name: Lint & Secrets
on:
workflow_call:
pull_request:
branches: [main]
jobs:
lint:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Use Node.js
uses: actions/setup-node@v4
with:
node-version: "24.x"
cache: "npm"
- name: Get changed files
id: changed-files
uses: tj-actions/changed-files@v45
with:
files: |
**/*.{ts,tsx,js,jsx,json,md,mdx}
- name: Install dependencies
run: npm install
- name: Check formatting (Prettier)
if: steps.changed-files.outputs.any_changed == 'true'
run: npx prettier --check ${{ steps.changed-files.outputs.all_changed_files }}
- name: Check for secrets
if: steps.changed-files.outputs.any_changed == 'true'
run: npx secretlint ${{ steps.changed-files.outputs.all_changed_files }}
