Skip to content

ci: add validate and automated release workflows#110

Open
EVWorth wants to merge 5 commits into
andyfase:mainfrom
EVWorth:feat/add-dependabot
Open

ci: add validate and automated release workflows#110
EVWorth wants to merge 5 commits into
andyfase:mainfrom
EVWorth:feat/add-dependabot

Conversation

@EVWorth

@EVWorth EVWorth commented Apr 1, 2026

Copy link
Copy Markdown
  • Validate workflow runs prettier --check, eslint, and build on PRs/pushes to main
  • Release workflow creates GitHub release with built JS on version tag push
  • All actions pinned to commit SHAs for supply chain security

note: I just got an Ioniq 5 and HATE the MyHyundai App. Found your scriptable app and got it set up. big fan. I like contributing to open source projects and figured id take a stab at being helpful.

I also saw a guy opened a bunch of PRs with the intention of translating to french. I may look into adding a language framework.... :)

EVWorth added 3 commits March 31, 2026 21:22
Pins to the same versions the repo already used, just locked to
immutable commit SHAs instead of mutable tags. Dependabot will
propose version bumps via PRs for the maintainer to review.

- actions/checkout@11bd719 (v4.2.2)
- actions/configure-pages@983d773 (v5.0.0)
- actions/jekyll-build-pages@44a6e6b (v1.0.13)
- actions/upload-pages-artifact@56afc60 (v3.0.1)
- actions/deploy-pages@d6db901 (v4.0.5)
- Validate workflow runs prettier --check, eslint, and build on PRs/pushes to main
- Release workflow creates GitHub release with built JS on version tag push
- All actions pinned to commit SHAs for supply chain security
Copilot AI review requested due to automatic review settings April 1, 2026 02:45

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds CI workflows to validate PRs/main and to automate GitHub Releases on version tags, while improving supply-chain security by pinning action SHAs and enabling Dependabot updates.

Changes:

  • Add a Validate workflow to run Prettier check, ESLint, and a build on PRs/pushes to main.
  • Add a Release workflow to build JS artifacts and publish a GitHub Release on v* tag pushes.
  • Pin existing docs workflow actions to commit SHAs and add Dependabot config for npm + GitHub Actions.

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 2 comments.

File Description
.github/workflows/validate.yml New CI validation workflow for formatting, linting, and build checks.
.github/workflows/release.yml New automated release workflow building artifacts and attaching them to GitHub Releases.
.github/workflows/docs.yml Pins GitHub Pages/Jekyll actions to SHAs for supply chain hardening.
.github/dependabot.yml Adds weekly Dependabot updates for Actions and npm dependencies.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread .github/workflows/validate.yml Outdated
Comment thread .github/workflows/release.yml Outdated
EVWorth and others added 2 commits March 31, 2026 21:49
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants