name: Lint & Type Check
on:
pull_request:
branches: [main]
push:
branches: [main]
permissions:
contents: read
pull-requests: write
jobs:
lint-and-check:
name: Lint, Type Check & Build
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v5
- name: Setup pnpm
uses: pnpm/action-setup@v4
- name: Setup Node.js 22
uses: actions/setup-node@v6
with:
node-version: '22'
cache: 'pnpm'
- name: Install dependencies
run: pnpm install --frozen-lockfile
- name: Run type checking
run: pnpm type-check
- name: Run linting
run: pnpm lint
- name: Check code formatting
run: pnpm format:check
- name: Build project
run: pnpm build
- name: Comment PR on success
if: success() && github.event_name == 'pull_request'
uses: actions/github-script@v8
with:
script: |
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: '✅ **CI Checks Passed**\n\n- Type Check: ✓\n- Lint: ✓\n- Format: ✓\n- Build: ✓\n\nReady for review!'
})
- name: Comment PR on failure
if: failure() && github.event_name == 'pull_request'
uses: actions/github-script@v8
with:
script: |
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: '❌ **CI Checks Failed**\n\nPlease fix the issues:\n- Run `pnpm check` locally\n- Check the workflow logs for details'
})
dependency-review:
name: Dependency Review
if: github.event_name == 'pull_request'
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v5
- name: Dependency Review
uses: actions/dependency-review-action@v4
with:
fail-on-severity: moderate
comment-summary-in-pr: always
