Skip to content
Build

fix(tui): polish sprint - cursor, hotkeys, auth flow, menus #617

Sign in to view logs

fix(tui): polish sprint - cursor, hotkeys, auth flow, menus

fix(tui): polish sprint - cursor, hotkeys, auth flow, menus #617

Workflow file for this run

.github/workflows/build.yml at 6d638c3
name: Build
on:
push:
branches: [main]
paths:
- '**.cs'
- '**.csproj'
- '**.sln'
- 'Directory.Build.props'
- 'Directory.Packages.props'
- 'nuget.config'
- 'extension/**'
pull_request:
branches: [main]
paths:
- '**.cs'
- '**.csproj'
- '**.sln'
- 'Directory.Build.props'
- 'Directory.Packages.props'
- 'nuget.config'
- 'extension/**'
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
# Dependency review for PRs - checks for vulnerabilities in dependency changes
dependency-review:
runs-on: ubuntu-latest
if: github.event_name == 'pull_request'
steps:
- name: Checkout
uses: actions/checkout@v6
- name: Dependency Review
uses: actions/dependency-review-action@v4
with:
fail-on-severity: high
# Allow existing vulnerabilities, only fail on new ones
deny-licenses: ''
build:
runs-on: windows-latest
steps:
- uses: actions/checkout@v6
with:
fetch-depth: 0 # Required for MinVer to read git history
- name: Setup .NET
uses: actions/setup-dotnet@v5
with:
dotnet-version: |
8.0.x
9.0.x
10.0.x
- name: Restore dependencies
run: dotnet restore
- name: Check for vulnerable packages
shell: pwsh
run: |
# Run vulnerability check - capture output and exit code separately
# Note: dotnet list package can crash with CLR errors on some SDK versions
$output = dotnet list package --vulnerable --include-transitive 2>&1
$dotnetExitCode = $LASTEXITCODE
$output | Write-Host
# Handle CLR crashes or other unexpected failures gracefully
if ($dotnetExitCode -ne 0 -and $output -notmatch "has the following vulnerable packages") {
Write-Host ""
Write-Host "::warning::Vulnerable package check exited with code $dotnetExitCode (possible SDK bug, continuing)"
}
elseif ($output -match "has the following vulnerable packages") {
Write-Host ""
Write-Host "::warning::Vulnerable packages detected - review security advisories above"
# Note: Not failing the build to avoid blocking on transitive dependencies
# that require upstream fixes. Dependency-review-action will catch new vulns.
}
else {
Write-Host "No known vulnerabilities found in packages"
}
# Always succeed - vulnerability blocking is handled by dependency-review-action
exit 0
- name: Build
run: dotnet build --configuration Release --no-restore
- name: Upload build artifacts
uses: actions/upload-artifact@v6
with:
name: packages
path: |
src/PPDS.Plugins/bin/Release/*.nupkg
src/PPDS.Plugins/bin/Release/*.snupkg
if-no-files-found: warn
# Extension build (TypeScript)
extension:
runs-on: ubuntu-latest
# Only run if extension files changed
if: |
github.event_name == 'push' && contains(github.event.head_commit.modified, 'extension/') ||
github.event_name == 'pull_request'
steps:
- uses: actions/checkout@v6
- name: Setup Node.js
uses: actions/setup-node@v6
with:
node-version: '20'
cache: 'npm'
cache-dependency-path: extension/package-lock.json
- name: Install dependencies
working-directory: extension
run: npm ci
- name: Lint
working-directory: extension
run: npm run lint
- name: Build
working-directory: extension
run: npm run compile
# Gate job for branch protection
build-status:
runs-on: ubuntu-latest
needs: [build, extension]
if: always()
steps:
- name: Check build status
run: |
if [[ "${{ needs.build.result }}" == "success" || "${{ needs.build.result }}" == "skipped" ]]; then
echo "Build passed"
exit 0
else
echo "Build failed: ${{ needs.build.result }}"
exit 1
fi