diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 000000000..cd5951acb --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,39 @@ +version: 2 + +on: + push: + branches: [ "feat/refresh" ] + pull_request: + branches: [ "feat/refresh" ] + workflow_dispatch: + +updates: + - package-ecosystem: 'github-actions' + directory: '/' + schedule: + interval: "weekly" + target-branch: "feat/refresh" + labels: + - "ci dependencies" + - "ci" + open-pull-requests-limit: 10 + + - package-ecosystem: "npm" + directory: "/apps/marketing" + schedule: + interval: "weekly" + target-branch: "feat/refresh" + labels: + - "npm dependencies" + - "frontend" + open-pull-requests-limit: 10 + + - package-ecosystem: "npm" + directory: "/apps/web" + schedule: + interval: "weekly" + target-branch: "feat/refresh" + labels: + - "npm dependencies" + - "frontend" + open-pull-requests-limit: 10 diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index f8b8e97aa..c15689123 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -6,6 +6,10 @@ on: pull_request: branches: [ "feat/refresh" ] +concurrency: + group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} + cancel-in-progress: true + env: HUSKY: 0 diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml new file mode 100644 index 000000000..fb96c476f --- /dev/null +++ b/.github/workflows/codeql-analysis.yml @@ -0,0 +1,45 @@ +name: "CodeQL" + +on: + workflow_dispatch: + push: + branches: [ feat/refresh ] + pull_request: + branches: [ feat/refresh ] + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + + strategy: + fail-fast: true + matrix: + language: [ 'javascript' ] + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + - uses: actions/setup-node@v3 + with: + node-version: 18 + cache: npm + + - name: Install Dependencies + run: npm ci + + - name: Build Documenso + run: npm build + + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: ${{ matrix.language }} + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2 \ No newline at end of file diff --git a/README.md b/README.md index 3330a0e3c..ebab1c3f5 100644 --- a/README.md +++ b/README.md @@ -89,6 +89,10 @@ Documenso is built using awesome open source tech including: - [Node SignPDF (Digital Signature)](https://github.com/vbuch/node-signpdf) - [React-PDF for viewing PDFs](https://github.com/wojtekmaj/react-pdf) - [PDF-Lib for PDF manipulation](https://github.com/Hopding/pdf-lib) +- [Zod for schema declaration and validation](https://zod.dev/) +- [Lucide React for icons in React app](https://lucide.dev/) +- [Framer Motion for motion library](https://www.framer.com/motion/) +- [Radix UI for component library](https://www.radix-ui.com/) - Check out `/package.json` and `/apps/web/package.json` for more - Support for [opensignpdf (requires Java on server)](https://github.com/open-pdf-sign) is currently planned. diff --git a/package.json b/package.json index b3296f031..895ac55ed 100644 --- a/package.json +++ b/package.json @@ -9,6 +9,10 @@ "prepare": "husky install", "commitlint": "commitlint --edit" }, + "engines": { + "npm": ">=8.6.0", + "node": ">=18.0.0" + }, "devDependencies": { "@commitlint/cli": "^17.7.1", "@commitlint/config-conventional": "^17.7.0",