chore: read permissions pr.yml #1637
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: | |
| - main | |
| tags: | |
| - '!*' | |
| pull_request: | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} | |
| jobs: | |
| test: | |
| name: Node ${{ matrix.node }} and ${{ matrix.os }} | |
| timeout-minutes: 30 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: [ubuntu-latest, macos-latest, windows-latest] | |
| node: [22, 24, 26] | |
| runs-on: ${{ matrix.os }} | |
| steps: | |
| - uses: actions/checkout@v5 | |
| # https://github.com/nodejs/node-gyp#installation | |
| - name: Use Python 3.11 | |
| uses: actions/setup-python@v6 | |
| with: | |
| python-version: '3.11' | |
| # https://github.com/hargasinski/node-canvas/blob/e7abe64833d13ec96449c827b1e14befbdf3105d/.github/workflows/ci.yaml#L70 | |
| - name: "macOS dependencies" | |
| if: matrix.os == 'macos-latest' | |
| run: | | |
| brew update | |
| brew install pkg-config cairo pango libpng jpeg giflib librsvg | |
| # https://github.com/hargasinski/node-canvas/blob/e7abe64833d13ec96449c827b1e14befbdf3105d/.github/workflows/ci.yaml#L25 | |
| - name: "GNU/Linux dependencies" | |
| if: matrix.os == 'ubuntu-latest' | |
| run: | | |
| sudo apt update | |
| sudo apt install -y libcairo2-dev libjpeg-dev libpango1.0-dev libgif-dev librsvg2-dev | |
| - uses: pnpm/action-setup@v4 | |
| with: | |
| run_install: false | |
| - name: Use Node.js ${{ matrix.node }} | |
| uses: actions/setup-node@v6 | |
| with: | |
| cache: pnpm | |
| node-version: ${{ matrix.node }} | |
| check-latest: true | |
| - name: Install Dependencies | |
| run: pnpm add --global node-gyp && pnpm install --frozen-lockfile | |
| - name: Build Test Binary | |
| run: pnpm build-test-binary | |
| - name: Build | |
| run: pnpm build | |
| - name: Run Tests | |
| run: pnpm test | |
| - name: Coverage | |
| if: matrix.os == 'ubuntu-latest' && matrix.node == 22 # only run once | |
| run: pnpm test-coverage | |
| - name: Maybe Release | |
| if: matrix.os == 'ubuntu-latest' && matrix.node == 22 && github.event_name == 'push' && github.ref == 'refs/heads/main' | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| NPM_TOKEN: ${{ secrets.NPM_TOKEN_ELEVATED }} | |
| run: npx semantic-release@19.0.5 |