Merge pull request #1390 from geospoc/refactor/use-maplibre-gl-as-base

.browserslistrc

@@ -1,3 +1 @@
-> 1%
-last 2 versions
-not ie <= 11
+defaults, not IE 11, maintained node versions

.eslintrc.cjs

@@ -2,32 +2,31 @@ module.exports = {
   root: true,
   env: {
     browser: true,
-    es6: true,
     node: true,
+    es2022: true,
   },
   parserOptions: {
     parser: '@typescript-eslint/parser',
-    ecmaVersion: 2020,
+    ecmaVersion: 2022,
     sourceType: 'module',
-    lib: ['es2020'],
+    lib: ['es2022'],
     ecmaFeatures: {
       jsx: true,
       tsx: true,
     },
     extraFileExtensions: ['.vue'],
   },
-  plugins: ['vue', 'jsdoc', '@typescript-eslint', 'prettier'],
+  plugins: ['vue', 'jsdoc', 'security', '@typescript-eslint', 'prettier'],
   extends: [
-    'plugin:vue/recommended',
-    'plugin:prettier/recommended',
-    'plugin:@typescript-eslint/eslint-recommended',
     'plugin:jsdoc/recommended',
+    'plugin:@typescript-eslint/eslint-recommended',
+    'plugin:vue/vue3-recommended',
+    'plugin:security/recommended',
+    'plugin:prettier/recommended',
     'prettier',
   ],
-  // add your custom rules here
   rules: {
     'no-console': process.env.NODE_ENV === 'production' ? 'error' : 'off',
     'no-debugger': process.env.NODE_ENV === 'production' ? 'error' : 'off',
-    'vue/require-render-return': 'off',
   },
 };

.github/workflows/automerger.yml

@@ -0,0 +1,36 @@
+name: 'Automerge Dependabot PRs'
+
+on: pull_request_target
+
+permissions:
+  pull-requests: write
+  contents: write
+
+jobs:
+  dependabot:
+    runs-on: ubuntu-latest
+    if: ${{ github.actor == 'dependabot[bot]' }}
+    steps:
+      - name: Dependabot metadata 🤖
+        id: metadata
+        uses: dependabot/[email protected]
+        with:
+          alert-lookup: true
+          compat-lookup: true
+          github-token: ${{ secrets.DEPENDABOT_TOKEN }}
+
+      - name: Authenticate CLI with PAT 🔐
+        run: echo "${{ secrets.DEPENDABOT_TOKEN }}" | gh auth login --with-token
+
+      - name: Approve Dependabot PRs 👍
+        run: gh pr review --approve "$PR_URL"
+        env:
+          PR_URL: ${{ github.event.pull_request.html_url }}
+          GITHUB_TOKEN: ${{ secrets.DEPENDABOT_TOKEN }}
+
+      - name: Auto-merge Dependabot PRs 🕺
+        if: steps.metadata.outputs.update-type == 'version-update:semver-minor' || steps.metadata.outputs.update-type == 'version-update:semver-patch'
+        run: gh pr merge --auto --merge "$PR_URL"
+        env:
+          PR_URL: ${{ github.event.pull_request.html_url }}
+          GITHUB_TOKEN: ${{ secrets.DEPENDABOT_TOKEN }}

.github/workflows/ci.yml

@@ -1,68 +1,56 @@
-name: ci
+name: 'Continuous Integration'
 
 on:
   push:
     branches:
       - main
-      - next
-  pull_request_target:
+  pull_request:
     branches:
       - main
-      - next
 
 permissions:
   checks: write
   contents: read
 
-concurrency:
-  group: ${{ github.workflow }}-${{ github.event_name == 'pull_request_target' && github.head_ref || github.ref }}
-  cancel-in-progress: true
-
 jobs:
   ci:
-    runs-on: ${{ matrix.os }}
-
-    strategy:
-      fail-fast: false
-      matrix:
-        os: [ubuntu-latest]
-        node: [18]
-
+    runs-on: ubuntu-latest
     steps:
-      - name: Check out repository ✨
-        if: ${{ github.event_name == 'push' || github.event_name == 'pull_request' || github.event_name == 'pull_request_target' && github.actor != 'dependabot[bot]' }}
+      - name: Check out repository ✨ (non dependabot)
+        if: ${{ github.actor != 'dependabot[bot]' }}
         uses: actions/checkout@v3
 
       - name: Check out repository 🎉 (dependabot)
-        if: ${{ github.event_name == 'pull_request_target' }}
+        if: ${{ github.actor == 'dependabot[bot]' }}
         uses: actions/checkout@v3
         with:
           ref: ${{ github.event.pull_request.head.sha }}
 
       - name: Setup node env 📦
-        uses: actions/setup-node@v3.5.0
+        uses: actions/setup-node@v3
         with:
-          node-version: ${{ matrix.node }}
-          registry-url: https://registry.npmjs.org
+          node-version-file: 'package.json'
           check-latest: true
           cache: 'npm'
 
       - name: Install dependencies 🚀
-        run: npm ci --prefer-offline --no-audit
+        run: npm ci --prefer-offline --no-audit --omit=optional
 
       - name: Run linter(s) 👀
         uses: wearerequired/lint-action@v2
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
-          continue_on_error: true
           git_name: github-actions[bot]
           git_email: github-actions[bot]@users.noreply.github.com
           auto_fix: false
+          continue_on_error: false
+          neutral_check_on_warning: true
+          stylelint: true
+          stylelint_extensions: css,scss,vue
           eslint: true
           eslint_extensions: js,ts,vue
           prettier: true
           prettier_extensions: js,ts,vue
-          neutral_check_on_warning: true
 
-      - name: Run build 🏁
+      - name: Build the package 🎉
         run: npm run build

.github/workflows/codeql.yml

@@ -0,0 +1,38 @@
+name: 'CodeQL'
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+  schedule:
+    - cron: '45 23 * * 2'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: ['javascript']
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          languages: ${{ matrix.language }}
+
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v2
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2

.github/workflows/lint-pr.yml

@@ -8,22 +8,21 @@ on:
       - synchronize
 
 jobs:
+  validate-pr-title:
+    name: Validate PR title
+    runs-on: ubuntu-latest
+    steps:
+      - uses: amannn/[email protected]
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
   check-sign-off:
     if: startsWith(github.head_ref, 'releases/v') == false
     name: Write comment if unsigned commits found
     env:
       FORCE_COLOR: 1
     runs-on: ubuntu-latest
-
     steps:
       - uses: live627/check-pr-signoff-action@v1
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
-  semantic-pull-request:
-    name: Validate PR title
-    needs: [check-sign-off]
-    runs-on: ubuntu-latest
-    steps:
-      - uses: amannn/action-semantic-pull-request@v4
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/shipjs-trigger.yml

@@ -1,8 +1,10 @@
-name: Ship js trigger
+name: 'Ship js trigger'
+
 on:
   pull_request:
     types:
       - closed
+
 jobs:
   build:
     name: Release
@@ -15,18 +17,22 @@ jobs:
           fetch-depth: 0
           ref: main
 
-      - name: Setup node env 🏗
-        uses: actions/[email protected]
+      - name: Setup GitHub Actor
+        run: |
+          git config --global user.email "[email protected]"
+          git config --global user.name "GitHub Action"
+
+      - name: Setup node environment 📦
+        uses: actions/setup-node@v3
         with:
-          node-version: 18
-          registry-url: https://registry.npmjs.org
+          node-version-file: 'package.json'
           check-latest: true
           cache: 'npm'
 
       - name: Install dependencies 🚀
-        run: npm ci --prefer-offline --no-audit
+        run: npm ci --prefer-offline --no-audit --omit=optional
 
-      - name: Release new version to registry 🎉
+      - name: Trigger a release 🥳
         run: npx shipjs trigger
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.gitignore

@@ -105,4 +105,4 @@ dist
 .DS_Store
 .temp
 
-types/build
+cache/