From a8a1fbb829722a5edc9daa07bee3b6b5ff441a3a Mon Sep 17 00:00:00 2001 From: Adithya Krishna Date: Mon, 21 Aug 2023 18:54:44 +0530 Subject: [PATCH 1/8] feat: Added Engines to Enforce Node v18.0.0 and above Signed-off-by: Adithya Krishna --- package.json | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/package.json b/package.json index b3296f031..895ac55ed 100644 --- a/package.json +++ b/package.json @@ -9,6 +9,10 @@ "prepare": "husky install", "commitlint": "commitlint --edit" }, + "engines": { + "npm": ">=8.6.0", + "node": ">=18.0.0" + }, "devDependencies": { "@commitlint/cli": "^17.7.1", "@commitlint/config-conventional": "^17.7.0", From c5b7b8a18ac8ea11c2a9b0b4f1e409e9446fc458 Mon Sep 17 00:00:00 2001 From: Adithya Krishna Date: Mon, 21 Aug 2023 18:54:59 +0530 Subject: [PATCH 2/8] feat: add dependabot config Signed-off-by: Adithya Krishna --- .github/dependabot.yml | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100644 .github/dependabot.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 000000000..3b31db9a9 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,37 @@ +name: "Dependabot Updates" +version: 2 + +on: + push: + branches: [ "feat/refresh" ] + pull_request: + branches: [ "feat/refresh" ] + workflow_dispatch: + +updates: + - package-ecosystem: 'github-actions' + directory: '/' + schedule: + interval: "weekly" + target-branch: "feat/refresh" + labels: + - "ci dependencies" + - "ci" + + - package-ecosystem: "npm" + directory: "/apps/marketing" + schedule: + interval: "weekly" + target-branch: "feat/refresh" + labels: + - "npm dependencies" + - "frontend" + + - package-ecosystem: "npm" + directory: "/apps/web" + schedule: + interval: "weekly" + target-branch: "feat/refresh" + labels: + - "npm dependencies" + - "frontend" From e468f5bbc9d993962875ed65f825d06b3411fe30 Mon Sep 17 00:00:00 2001 From: Adithya Krishna Date: Mon, 21 Aug 2023 18:55:53 +0530 Subject: [PATCH 3/8] chore: enable job concurrency Signed-off-by: Adithya Krishna --- .github/workflows/ci.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index f8b8e97aa..c15689123 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -6,6 +6,10 @@ on: pull_request: branches: [ "feat/refresh" ] +concurrency: + group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} + cancel-in-progress: true + env: HUSKY: 0 From 4964b252e348c254becee73a72731a9dd649d9c4 Mon Sep 17 00:00:00 2001 From: Adithya Krishna Date: Mon, 21 Aug 2023 18:56:48 +0530 Subject: [PATCH 4/8] chore: update readme file Signed-off-by: Adithya Krishna --- README.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/README.md b/README.md index 3330a0e3c..9f857e8f7 100644 --- a/README.md +++ b/README.md @@ -89,6 +89,9 @@ Documenso is built using awesome open source tech including: - [Node SignPDF (Digital Signature)](https://github.com/vbuch/node-signpdf) - [React-PDF for viewing PDFs](https://github.com/wojtekmaj/react-pdf) - [PDF-Lib for PDF manipulation](https://github.com/Hopding/pdf-lib) +- [Zod for schema declaration and validation](https://zod.dev/) +- [Lucide React for icons in React app](https://lucide.dev/) +- [Framer Motion for motion library](https://www.framer.com/motion/) - Check out `/package.json` and `/apps/web/package.json` for more - Support for [opensignpdf (requires Java on server)](https://github.com/open-pdf-sign) is currently planned. From b063758ee563b89603df3f17af7459a4dd9eafc0 Mon Sep 17 00:00:00 2001 From: Adithya Krishna Date: Mon, 21 Aug 2023 19:03:26 +0530 Subject: [PATCH 5/8] chore: update readme file with radix-ui Signed-off-by: Adithya Krishna --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 9f857e8f7..ebab1c3f5 100644 --- a/README.md +++ b/README.md @@ -92,6 +92,7 @@ Documenso is built using awesome open source tech including: - [Zod for schema declaration and validation](https://zod.dev/) - [Lucide React for icons in React app](https://lucide.dev/) - [Framer Motion for motion library](https://www.framer.com/motion/) +- [Radix UI for component library](https://www.radix-ui.com/) - Check out `/package.json` and `/apps/web/package.json` for more - Support for [opensignpdf (requires Java on server)](https://github.com/open-pdf-sign) is currently planned. From af307a2a499d5cee5261ccf66ab6bce04706568a Mon Sep 17 00:00:00 2001 From: Adithya Krishna Date: Mon, 21 Aug 2023 19:03:53 +0530 Subject: [PATCH 6/8] chore: updated dependabot config Signed-off-by: Adithya Krishna --- .github/dependabot.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 3b31db9a9..cd5951acb 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,4 +1,3 @@ -name: "Dependabot Updates" version: 2 on: @@ -17,6 +16,7 @@ updates: labels: - "ci dependencies" - "ci" + open-pull-requests-limit: 10 - package-ecosystem: "npm" directory: "/apps/marketing" @@ -26,6 +26,7 @@ updates: labels: - "npm dependencies" - "frontend" + open-pull-requests-limit: 10 - package-ecosystem: "npm" directory: "/apps/web" @@ -35,3 +36,4 @@ updates: labels: - "npm dependencies" - "frontend" + open-pull-requests-limit: 10 From 083f3e7108b77880e712125a0525cd58f3ce1ae5 Mon Sep 17 00:00:00 2001 From: Adithya Krishna Date: Mon, 21 Aug 2023 19:08:47 +0530 Subject: [PATCH 7/8] feat: add codeql-analysis Signed-off-by: Adithya Krishna --- .github/workflows/codeql-analysis.yml | 45 +++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) create mode 100644 .github/workflows/codeql-analysis.yml diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml new file mode 100644 index 000000000..3cc5cd118 --- /dev/null +++ b/.github/workflows/codeql-analysis.yml @@ -0,0 +1,45 @@ +name: "CodeQL" + +on: + workflow_dispatch: + push: + branches: [ feat/refresh ] + pull_request: + branches: [ feat/refresh ] + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + + strategy: + fail-fast: true + matrix: + language: [ 'javascript', 'typescript' ] + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + - uses: actions/setup-node@v3 + with: + node-version: 18 + cache: npm + + - name: Install Dependencies + run: npm ci + + - name: Build Documenso + run: npm build + + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: ${{ matrix.language }} + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2 \ No newline at end of file From 617143a47fd8545e341cdadb8e5b9b522adc4ab0 Mon Sep 17 00:00:00 2001 From: Adithya Krishna Date: Mon, 21 Aug 2023 22:42:45 +0530 Subject: [PATCH 8/8] fix: removed ts from codeql Signed-off-by: Adithya Krishna --- .github/workflows/codeql-analysis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 3cc5cd118..fb96c476f 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -19,7 +19,7 @@ jobs: strategy: fail-fast: true matrix: - language: [ 'javascript', 'typescript' ] + language: [ 'javascript' ] steps: - name: Checkout repository