sir-gon · sir-gon · Dec 11, 2024 · Dec 11, 2024 · Dec 11, 2024 · Dec 11, 2024
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -34,13 +34,25 @@ on: # yamllint disable-line rule:truthy
 
 jobs:
   analyze:
-    name: Analyze
+    name: Analyze (${{ matrix.language }})
+    # Runner size impacts CodeQL analysis time. To learn more, please see:
+    #   - https://gh.io/recommended-hardware-resources-for-running-codeql
+    #   - https://gh.io/supported-runners-and-hardware-resources
+    #   - https://gh.io/using-larger-runners (GitHub.com only)
+    # Consider using larger runners or machines with greater resources
+    # for possible analysis time improvements.
     runs-on:
-      ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
+      ${{ (matrix.language == 'swift' && 'macos-14') || 'ubuntu-24.04' }}
     permissions:
+      # required for all workflows
+      security-events: write
+
+      # required to fetch internal or private CodeQL packs
+      packages: read
+
+      # only required for workflows in private repositories
       actions: read
       contents: read
-      security-events: write
 
     strategy:
       fail-fast: false

diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml
@@ -17,7 +17,7 @@ jobs:
 
   build:
     name: "Build Docker images"
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     steps:
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
 
@@ -72,7 +72,7 @@ jobs:
 
   lint:
     name: "Run in docker: LINT"
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     needs: build
     steps:
       - name: Download artifact
@@ -92,7 +92,7 @@ jobs:
 
   test:
     name: "Run in docker: TEST"
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     needs: build
     steps:
       - name: Download artifact
@@ -112,7 +112,7 @@ jobs:
 
   security:
     name: "Snyk Container"
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     needs: build
     steps:
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
@@ -155,7 +155,7 @@ jobs:
           sarif_file: 'snyk.sarif'
   scan:
     name: "Trivy"
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     needs: build
     steps:
       - name: Download artifact

diff --git a/.github/workflows/eslint.yml b/.github/workflows/eslint.yml
@@ -34,7 +34,13 @@ on: # yamllint disable-line rule:truthy
 jobs:
   eslint:
     name: Run eslint scanning
-    runs-on: ubuntu-latest
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        os: ["ubuntu-24.04", "macos-14", "windows-2022"]
+        node-version: [18.x, 20.x, 22.x]
+        # See supported Node.js release schedule
+        # at https://nodejs.org/en/about/releases/
     permissions:
       contents: read
       security-events: write

diff --git a/.github/workflows/gitleaks.yml b/.github/workflows/gitleaks.yml
@@ -20,7 +20,7 @@ on: # yamllint disable-line rule:truthy
 jobs:
   scan:
     name: gitleaks
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     steps:
       - uses: actions/checkout@v4
         with:

diff --git a/.github/workflows/markdown-lint.yml b/.github/workflows/markdown-lint.yml
@@ -1,5 +1,4 @@
 ---
-
 name: Markdown Lint
 
 on: # yamllint disable-line rule:truthy
@@ -10,19 +9,27 @@ on: # yamllint disable-line rule:truthy
     branches: ["main"]
   workflow_dispatch:
 
+permissions: read-all
+
 jobs:
-  lint:
+  markdownlint:
     name: Markdown Lint
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
+
+    strategy:
+      matrix:
+        node-version: [22.x]
+        # See supported Node.js release schedule
+        # at https://nodejs.org/en/about/releases/
 
     steps:
       - name: Checkout repository
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
 
-      - name: Set up Node.js
+      - name: Set up Node.js ${{ matrix.node-version }}
         uses: actions/setup-node@v4
         with:
-          node-version: 22.x
+          node-version: ${{ matrix.node-version }}
 
       - name: Install dependencies
         run: npm install -g markdownlint-cli

diff --git a/.github/workflows/node-coverage.js.yml b/.github/workflows/node-coverage.js.yml
@@ -10,8 +10,9 @@ on: # yamllint disable-line rule:truthy
   workflow_dispatch:
 
 jobs:
-  build:
-    runs-on: ubuntu-latest
+  coverage:
+    name: NodeJS CI Coverage
+    runs-on: ubuntu-24.04
 
     steps:
       - name: Checkout repository

diff --git a/.github/workflows/node.js.yml b/.github/workflows/node.js.yml
@@ -12,13 +12,12 @@ on: # yamllint disable-line rule:truthy
 
 jobs:
   build:
-    runs-on: ubuntu-latest
+    name: NodeJS Jest CI Test
+    runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        os: [
-          "windows-latest",
-          "ubuntu-latest",
-          "macOS-latest"
+        os: ["ubuntu-24.04", "macos-14"
+        # , "windows-2022"
         ]
         node-version: [18.x, 20.x, 22.x]
         # See supported Node.js release schedule
@@ -36,8 +35,8 @@ jobs:
       - name: Install dependencies
         run: npm ci --verbose
 
-      - name: Lint
-        run: npm run lint
+      # - name: Lint
+      #   run: npm run lint
 
       - name: Run the tests
         run: npm run jest:ci
diff --git a/.github/workflows/snyk-code.yml b/.github/workflows/snyk-code.yml
@@ -17,7 +17,7 @@ on: # yamllint disable-line rule:truthy
 
 jobs:
   security:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     steps:
       - uses: actions/checkout@master
       - name: Run Snyk to check for vulnerabilities

diff --git a/.github/workflows/yamllint.yml b/.github/workflows/yamllint.yml
@@ -11,7 +11,8 @@ on: # yamllint disable-line rule:truthy
 
 jobs:
   lint:
-    runs-on: ubuntu-latest
+    name: YAML lint
+    runs-on: ubuntu-24.04
     steps:
       - name: Checkout repository
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4