[25.05] ci/treefmt: add biome (#435283)

Author: wolfgangwalther

.editorconfig

@@ -23,16 +23,15 @@ insert_final_newline = false
 
 # see https://nixos.org/nixpkgs/manual/#chap-conventions
 
-# Match json/lockfiles/markdown/nix/perl/python/ruby/shell/docbook files, set indent to spaces
-[*.{bash,json,lock,md,nix,pl,pm,py,rb,sh,xml}]
+[*.{bash,css,js,json,lock,md,nix,pl,pm,py,rb,sh,xml}]
 indent_style = space
 
 # Match docbook files, set indent width of one
 [*.xml]
 indent_size = 1
 
 # Match json/lockfiles/markdown/nix/ruby files, set indent width of two
-[*.{json,lock,md,nix,rb}]
+[*.{js,json,lock,md,nix,rb}]
 indent_size = 2
 
 # Match all the Bash code in Nix files, set indent width of two

ci/.editorconfig

@@ -42,6 +42,22 @@ let
 
         programs.actionlint.enable = true;
 
+        programs.biome = {
+          enable = true;
+          settings.formatter = {
+            useEditorconfig = true;
+          };
+          settings.javascript.formatter = {
+            quoteStyle = "single";
+            semicolons = "asNeeded";
+          };
+          settings.json.formatter.enabled = false;
+        };
+        settings.formatter.biome.excludes = [
+          "*.min.js"
+          "pkgs/*"
+        ];
+
         programs.keep-sorted.enable = true;
 
         # This uses nixfmt underneath,

ci/default.nix

@@ -1,7 +1,5 @@
-module.exports = async function ({ github, context, core, dry }) {
+module.exports = async ({ github, context, core, dry }) => {
   const { execFileSync } = require('node:child_process')
-  const { readFile } = require('node:fs/promises')
-  const { join } = require('node:path')
   const { classify } = require('../supportedBranches.js')
   const withRateLimit = require('./withRateLimit.js')
 
@@ -18,13 +16,13 @@ module.exports = async function ({ github, context, core, dry }) {
           run_id: context.runId,
           per_page: 100,
         })
-      ).find(({ name }) => name == 'Check / cherry-pick').html_url +
+      ).find(({ name }) => name === 'Check / cherry-pick').html_url +
         '?pr=' +
         pull_number
 
     async function extract({ sha, commit }) {
       const noCherryPick = Array.from(
-        commit.message.matchAll(/^Not-cherry-picked-because: (.*)$/g)
+        commit.message.matchAll(/^Not-cherry-picked-because: (.*)$/g),
       ).at(0)
 
       if (noCherryPick)
@@ -148,8 +146,7 @@ module.exports = async function ({ github, context, core, dry }) {
 
     const fetch = extracted
       .filter(({ severity }) => !severity)
-      .map(({ sha, original_sha }) => [ sha, original_sha ])
-      .flat()
+      .flatMap(({ sha, original_sha }) => [sha, original_sha])
 
     if (fetch.length > 0) {
       // Fetching all commits we need for diff at once is much faster than any other method.
@@ -163,7 +160,9 @@ module.exports = async function ({ github, context, core, dry }) {
       ])
     }
 
-    const results = extracted.map(result => result.severity ? result : diff(result))
+    const results = extracted.map((result) =>
+      result.severity ? result : diff(result),
+    )
 
     // Log all results without truncation, with better highlighting and all whitespace changes to the job log.
     results.forEach(({ sha, commit, severity, message, colored_diff }) => {
@@ -177,7 +176,7 @@ module.exports = async function ({ github, context, core, dry }) {
 
     // Only create step summary below in case of warnings or errors.
     // Also clean up older reviews, when all checks are good now.
-    if (results.every(({ severity }) => severity == 'info')) {
+    if (results.every(({ severity }) => severity === 'info')) {
       if (!dry) {
         await Promise.all(
           (
@@ -186,9 +185,9 @@ module.exports = async function ({ github, context, core, dry }) {
               pull_number,
             })
           )
-            .filter((review) => review.user.login == 'github-actions[bot]')
+            .filter((review) => review.user.login === 'github-actions[bot]')
             .map(async (review) => {
-              if (review.state == 'CHANGES_REQUESTED') {
+              if (review.state === 'CHANGES_REQUESTED') {
                 await github.rest.pulls.dismissReview({
                   ...context.repo,
                   pull_number,
@@ -214,34 +213,64 @@ module.exports = async function ({ github, context, core, dry }) {
 
     // In the case of "error" severity, we also fail the job.
     // Those should be considered blocking and not be dismissable via review.
-    if (results.some(({ severity }) => severity == 'error'))
+    if (results.some(({ severity }) => severity === 'error'))
       process.exitCode = 1
 
-    core.summary.addRaw('This report is automatically generated by the `PR / Check / cherry-pick` CI workflow.', true)
+    core.summary.addRaw(
+      'This report is automatically generated by the `PR / Check / cherry-pick` CI workflow.',
+      true,
+    )
     core.summary.addEOL()
-    core.summary.addRaw("Some of the commits in this PR require the author's and reviewer's attention.", true)
+    core.summary.addRaw(
+      "Some of the commits in this PR require the author's and reviewer's attention.",
+      true,
+    )
     core.summary.addEOL()
 
     if (results.some(({ type }) => type === 'no-commit-hash')) {
-      core.summary.addRaw('Please follow the [backporting guidelines](https://github.com/NixOS/nixpkgs/blob/master/CONTRIBUTING.md#how-to-backport-pull-requests) and cherry-pick with the `-x` flag.', true)
-      core.summary.addRaw('This requires changes to the unstable `master` and `staging` branches first, before backporting them.', true)
+      core.summary.addRaw(
+        'Please follow the [backporting guidelines](https://github.com/NixOS/nixpkgs/blob/master/CONTRIBUTING.md#how-to-backport-pull-requests) and cherry-pick with the `-x` flag.',
+        true,
+      )
+      core.summary.addRaw(
+        'This requires changes to the unstable `master` and `staging` branches first, before backporting them.',
+        true,
+      )
       core.summary.addEOL()
-      core.summary.addRaw('Occasionally, commits are not cherry-picked at all, for example when updating minor versions of packages which have already advanced to the next major on unstable.', true)
-      core.summary.addRaw('These commits can optionally be marked with a `Not-cherry-picked-because: <reason>` footer.', true)
+      core.summary.addRaw(
+        'Occasionally, commits are not cherry-picked at all, for example when updating minor versions of packages which have already advanced to the next major on unstable.',
+        true,
+      )
+      core.summary.addRaw(
+        'These commits can optionally be marked with a `Not-cherry-picked-because: <reason>` footer.',
+        true,
+      )
       core.summary.addEOL()
     }
 
     if (results.some(({ type }) => type === 'diff')) {
-      core.summary.addRaw('Sometimes it is not possible to cherry-pick exactly the same patch.', true)
-      core.summary.addRaw('This most frequently happens when resolving merge conflicts.', true)
-      core.summary.addRaw('The range-diff will help to review the resolution of conflicts.', true)
+      core.summary.addRaw(
+        'Sometimes it is not possible to cherry-pick exactly the same patch.',
+        true,
+      )
+      core.summary.addRaw(
+        'This most frequently happens when resolving merge conflicts.',
+        true,
+      )
+      core.summary.addRaw(
+        'The range-diff will help to review the resolution of conflicts.',
+        true,
+      )
       core.summary.addEOL()
     }
 
-    core.summary.addRaw('If you need to merge this PR despite the warnings, please [dismiss](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/dismissing-a-pull-request-review) this review shortly before merging.', true)
+    core.summary.addRaw(
+      'If you need to merge this PR despite the warnings, please [dismiss](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/dismissing-a-pull-request-review) this review shortly before merging.',
+      true,
+    )
 
     results.forEach(({ severity, message, diff }) => {
-      if (severity == 'info') return
+      if (severity === 'info') return
 
       // The docs for markdown alerts only show examples with markdown blockquote syntax, like this:
       //   > [!WARNING]
@@ -256,7 +285,7 @@ module.exports = async function ({ github, context, core, dry }) {
       // Whether this is intended or just an implementation detail is unclear.
       core.summary.addRaw('<blockquote>')
       core.summary.addRaw(
-        `\n\n[!${({ important: 'IMPORTANT', warning: 'WARNING', error: 'CAUTION' })[severity]}]`,
+        `\n\n[!${{ important: 'IMPORTANT', warning: 'WARNING', error: 'CAUTION' }[severity]}]`,
         true,
       )
       core.summary.addRaw(`${message}`, true)
@@ -305,18 +334,18 @@ module.exports = async function ({ github, context, core, dry }) {
       })
     ).find(
       (review) =>
-        review.user.login == 'github-actions[bot]' &&
+        review.user.login === 'github-actions[bot]' &&
         // If a review is still pending, we can just update this instead
         // of posting a new one.
-        (review.state == 'CHANGES_REQUESTED' ||
+        (review.state === 'CHANGES_REQUESTED' ||
           // No need to post a new review, if an older one with the exact
           // same content had already been dismissed.
-          review.body == body),
+          review.body === body),
     )
 
     if (dry) {
       if (pendingReview)
-        core.info('pending review found: ' + pendingReview.html_url)
+        core.info(`pending review found: ${pendingReview.html_url}`)
       else core.info('no pending review found')
     } else {
       // Either of those two requests could fail for very long comments. This can only happen

ci/github-script/commits.js

@@ -1,4 +1,4 @@
-module.exports = async function ({ github, context, core, dry }) {
+module.exports = async ({ github, context, core, dry }) => {
   const path = require('node:path')
   const { DefaultArtifactClient } = require('@actions/artifact')
   const { readFile, writeFile } = require('node:fs/promises')
@@ -27,7 +27,7 @@ module.exports = async function ({ github, context, core, dry }) {
 
     const approvals = new Set(
       reviews
-        .filter((review) => review.state == 'APPROVED')
+        .filter((review) => review.state === 'APPROVED')
         .map((review) => review.user?.id),
     )
 
@@ -37,7 +37,7 @@ module.exports = async function ({ github, context, core, dry }) {
     // This is intentionally less than the time that Eval takes, so that the label job
     // running after Eval can indeed label the PR as conflicted if that is the case.
     const merge_commit_sha_valid =
-      new Date() - new Date(pull_request.created_at) > 3 * 60 * 1000
+      Date.now() - new Date(pull_request.created_at) > 3 * 60 * 1000
 
     const prLabels = {
       // We intentionally don't use the mergeable or mergeable_state attributes.
@@ -53,8 +53,8 @@ module.exports = async function ({ github, context, core, dry }) {
       // The second pass will then read the result from the first pass and set the label.
       '2.status: merge conflict':
         merge_commit_sha_valid && !pull_request.merge_commit_sha,
-      '12.approvals: 1': approvals.size == 1,
-      '12.approvals: 2': approvals.size == 2,
+      '12.approvals: 1': approvals.size === 1,
+      '12.approvals: 2': approvals.size === 2,
       '12.approvals: 3+': approvals.size >= 3,
       '12.first-time contribution': [
         'NONE',
@@ -104,8 +104,8 @@ module.exports = async function ({ github, context, core, dry }) {
         // existing reviews, too.
         '9.needs: reviewer':
           !pull_request.draft &&
-          pull_request.requested_reviewers.length == 0 &&
-          reviews.length == 0,
+          pull_request.requested_reviewers.length === 0 &&
+          reviews.length === 0,
       })
     }
 
@@ -125,8 +125,7 @@ module.exports = async function ({ github, context, core, dry }) {
     // called "comparison", yet, will skip the download.
     const expired =
       !artifact ||
-      new Date(artifact?.expires_at ?? 0) <
-        new Date(new Date().getTime() + 60 * 1000)
+      new Date(artifact?.expires_at ?? 0) < new Date(Date.now() + 60 * 1000)
     log('Artifact expires at', artifact?.expires_at ?? '<n/a>')
     if (!expired) {
       stats.artifacts++
@@ -175,7 +174,7 @@ module.exports = async function ({ github, context, core, dry }) {
   async function handle({ item, stats }) {
     try {
       const log = (k, v, skip) => {
-        core.info(`#${item.number} - ${k}: ${v}` + (skip ? ' (skipped)' : ''))
+        core.info(`#${item.number} - ${k}: ${v}${skip ? ' (skipped)' : ''}`)
         return skip
       }
 
@@ -257,7 +256,7 @@ module.exports = async function ({ github, context, core, dry }) {
 
       // No need for an API request, if all labels are the same.
       const hasChanges = Object.keys(after).some(
-        (name) => (before[name] ?? false) != after[name],
+        (name) => (before[name] ?? false) !== after[name],
       )
       if (log('Has changes', hasChanges, !hasChanges)) return
 
@@ -297,13 +296,15 @@ module.exports = async function ({ github, context, core, dry }) {
           // Go back as far as the last successful run of this workflow to make sure
           // we are not leaving anyone behind on GHA failures.
           // Defaults to go back 1 hour on the first run.
-          new Date(lastRun?.created_at ?? new Date().getTime() - 1 * 60 * 60 * 1000).getTime(),
+          new Date(
+            lastRun?.created_at ?? Date.now() - 1 * 60 * 60 * 1000,
+          ).getTime(),
           // Go back max. 1 day to prevent hitting all API rate limits immediately,
           // when GH API returns a wrong workflow by accident.
-          new Date().getTime() - 24 * 60 * 60 * 1000,
+          Date.now() - 24 * 60 * 60 * 1000,
         ),
       )
-      core.info('cutoff timestamp: ' + cutoff.toISOString())
+      core.info(`cutoff timestamp: ${cutoff.toISOString()}`)
 
       const updatedItems = await github.paginate(
         github.rest.search.issuesAndPullRequests,
@@ -400,12 +401,12 @@ module.exports = async function ({ github, context, core, dry }) {
         .concat(updatedItems, allItems.data)
         .filter(
           (thisItem, idx, arr) =>
-            idx ==
-            arr.findIndex((firstItem) => firstItem.number == thisItem.number),
+            idx ===
+            arr.findIndex((firstItem) => firstItem.number === thisItem.number),
         )
 
       ;(await Promise.allSettled(items.map((item) => handle({ item, stats }))))
-        .filter(({ status }) => status == 'rejected')
+        .filter(({ status }) => status === 'rejected')
         .map(({ reason }) =>
           core.setFailed(`${reason.message}\n${reason.cause.stack}`),
         )

ci/github-script/labels.js

@@ -1,4 +1,4 @@
-module.exports = async function ({ github, context, core }) {
+module.exports = async ({ github, context, core }) => {
   const pull_number = context.payload.pull_request.number
 
   for (const retryInterval of [5, 10, 20, 40, 80]) {

ci/github-script/prepare.js

@@ -1,4 +1,4 @@
-module.exports = async function ({ github, core }, callback) {
+module.exports = async ({ github, core }, callback) => {
   const Bottleneck = require('bottleneck')
 
   const stats = {
@@ -23,7 +23,7 @@ module.exports = async function ({ github, core }, callback) {
     // Requests to a different host do not count against the rate limit.
     if (options.url.startsWith('https://github.com')) return request(options)
     // Requests to the /rate_limit endpoint do not count against the rate limit.
-    if (options.url == '/rate_limit') return request(options)
+    if (options.url === '/rate_limit') return request(options)
     // Search requests are in a different resource group, which allows 30 requests / minute.
     // We do less than a handful each run, so not implementing throttling for now.
     if (options.url.startsWith('/search/')) return request(options)

ci/github-script/withRateLimit.js

@@ -15,14 +15,18 @@ const typeConfig = {
 }
 
 function split(branch) {
-  return { ...branch.match(/(?<prefix>.+?)(-(?<version>\d{2}\.\d{2}|unstable)(?:-(?<suffix>.*))?)?$/).groups }
+  return {
+    ...branch.match(
+      /(?<prefix>.+?)(-(?<version>\d{2}\.\d{2}|unstable)(?:-(?<suffix>.*))?)?$/,
+    ).groups,
+  }
 }
 
 function classify(branch) {
   const { prefix, version } = split(branch)
   return {
     stable: (version ?? 'unstable') !== 'unstable',
-    type: typeConfig[prefix] ?? [ 'wip' ]
+    type: typeConfig[prefix] ?? ['wip'],
   }
 }
 

ci/supportedBranches.js

@@ -1,3 +1,5 @@
-document.addEventListener('DOMContentLoaded', function(event) {
-  anchors.add('h1[id]:not(div.note h1, div.warning h1, div.tip h1, div.caution h1, div.important h1), h2[id]:not(div.note h2, div.warning h2, div.tip h2, div.caution h2, div.important h2), h3[id]:not(div.note h3, div.warning h3, div.tip h3, div.caution h3, div.important h3), h4[id]:not(div.note h4, div.warning h4, div.tip h4, div.caution h4, div.important h4), h5[id]:not(div.note h5, div.warning h5, div.tip h5, div.caution h5, div.important h5), h6[id]:not(div.note h6, div.warning h6, div.tip h6, div.caution h6, div.important h6)');
-});
+document.addEventListener('DOMContentLoaded', () => {
+  anchors.add(
+    'h1[id]:not(div.note h1, div.warning h1, div.tip h1, div.caution h1, div.important h1), h2[id]:not(div.note h2, div.warning h2, div.tip h2, div.caution h2, div.important h2), h3[id]:not(div.note h3, div.warning h3, div.tip h3, div.caution h3, div.important h3), h4[id]:not(div.note h4, div.warning h4, div.tip h4, div.caution h4, div.important h4), h5[id]:not(div.note h5, div.warning h5, div.tip h5, div.caution h5, div.important h5), h6[id]:not(div.note h6, div.warning h6, div.tip h6, div.caution h6, div.important h6)',
+  )
+})