name: CI
on:
pull_request:
branches: [dev, main]
push:
branches: [dev, main]
permissions:
contents: read
pull-requests: write
jobs:
lint-and-check:
name: Lint, Type Check & Build
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v6
- name: Setup pnpm
uses: pnpm/action-setup@v4
- name: Setup Node.js 22
uses: actions/setup-node@v6
with:
node-version: "22"
cache: "pnpm"
- name: Install dependencies
run: pnpm install --frozen-lockfile
- name: Run Biome check
run: pnpm check
- name: Build project
run: pnpm build
- name: Comment PR on success
if: success() && github.event_name == 'pull_request'
uses: actions/github-script@v8
with:
script: |
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: '✅ **CI Checks Passed**\n\n- Biome Check: ✓\n- Build: ✓\n\nReady for review!'
})
- name: Comment PR on failure
if: failure() && github.event_name == 'pull_request'
uses: actions/github-script@v8
with:
script: |
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: '❌ **CI Checks Failed**\n\nPlease fix the issues:\n- Run `pnpm check` locally\n- Check the workflow logs for details'
})
dependency-review:
name: Dependency Review
if: github.event_name == 'pull_request'
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v6
- name: Dependency Review
uses: actions/dependency-review-action@v4
with:
fail-on-severity: moderate
comment-summary-in-pr: always
