff --git a/.eslintrc.js b/.eslintrc.js
@@ -0,0 +1,55 @@
+module.exports = {
+  env: {
+    commonjs: true,
+    es2021: true,
+    node: true,
+  },
+  ignorePatterns: [
+    'node_modules/',
+    'dist/',
+    'coverage/',
+    '**/*.test.*',
+    'test/**/*',
+  ],
+  extends: ['airbnb-base', 'plugin:prettier/recommended'],
+  parserOptions: {
+    ecmaVersion: 'latest',
+    sourceType: 'script',
+  },
+  rules: {
+    'no-restricted-syntax': 'off',
+    'no-unused-vars': [
+      'error',
+      {
+        argsIgnorePattern: '^_',
+        varsIgnorePattern: '^_',
+        caughtErrorsIgnorePattern: '^_',
+      },
+    ],
+    'max-len': [
+      'warn',
+      {
+        code: 180,
+        ignoreComments: true,
+        ignoreStrings: true,
+        ignoreTemplateLiterals: true,
+        ignoreRegExpLiterals: true,
+      },
+    ],
+    'no-plusplus': 'off',
+  },
+  overrides: [
+    {
+      env: {
+        mocha: true,
+      },
+      plugins: ['mocha'],
+      files: ['*.test.*', '**/*.test.*'],
+      rules: {
+        'no-unused-expressions': 'off',
+        'jest/no-setup-in-describe': 'warn',
+        'no-console': 'off',
+      },
+    },
+  ],
+};
diff --git a/.eslintrc.json b/.eslintrc.json
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -18,7 +18,7 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v3
+      uses: actions/checkout@v4
       with:
         fetch-depth: 2
 

diff --git a/.github/workflows/pr-title.yml b/.github/workflows/pr-title.yml
@@ -16,6 +16,7 @@ jobs:
   main:
     name: Semantic PR
     runs-on: ubuntu-latest
+    if: (github.actor != 'dependabot[bot]' && github.actor != 'snyk-bot')
     steps:
       - uses: amannn/[email protected]
         id: lint_pr_title

diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
@@ -10,15 +10,14 @@ jobs:
     name: Publish to npm
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v3
-    - uses: actions/setup-node@v3
+    - uses: actions/checkout@v4
+    - uses: actions/setup-node@v4
       with:
         node-version: 18
         registry-url: https://registry.npmjs.org/
-    - run: |
-        npm install
-        npm run build --if-present
-        npm test
-        npm publish --access public
+    - run: npm ci
+    - run: npm run build --if-present
+    - run: npm run test:ci
+    - run: npm publish --access public
       env:
         NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}}
diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml
@@ -0,0 +1,19 @@
+name: Semgrep
+on:
+  pull_request_target: {}
+  push:
+    branches: ['main']
+  schedule:
+    - cron: '30 0 1,15 * *' # scheduled for 00:30 UTC on both the 1st and 15th of the month
+jobs:
+  semgrep:
+    name: Scan
+    runs-on: ubuntu-latest
+    container:
+      image: returntocorp/semgrep
+    if: (github.actor != 'dependabot[bot]' && github.actor != 'snyk-bot')
+    steps:
+      - uses: actions/setup-node@v4
+      - run: semgrep ci
+        env:
+          SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -1,11 +1,11 @@
-on: 
+on:
   push:
     branches: [main]
   pull_request:
     # The branches below must be a subset of the branches above
     branches: [main]
 
-name: Test Node
+name: Test Node.js
 
 jobs:
 
@@ -15,18 +15,15 @@ jobs:
 
     strategy:
       matrix:
-        node-version: [18.x]
+        node-version: [18.x, 20.x]
         os: [ubuntu-latest]
 
     steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@v4
     - name: Use Node.js ${{ matrix.node-version }}
-      uses: actions/setup-node@v3
+      uses: actions/setup-node@v4
       with:
         node-version: ${{ matrix.node-version }}
-
-    - name: npm install, build, and test
-      run: |
-        npm install
-        npm run build --if-present
-        npm test
+    - run: npm ci
+    - run: npm run build --if-present
+    - run: npm run test:ci
diff --git a/.mocharc.js b/.mocharc.js
diff --git a/.prettierignore b/.prettierignore
@@ -5,9 +5,6 @@
 # Ignore .toml
 *.toml
 
-# Ignore .eslintrc
-.eslintrc
-
 # Ignore dist
 /dist
 

diff --git a/.vscode/settings.json b/.vscode/settings.json
@@ -1,11 +1,15 @@
 {
-    "cSpell.words": [
-        "Autobuild",
-        "codeql",
-        "darf",
-        "eartha",
-        "nade",
-        "pjson",
-        "sandiego"
-    ]
-}
+  "cSpell.words": [
+    "abcdefghijklmnopqrstuvwxyzabcdefghijklm",
+    "aeiouy",
+    "Autobuild",
+    "codeql",
+    "darf",
+    "eartha",
+    "mockbot",
+    "nade",
+    "pjson",
+    "sandiego",
+    "satoshi"
+  ]
+}
diff --git a/README.md b/README.md
@@ -68,7 +68,7 @@ Some of the behavior of this plugin is configured in the environment:
 
 `HUBOT_FURTHER_FEEDBACK_SCORE` - the score that would add a suggestion to provide the user with more feedback (*default:* `10`).
 
-**Required** There needs to be an index on the `scoreLogs` table for a TTL or the user will only be able to send one `++|--` before they will be spam blocked. 
+**Required** There needs to be an index on the `scoreLogs` table for a TTL or the user will only be able to send one `++|--` before they will be spam blocked.
 `db.scoreLog.createIndex( { "date": 1 }, { expireAfterSeconds: 5 } )`
 
 ## Mongo data Layout