Brendan Chen
6b06d00115
- dist/tokens.css: canonical light + @media dark semantic-token palette
extracted from inventory (cross-checked against authd and buchinese).
Covers --fg, --fg-muted, --bg, --bg-elevated, --surface, --accent*,
--danger*, --border*, --input-*, --warning, primitive --gray-* scale.
- dist/base.css: `input, textarea, select { font-size: 16px; }` prevents
iOS Safari auto-zoom on focus.
- tests/tokens.test.ts: vitest — token presence in both light and dark
blocks; WCAG AA contrast (>=4.5:1 body, >=3.0:1 UI) via inline
hex-to-luminance math. All 10 tests green.
- tests/base.test.ts: vitest — asserts 16px rule covers all three selectors.
- .gitea/workflows/release.yml: tag-triggered CI — npm ci + npm test,
CHANGELOG version gate, dist/scripts security grep, Gitea release
artifact upload.
- README.md: four-step consumer integration guide with copy-pasteable
snippets (package.json dep, Dockerfile cp, HTML link tags, app CSS).
- CHANGELOG.md: v0.1.0 entry.
npm audit --omit=dev: 0 vulnerabilities
Closes #1
70 lines
2.0 KiB
YAML
70 lines
2.0 KiB
YAML
name: release
|
|
|
|
on:
|
|
push:
|
|
tags:
|
|
- 'v*'
|
|
|
|
jobs:
|
|
release:
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- uses: actions/setup-node@v4
|
|
with:
|
|
node-version: '24'
|
|
|
|
- name: install
|
|
run: npm ci
|
|
|
|
- name: test
|
|
run: npm test
|
|
|
|
- name: validate changelog
|
|
run: |
|
|
VERSION="${GITHUB_REF_NAME#v}"
|
|
if ! grep -qF "## [${VERSION}]" CHANGELOG.md && ! grep -qE "^## ${VERSION}$" CHANGELOG.md; then
|
|
echo "ERROR: CHANGELOG.md has no entry for version ${VERSION}"
|
|
exit 1
|
|
fi
|
|
|
|
- name: security scan (dist/scripts)
|
|
run: |
|
|
if [ -d dist/scripts ]; then
|
|
if grep -rE 'eval\b|new Function\b|\.innerHTML\s*=' dist/scripts/; then
|
|
echo "ERROR: unsafe pattern detected in dist/scripts/"
|
|
exit 1
|
|
fi
|
|
echo "dist/scripts/ scan: clean"
|
|
else
|
|
echo "dist/scripts/ does not exist — scan skipped"
|
|
fi
|
|
|
|
- name: package dist artifact
|
|
run: tar -czf "dist-${GITHUB_REF_NAME}.tar.gz" dist/
|
|
|
|
- name: create release and upload artifact
|
|
env:
|
|
GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }}
|
|
run: |
|
|
SERVER="${GITHUB_SERVER_URL}"
|
|
REPO="${GITHUB_REPOSITORY}"
|
|
TAG="${GITHUB_REF_NAME}"
|
|
|
|
RELEASE=$(curl -sf -X POST \
|
|
"${SERVER}/api/v1/repos/${REPO}/releases" \
|
|
-H "Authorization: token ${GITEA_TOKEN}" \
|
|
-H "Content-Type: application/json" \
|
|
-d "{\"tag_name\":\"${TAG}\",\"name\":\"${TAG}\"}")
|
|
|
|
RELEASE_ID=$(echo "${RELEASE}" | grep -o '"id":[0-9]*' | head -1 | sed 's/"id"://')
|
|
|
|
curl -sf -X POST \
|
|
"${SERVER}/api/v1/repos/${REPO}/releases/${RELEASE_ID}/assets" \
|
|
-H "Authorization: token ${GITEA_TOKEN}" \
|
|
-F "attachment=@dist-${TAG}.tar.gz;type=application/gzip"
|
|
|
|
echo "Release ${TAG} created (id=${RELEASE_ID})"
|