uppy/.github/workflows/bundlers.yml
dependabot[bot] cff651527a
build(deps): bump actions/setup-node from 4 to 5 (#5954)
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 4
to 5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-node/releases">actions/setup-node's
releases</a>.</em></p>
<blockquote>
<h2>v5.0.0</h2>
<h2>What's Changed</h2>
<h3>Breaking Changes</h3>
<ul>
<li>Enhance caching in setup-node with automatic package manager
detection by <a
href="https://github.com/priya-kinthali"><code>@​priya-kinthali</code></a>
in <a
href="https://redirect.github.com/actions/setup-node/pull/1348">actions/setup-node#1348</a></li>
</ul>
<p>This update, introduces automatic caching when a valid
<code>packageManager</code> field is present in your
<code>package.json</code>. This aims to improve workflow performance and
make dependency management more seamless. To disable this automatic
caching,
set <code>package-manager-cache: false</code></p>
<pre lang="yaml"><code>steps:
- uses: actions/checkout@v5
- uses: actions/setup-node@v5
  with:
    package-manager-cache: false
</code></pre>
<ul>
<li>Upgrade action to use node24 by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/setup-node/pull/1325">actions/setup-node#1325</a></li>
</ul>
<p>Make sure your runner is on version v2.327.1 or later to ensure
compatibility with this release. <a
href="https://github.com/actions/runner/releases/tag/v2.327.1">See
Release Notes</a></p>
<h3>Dependency Upgrades</h3>
<ul>
<li>Upgrade <code>@​octokit/request-error</code> and
<code>@​actions/github</code> by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/setup-node/pull/1227">actions/setup-node#1227</a></li>
<li>Upgrade uuid from 9.0.1 to 11.1.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/setup-node/pull/1273">actions/setup-node#1273</a></li>
<li>Upgrade undici from 5.28.5 to 5.29.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/setup-node/pull/1295">actions/setup-node#1295</a></li>
<li>Upgrade form-data to bring in fix for critical vulnerability by <a
href="https://github.com/gowridurgad"><code>@​gowridurgad</code></a> in
<a
href="https://redirect.github.com/actions/setup-node/pull/1332">actions/setup-node#1332</a></li>
<li>Upgrade actions/checkout from 4 to 5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/setup-node/pull/1345">actions/setup-node#1345</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/priya-kinthali"><code>@​priya-kinthali</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-node/pull/1348">actions/setup-node#1348</a></li>
<li><a href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-node/pull/1325">actions/setup-node#1325</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-node/compare/v4...v5.0.0">https://github.com/actions/setup-node/compare/v4...v5.0.0</a></p>
<h2>v4.4.0</h2>
<h2>What's Changed</h2>
<h3>Bug fixes:</h3>
<ul>
<li>Make eslint-compact matcher compatible with Stylelint by <a
href="https://github.com/FloEdelmann"><code>@​FloEdelmann</code></a>
in <a
href="https://redirect.github.com/actions/setup-node/pull/98">actions/setup-node#98</a></li>
<li>Add support for indented eslint output by <a
href="https://github.com/fregante"><code>@​fregante</code></a> in <a
href="https://redirect.github.com/actions/setup-node/pull/1245">actions/setup-node#1245</a></li>
</ul>
<h3>Enhancement:</h3>
<ul>
<li>Support private mirrors by <a
href="https://github.com/marco-ippolito"><code>@​marco-ippolito</code></a>
in <a
href="https://redirect.github.com/actions/setup-node/pull/1240">actions/setup-node#1240</a></li>
</ul>
<h3>Dependency update:</h3>
<ul>
<li>Upgrade <code>@​action/cache</code> from 4.0.2 to 4.0.3 by <a
href="https://github.com/aparnajyothi-y"><code>@​aparnajyothi-y</code></a>
in <a
href="https://redirect.github.com/actions/setup-node/pull/1262">actions/setup-node#1262</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/FloEdelmann"><code>@​FloEdelmann</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-node/pull/98">actions/setup-node#98</a></li>
<li><a href="https://github.com/fregante"><code>@​fregante</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-node/pull/1245">actions/setup-node#1245</a></li>
<li><a
href="https://github.com/marco-ippolito"><code>@​marco-ippolito</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-node/pull/1240">actions/setup-node#1240</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-node/compare/v4...v4.4.0">https://github.com/actions/setup-node/compare/v4...v4.4.0</a></p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="a0853c2454"><code>a0853c2</code></a>
Bump actions/checkout from 4 to 5 (<a
href="https://redirect.github.com/actions/setup-node/issues/1345">#1345</a>)</li>
<li><a
href="b7234cc9fe"><code>b7234cc</code></a>
Upgrade action to use node24 (<a
href="https://redirect.github.com/actions/setup-node/issues/1325">#1325</a>)</li>
<li><a
href="d7a11313b5"><code>d7a1131</code></a>
Enhance caching in setup-node with automatic package manager detection
(<a
href="https://redirect.github.com/actions/setup-node/issues/1348">#1348</a>)</li>
<li><a
href="5e2628c959"><code>5e2628c</code></a>
Bumps form-data (<a
href="https://redirect.github.com/actions/setup-node/issues/1332">#1332</a>)</li>
<li><a
href="65beceff8e"><code>65becef</code></a>
Bump undici from 5.28.5 to 5.29.0 (<a
href="https://redirect.github.com/actions/setup-node/issues/1295">#1295</a>)</li>
<li><a
href="7e24a656e1"><code>7e24a65</code></a>
Bump uuid from 9.0.1 to 11.1.0 (<a
href="https://redirect.github.com/actions/setup-node/issues/1273">#1273</a>)</li>
<li><a
href="08f58d1471"><code>08f58d1</code></a>
Bump <code>@​octokit/request-error</code> and
<code>@​actions/github</code> (<a
href="https://redirect.github.com/actions/setup-node/issues/1227">#1227</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/setup-node/compare/v4...v5">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-node&package-manager=github_actions&previous-version=4&new-version=5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

by @mifi:

See also https://github.com/actions/setup-node/issues/614

.npmrc was added in 9ddd4d907e but it's
not entirely clear to why, so that's why I added the `rm -f` calls
instead.

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Copilot <198982749+Copilot@users.noreply.github.com>
Co-authored-by: mifi <402547+mifi@users.noreply.github.com>
Co-authored-by: Mikael Finstad <finstaden@gmail.com>
2025-09-22 14:45:48 +02:00

240 lines
7.3 KiB
YAML

name: Bundlers
on:
push:
branches: [main]
pull_request:
# We want all branches so we configure types to be the GH default again
types: [opened, synchronize, reopened]
paths-ignore:
- '**.md'
- '**.d.ts'
- 'examples/**'
- 'private/**'
- 'website/**'
- '.github/**'
- '!.github/workflows/bundlers.yml'
env:
YARN_ENABLE_GLOBAL_CACHE: false
jobs:
isolate_uppy:
name: Isolate Uppy packages
runs-on: ubuntu-latest
env:
SKIP_YARN_COREPACK_CHECK: true
steps:
- name: Checkout sources
uses: actions/checkout@v5
- name: Get yarn cache directory path
id: yarn-cache-dir-path
run:
echo "dir=$(corepack yarn config get cacheFolder)" >> $GITHUB_OUTPUT
- uses: actions/cache@v4
id: yarn-cache # use this to check for `cache-hit` (`steps.yarn-cache.outputs.cache-hit != 'true'`)
with:
path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
${{ runner.os }}-yarn-
- name: Install Node.js
uses: actions/setup-node@v5
with:
node-version: lts/*
- name: Install dependencies
run:
corepack yarn install
env:
# https://docs.cypress.io/guides/references/advanced-installation#Skipping-installation
CYPRESS_INSTALL_BINARY: 0
- name: Build
run: corepack yarn run build
- name: Make Uppy bundle use local version
run: |
node <<'EOF'
const pkg = require('./packages/uppy/package.json');
pkg.overrides = {};
(async () => {
for await (const { name } of await require('node:fs/promises').opendir('./packages/@uppy/')) {
pkg.overrides["@uppy/" + name] = `/tmp/packages/@uppy-${name}-${{ github.sha }}.tgz`;
}
for(const key of Object.keys(pkg.dependencies)) {
if (key in pkg.overrides) {
pkg.dependencies[key] = pkg.overrides[key];
}
}
require('node:fs').writeFileSync('./packages/uppy/package.json', JSON.stringify(pkg));
})();
EOF
- name: Eject public packages from repo
run:
mkdir /tmp/artifacts && corepack yarn workspaces foreach --all
--no-private pack --install-if-needed -o /tmp/artifacts/%s-${{
github.sha }}.tgz
- name: Upload artifact
if: success()
uses: actions/upload-artifact@v4
with:
name: packages
path: /tmp/artifacts/
rollup:
needs: isolate_uppy
name: Rollup
runs-on: ubuntu-latest
strategy:
matrix:
bundler-version: [latest]
steps:
- name: Download uppy tarball
uses: actions/download-artifact@v4
with:
path: /tmp/
- name: Extract tarball
run:
tar -xzf /tmp/packages/uppy-${{ github.sha }}.tgz --strip-components 1
- name: Add Rollup as a dev dependency
run: >-
npm i --save-dev @rollup/plugin-commonjs @rollup/plugin-node-resolve
@rollup/plugin-json rollup@${{matrix.bundler-version}}
- run: npx rollup --version
- name: Create Rollup config file
run: >-
echo ' import cjs from "@rollup/plugin-commonjs"; import { nodeResolve
} from "@rollup/plugin-node-resolve"; import json from
"@rollup/plugin-json";
export default {
input: "./lib/index.js",
output: {
file: "/dev/null",
},
plugins: [
json(),
cjs(),
nodeResolve({ browser: true, exportConditions: ["browser"] }),
],
};' > rollup.config.mjs
- name: Bundle
run: npx rollup -c
webpack:
needs: isolate_uppy
name: Webpack
runs-on: ubuntu-latest
strategy:
matrix:
bundler-version: [latest]
steps:
- name: Download uppy tarball
uses: actions/download-artifact@v4
with:
path: /tmp/
- name: Extract tarball
run:
tar -xzf /tmp/packages/uppy-${{ github.sha }}.tgz --strip-components 1
- name: Add Webpack as a dev dependency
run: npm i --save-dev webpack-cli webpack@${{matrix.bundler-version}}
- run: npx webpack --version
- name: Create Webpack config file
run: |
echo 'export default {
mode: "production",
target: "web",
entry: "./lib/index.js",
resolve: {
fallback: {
fs: false,
path: false,
stream: false,
util: false,
assert: false,
constants: false,
crypto: false,
http: false,
https: false,
url: false
}
}
}' > webpack.config.js
- name: Bundle
run: npx webpack
parcel:
needs: isolate_uppy
name: Parcel
runs-on: ubuntu-latest
strategy:
matrix:
bundler-version: [latest]
steps:
- name: Download uppy tarball
uses: actions/download-artifact@v4
with:
path: /tmp/
- name: Extract tarball
run:
tar -xzf /tmp/packages/uppy-${{ github.sha }}.tgz --strip-components 1
- name: Fix package.json to work with Parcel
run: |
node <<'EOF'
const pkg = require('./package.json');
delete pkg.main
delete pkg.types
pkg.module = 'output.mjs'
require('node:fs').writeFileSync('./package.json', JSON.stringify(pkg));
EOF
- name: Add Parcel as a dev dependency
run: npm i --save-dev parcel@${{matrix.bundler-version}}
- run: npx parcel --version
- name: Bundle
run: npx parcel build lib/index.js
vite:
needs: isolate_uppy
name: Vite
runs-on: ubuntu-latest
strategy:
matrix:
bundler-version: [latest]
steps:
- name: Download uppy tarball
uses: actions/download-artifact@v4
with:
path: /tmp/
- name: Extract tarball
run:
tar -xzf /tmp/packages/uppy-${{ github.sha }}.tgz --strip-components 1
- name: Add Vite as a dev dependency
run: npm i --save-dev vite@${{matrix.bundler-version}}
- run: npx vite --version
- name: Create index.html
run:
echo '<!doctype html><html><head><script type="module"
src="./lib/index.js"></script></head></html>' > index.html
- name: Bundle
run: npx vite build
esbuild:
needs: isolate_uppy
name: ESBuild
runs-on: ubuntu-latest
strategy:
matrix:
bundler-version: [latest]
steps:
- name: Download uppy tarball
uses: actions/download-artifact@v4
with:
path: /tmp/
- name: Extract tarball
run:
tar -xzf /tmp/packages/uppy-${{ github.sha }}.tgz --strip-components 1
- name: Add ESBuild as a dev dependency
run: npm i --save-dev esbuild@${{matrix.bundler-version}}
- run: npx esbuild --version
- name: Bundle
run: npx esbuild lib/index.js --bundle --outfile=/dev/null
# Browserify: doesn't support ESM.