From 4ea880670cb4c3f27646a95e185e14c303218a0c Mon Sep 17 00:00:00 2001 From: Gen Tamura Date: Fri, 2 Jan 2026 09:06:06 +0900 Subject: [PATCH 1/5] fix(ci): stabilize codeql and scorecard --- .github/actions/setup-bun/action.yml | 7 ++++++- .github/workflows/codeql.yml | 2 +- .github/workflows/oss-scorecard.yml | 2 +- 3 files changed, 8 insertions(+), 3 deletions(-) diff --git a/.github/actions/setup-bun/action.yml b/.github/actions/setup-bun/action.yml index cd3df86..3a0a02d 100644 --- a/.github/actions/setup-bun/action.yml +++ b/.github/actions/setup-bun/action.yml @@ -6,4 +6,9 @@ runs: - uses: oven-sh/setup-bun@735343b667d3e6f658f44d0eca948eb6282f2b76 # v2.0.2 - name: Install deps (frozen) shell: bash - run: bun install --frozen-lockfile + run: | + if [ -f package.json ]; then + bun install --frozen-lockfile + else + echo "Skipping bun install: package.json not found." + fi diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index f9f51da..35ed0d5 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -43,7 +43,7 @@ jobs: fail-fast: false matrix: include: - - language: javascript-typescript + - language: actions build-mode: none # CodeQL supports the following values keywords for 'language': 'actions', 'c-cpp', 'csharp', 'go', 'java-kotlin', 'javascript-typescript', 'python', 'ruby', 'rust', 'swift' # Use `c-cpp` to analyze code written in C, C++ or both diff --git a/.github/workflows/oss-scorecard.yml b/.github/workflows/oss-scorecard.yml index 2dcaeeb..9c0735d 100644 --- a/.github/workflows/oss-scorecard.yml +++ b/.github/workflows/oss-scorecard.yml @@ -75,6 +75,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard (optional). # Commenting out will disable upload of results to your repo's Code Scanning dashboard - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@530eb0ed8e1f00b4c982fe83c0126591f9f43df2 # v3.25.4 + uses: github/codeql-action/upload-sarif@5d5cd550d3e189c569da8f16ea8de2d821c9bf7a # v3.31.2 with: sarif_file: results.sarif From 399591785c863caf7e1ae2b1d774ecda9562a4b6 Mon Sep 17 00:00:00 2001 From: Gen Tamura Date: Fri, 2 Jan 2026 09:07:42 +0900 Subject: [PATCH 2/5] chore(ci): bump setup-bun pin --- .github/workflows/lint.yml | 2 +- .github/workflows/release.yml | 2 +- .github/workflows/test.yml | 2 +- .github/workflows/typecheck.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index c638e99..779fa1d 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -10,5 +10,5 @@ jobs: - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - - uses: listee-dev/listee-ci/.github/actions/setup-bun@bc6b8ec0818a0e52fdfbe3571ffde0678d628e31 + - uses: listee-dev/listee-ci/.github/actions/setup-bun@4ea8806bde9bda169b79c6d6d80b16d2d37c8d8a - run: bun x biome ci . diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 9a823bc..e367382 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -19,7 +19,7 @@ jobs: - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - - uses: listee-dev/listee-ci/.github/actions/setup-bun@bc6b8ec0818a0e52fdfbe3571ffde0678d628e31 + - uses: listee-dev/listee-ci/.github/actions/setup-bun@4ea8806bde9bda169b79c6d6d80b16d2d37c8d8a - name: Install dependencies run: bun install --frozen-lockfile - name: Install latest npm diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 9c09c51..c6f2be9 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -10,7 +10,7 @@ jobs: - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - - uses: listee-dev/listee-ci/.github/actions/setup-bun@bc6b8ec0818a0e52fdfbe3571ffde0678d628e31 + - uses: listee-dev/listee-ci/.github/actions/setup-bun@4ea8806bde9bda169b79c6d6d80b16d2d37c8d8a - name: Bun build run: bun run build - name: Bun test diff --git a/.github/workflows/typecheck.yml b/.github/workflows/typecheck.yml index 1db9dd5..5c1c2a9 100644 --- a/.github/workflows/typecheck.yml +++ b/.github/workflows/typecheck.yml @@ -10,6 +10,6 @@ jobs: - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - - uses: listee-dev/listee-ci/.github/actions/setup-bun@bc6b8ec0818a0e52fdfbe3571ffde0678d628e31 + - uses: listee-dev/listee-ci/.github/actions/setup-bun@4ea8806bde9bda169b79c6d6d80b16d2d37c8d8a - name: TypeScript (noEmit fallback) run: bun x tsc -b || bun x tsc --noEmit From e26d1c440d042cb1caa5ab5c62beae2c0fb2c053 Mon Sep 17 00:00:00 2001 From: Gen Tamura Date: Fri, 2 Jan 2026 09:16:18 +0900 Subject: [PATCH 3/5] chore(ci): align setup-bun pins --- .github/workflows/lint.yml | 2 +- .github/workflows/release.yml | 2 +- .github/workflows/test.yml | 2 +- .github/workflows/typecheck.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 779fa1d..157228c 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -10,5 +10,5 @@ jobs: - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - - uses: listee-dev/listee-ci/.github/actions/setup-bun@4ea8806bde9bda169b79c6d6d80b16d2d37c8d8a + - uses: listee-dev/listee-ci/.github/actions/setup-bun@39959172fe97f89ac7bdf1aabf3ff2444c0f1b35 - run: bun x biome ci . diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index e367382..757be7e 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -19,7 +19,7 @@ jobs: - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - - uses: listee-dev/listee-ci/.github/actions/setup-bun@4ea8806bde9bda169b79c6d6d80b16d2d37c8d8a + - uses: listee-dev/listee-ci/.github/actions/setup-bun@39959172fe97f89ac7bdf1aabf3ff2444c0f1b35 - name: Install dependencies run: bun install --frozen-lockfile - name: Install latest npm diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index c6f2be9..81fa2dc 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -10,7 +10,7 @@ jobs: - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - - uses: listee-dev/listee-ci/.github/actions/setup-bun@4ea8806bde9bda169b79c6d6d80b16d2d37c8d8a + - uses: listee-dev/listee-ci/.github/actions/setup-bun@39959172fe97f89ac7bdf1aabf3ff2444c0f1b35 - name: Bun build run: bun run build - name: Bun test diff --git a/.github/workflows/typecheck.yml b/.github/workflows/typecheck.yml index 5c1c2a9..7367d54 100644 --- a/.github/workflows/typecheck.yml +++ b/.github/workflows/typecheck.yml @@ -10,6 +10,6 @@ jobs: - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - - uses: listee-dev/listee-ci/.github/actions/setup-bun@4ea8806bde9bda169b79c6d6d80b16d2d37c8d8a + - uses: listee-dev/listee-ci/.github/actions/setup-bun@39959172fe97f89ac7bdf1aabf3ff2444c0f1b35 - name: TypeScript (noEmit fallback) run: bun x tsc -b || bun x tsc --noEmit From c834682225b5d4bbad28d215d485984950bc1bed Mon Sep 17 00:00:00 2001 From: Gen Tamura Date: Fri, 2 Jan 2026 09:21:35 +0900 Subject: [PATCH 4/5] chore(ci): pin setup-bun to latest --- .github/workflows/lint.yml | 2 +- .github/workflows/release.yml | 2 +- .github/workflows/test.yml | 2 +- .github/workflows/typecheck.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 157228c..806a9d6 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -10,5 +10,5 @@ jobs: - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - - uses: listee-dev/listee-ci/.github/actions/setup-bun@39959172fe97f89ac7bdf1aabf3ff2444c0f1b35 + - uses: listee-dev/listee-ci/.github/actions/setup-bun@e26d1c4f1d64259b0fbd7a3f8f2af3a3479f30bd - run: bun x biome ci . diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 757be7e..c148af4 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -19,7 +19,7 @@ jobs: - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - - uses: listee-dev/listee-ci/.github/actions/setup-bun@39959172fe97f89ac7bdf1aabf3ff2444c0f1b35 + - uses: listee-dev/listee-ci/.github/actions/setup-bun@e26d1c4f1d64259b0fbd7a3f8f2af3a3479f30bd - name: Install dependencies run: bun install --frozen-lockfile - name: Install latest npm diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 81fa2dc..0855700 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -10,7 +10,7 @@ jobs: - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - - uses: listee-dev/listee-ci/.github/actions/setup-bun@39959172fe97f89ac7bdf1aabf3ff2444c0f1b35 + - uses: listee-dev/listee-ci/.github/actions/setup-bun@e26d1c4f1d64259b0fbd7a3f8f2af3a3479f30bd - name: Bun build run: bun run build - name: Bun test diff --git a/.github/workflows/typecheck.yml b/.github/workflows/typecheck.yml index 7367d54..a7dd066 100644 --- a/.github/workflows/typecheck.yml +++ b/.github/workflows/typecheck.yml @@ -10,6 +10,6 @@ jobs: - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - - uses: listee-dev/listee-ci/.github/actions/setup-bun@39959172fe97f89ac7bdf1aabf3ff2444c0f1b35 + - uses: listee-dev/listee-ci/.github/actions/setup-bun@e26d1c4f1d64259b0fbd7a3f8f2af3a3479f30bd - name: TypeScript (noEmit fallback) run: bun x tsc -b || bun x tsc --noEmit From af12dd6971b067fbefa138e3eba32aab28e26f1f Mon Sep 17 00:00:00 2001 From: Gen Tamura Date: Fri, 2 Jan 2026 09:25:02 +0900 Subject: [PATCH 5/5] chore(ci): repin setup-bun to latest commit --- .github/workflows/lint.yml | 2 +- .github/workflows/release.yml | 2 +- .github/workflows/test.yml | 2 +- .github/workflows/typecheck.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 806a9d6..0455f27 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -10,5 +10,5 @@ jobs: - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - - uses: listee-dev/listee-ci/.github/actions/setup-bun@e26d1c4f1d64259b0fbd7a3f8f2af3a3479f30bd + - uses: listee-dev/listee-ci/.github/actions/setup-bun@c8346825c9f76c2b3c21e9b4a04fbb9a4c3c5c4c - run: bun x biome ci . diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index c148af4..d259ac7 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -19,7 +19,7 @@ jobs: - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - - uses: listee-dev/listee-ci/.github/actions/setup-bun@e26d1c4f1d64259b0fbd7a3f8f2af3a3479f30bd + - uses: listee-dev/listee-ci/.github/actions/setup-bun@c8346825c9f76c2b3c21e9b4a04fbb9a4c3c5c4c - name: Install dependencies run: bun install --frozen-lockfile - name: Install latest npm diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 0855700..a7934e5 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -10,7 +10,7 @@ jobs: - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - - uses: listee-dev/listee-ci/.github/actions/setup-bun@e26d1c4f1d64259b0fbd7a3f8f2af3a3479f30bd + - uses: listee-dev/listee-ci/.github/actions/setup-bun@c8346825c9f76c2b3c21e9b4a04fbb9a4c3c5c4c - name: Bun build run: bun run build - name: Bun test diff --git a/.github/workflows/typecheck.yml b/.github/workflows/typecheck.yml index a7dd066..8ff2531 100644 --- a/.github/workflows/typecheck.yml +++ b/.github/workflows/typecheck.yml @@ -10,6 +10,6 @@ jobs: - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - - uses: listee-dev/listee-ci/.github/actions/setup-bun@e26d1c4f1d64259b0fbd7a3f8f2af3a3479f30bd + - uses: listee-dev/listee-ci/.github/actions/setup-bun@c8346825c9f76c2b3c21e9b4a04fbb9a4c3c5c4c - name: TypeScript (noEmit fallback) run: bun x tsc -b || bun x tsc --noEmit