Skip to content

chore: upgrade deprecated CI actions and default Node to 22 #174

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
docdyhr merged 1 commit into from
Mar 16, 2026
+6 −7
Merged

chore: upgrade deprecated CI actions and default Node to 22 #174

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/codeql-analysis.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ permissions:
packages: read

env:
NODE_VERSION: "20"
NODE_VERSION: "22"

jobs:
codeql-analyze:
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/main-ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ on:
workflow_dispatch:

env:
NODE_VERSION: "20"
NODE_VERSION: "22"
NODE_OPTIONS: "--max-old-space-size=8192"
Comment on lines 12 to 14

jobs:
Expand Down
7 changes: 3 additions & 4 deletions .github/workflows/release.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ on:
# because semantic-release creates the GitHub release, which re-triggered this workflow.

env:
NODE_VERSION: "20"
NODE_VERSION: "22"
HUSKY: 0
CI: true

Expand Down Expand Up @@ -71,9 +71,8 @@ jobs:

- name: 🏷️ Semantic Release
id: semantic
uses: cycjimmy/semantic-release-action@v4
uses: cycjimmy/semantic-release-action@v6
with:
semantic_version: 24
extra_plugins: |
@semantic-release/changelog@6.0.3
@semantic-release/git@10.0.1
Expand Down Expand Up @@ -206,7 +205,7 @@ jobs:
sbom: true

- name: 📝 Update Docker Hub Description
uses: peter-evans/dockerhub-description@v4
uses: peter-evans/dockerhub-description@v5
Copy link

@sourcery-ai sourcery-ai bot Mar 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🚨 suggestion (security): Consider pinning third-party actions to a commit SHA for stronger supply-chain security.

These workflows currently use major-version tags (e.g., @v5). For release- and publish-related jobs, please pin third-party actions to an exact commit SHA (with an inline comment for the version, if helpful) to reduce the risk of upstream tag changes impacting your workflow unexpectedly.

Suggested implementation:

      - name: 📝 Update Docker Hub Description
        # Pin to a specific commit SHA for supply-chain security (v5.x)
        uses: peter-evans/dockerhub-description@<COMMIT-SHA-HERE> # v5
  1. Replace <COMMIT-SHA-HERE> with the exact commit SHA of the desired peter-evans/dockerhub-description v5 release (e.g., from the v5.0.0 or v5.x tag in the repository).
  2. For consistency with your comment, consider also pinning other third-party actions in this workflow (e.g., cycjimmy/semantic-release-action@v6) to their corresponding commit SHAs using the same pattern and inline version comments.

with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/wordpress-compatibility.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ on:
- "src/types/wordpress.ts"

env:
NODE_VERSION: "20"
NODE_VERSION: "22"

jobs:
compatibility-check:
Expand Down
Loading