From 82d711ba00db975a2ceb607d0b623b9de881e8c3 Mon Sep 17 00:00:00 2001 From: highgroundbkk Date: Tue, 9 Dec 2025 18:07:38 +0700 Subject: [PATCH 1/4] Add Node.js CI workflow This workflow installs node dependencies, builds the source code, and runs tests across multiple Node.js versions. --- .github/workflows/node.js.yml | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 .github/workflows/node.js.yml diff --git a/.github/workflows/node.js.yml b/.github/workflows/node.js.yml new file mode 100644 index 000000000..2284b9357 --- /dev/null +++ b/.github/workflows/node.js.yml @@ -0,0 +1,31 @@ +# This workflow will do a clean installation of node dependencies, cache/restore them, build the source code and run tests across different versions of node +# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-nodejs + +name: Node.js CI + +on: + push: + branches: [ "main" ] + pull_request: + branches: [ "main" ] + +jobs: + build: + + runs-on: ubuntu-latest + + strategy: + matrix: + node-version: [18.x, 20.x, 22.x] + # See supported Node.js release schedule at https://nodejs.org/en/about/releases/ + + steps: + - uses: actions/checkout@v4 + - name: Use Node.js ${{ matrix.node-version }} + uses: actions/setup-node@v4 + with: + node-version: ${{ matrix.node-version }} + cache: 'npm' + - run: npm ci + - run: npm run build --if-present + - run: npm test From 44d59caeb16ca5a91ead3ca870a7c94084a822dd Mon Sep 17 00:00:00 2001 From: highgroundbkk Date: Fri, 12 Dec 2025 11:57:32 +0700 Subject: [PATCH 2/4] Ensure CI runs build script --- .github/workflows/node.js.yml | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/.github/workflows/node.js.yml b/.github/workflows/node.js.yml index 2284b9357..a5c9ae966 100644 --- a/.github/workflows/node.js.yml +++ b/.github/workflows/node.js.yml @@ -14,6 +14,10 @@ jobs: runs-on: ubuntu-latest + defaults: + run: + working-directory: web + strategy: matrix: node-version: [18.x, 20.x, 22.x] @@ -26,6 +30,7 @@ jobs: with: node-version: ${{ matrix.node-version }} cache: 'npm' + cache-dependency-path: web/package-lock.json - run: npm ci - - run: npm run build --if-present - - run: npm test + - run: npm run build + - run: npm run test --if-present From 440e466da59fa676a2f4ba82b6ad4087d67ff0d7 Mon Sep 17 00:00:00 2001 From: highgroundbkk Date: Fri, 12 Dec 2025 12:09:26 +0700 Subject: [PATCH 3/4] Make build step optional in Node.js workflow --- .github/workflows/node.js.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/node.js.yml b/.github/workflows/node.js.yml index a5c9ae966..5deb57da4 100644 --- a/.github/workflows/node.js.yml +++ b/.github/workflows/node.js.yml @@ -32,5 +32,5 @@ jobs: cache: 'npm' cache-dependency-path: web/package-lock.json - run: npm ci - - run: npm run build + - run: npm run build --if-present - run: npm run test --if-present From c56b38fab3c5a0cbf20a2a21ba42466c71461f6b Mon Sep 17 00:00:00 2001 From: highgroundbkk <245770312+highgroundbkk@users.noreply.github.com> Date: Mon, 15 Dec 2025 09:06:55 +0700 Subject: [PATCH 4/4] Create SECURITY.md for security policy Add a security policy document outlining supported versions and vulnerability reporting. --- SECURITY.md | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 SECURITY.md diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 000000000..034e84803 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,21 @@ +# Security Policy + +## Supported Versions + +Use this section to tell people about which versions of your project are +currently being supported with security updates. + +| Version | Supported | +| ------- | ------------------ | +| 5.1.x | :white_check_mark: | +| 5.0.x | :x: | +| 4.0.x | :white_check_mark: | +| < 4.0 | :x: | + +## Reporting a Vulnerability + +Use this section to tell people how to report a vulnerability. + +Tell them where to go, how often they can expect to get an update on a +reported vulnerability, what to expect if the vulnerability is accepted or +declined, etc.