From cf933a820eab4016dcf58478ebe77c285196287b Mon Sep 17 00:00:00 2001 From: per1234 Date: Tue, 15 Oct 2024 21:17:13 -0700 Subject: [PATCH] Use npm to manage Prettier tool dependency The project uses the Prettier tool to format various file types. Previously, the version of the tool used was not controlled. This was problematic because: - A different version of the tool may be used on the contributor's machine than on the CI runner, resulting in confusing failures. - The project is immediately subject to disruption or breakage resulting from a release of the tool. The new approach is to specify the version of the tools via the standard npm metadata files (package.json + package-lock.json), providing the following benefits: - Enables automated updates via Dependabot PRs - Enables automated vulnerability alerts --- .../check-prettier-formatting-task.yml | 9 +++++++++ Taskfile.yml | 2 ++ package-lock.json | 19 ++++++++++++++++++- package.json | 3 ++- 4 files changed, 31 insertions(+), 2 deletions(-) diff --git a/.github/workflows/check-prettier-formatting-task.yml b/.github/workflows/check-prettier-formatting-task.yml index 662ff5ae..9733851a 100644 --- a/.github/workflows/check-prettier-formatting-task.yml +++ b/.github/workflows/check-prettier-formatting-task.yml @@ -1,6 +1,10 @@ # Source: https://github.com/arduino/tooling-project-assets/blob/main/workflow-templates/check-prettier-formatting-task.md name: Check Prettier Formatting +env: + # See: https://github.com/actions/setup-node/#readme + NODE_VERSION: 20.x + # See: https://docs.github.com/actions/writing-workflows/choosing-when-your-workflow-runs/events-that-trigger-workflows on: create: @@ -238,6 +242,11 @@ jobs: - name: Checkout repository uses: actions/checkout@v4 + - name: Setup Node.js + uses: actions/setup-node@v4 + with: + node-version: ${{ env.NODE_VERSION }} + - name: Install Task uses: arduino/setup-task@v2 with: diff --git a/Taskfile.yml b/Taskfile.yml index 8065b33d..5c439e9e 100644 --- a/Taskfile.yml +++ b/Taskfile.yml @@ -200,6 +200,8 @@ tasks: # Source: https://github.com/arduino/tooling-project-assets/blob/main/workflow-templates/assets/check-prettier-formatting-task/Taskfile.yml general:format-prettier: desc: Format all supported files with Prettier + deps: + - task: npm:install-deps cmds: - npx prettier --write . diff --git a/package-lock.json b/package-lock.json index 4e520645..ce95e99a 100644 --- a/package-lock.json +++ b/package-lock.json @@ -6,7 +6,8 @@ "": { "devDependencies": { "markdown-link-check": "3.11.2", - "markdownlint-cli": "0.37.0" + "markdownlint-cli": "0.37.0", + "prettier": "3.3.3" } }, "node_modules/@isaacs/cliui": { @@ -1158,6 +1159,22 @@ "url": "https://github.com/sponsors/isaacs" } }, + "node_modules/prettier": { + "version": "3.3.3", + "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.3.3.tgz", + "integrity": "sha512-i2tDNA0O5IrMO757lfrdQZCc2jPNDVntV0m/+4whiDfWaTKfMNgR7Qz0NAeGz/nRqF4m5/6CLzbP4/liHt12Ew==", + "dev": true, + "license": "MIT", + "bin": { + "prettier": "bin/prettier.cjs" + }, + "engines": { + "node": ">=14" + }, + "funding": { + "url": "https://github.com/prettier/prettier?sponsor=1" + } + }, "node_modules/progress": { "version": "2.0.3", "resolved": "https://registry.npmjs.org/progress/-/progress-2.0.3.tgz", diff --git a/package.json b/package.json index eb216992..4cfaf934 100644 --- a/package.json +++ b/package.json @@ -1,7 +1,8 @@ { "devDependencies": { "markdown-link-check": "3.11.2", - "markdownlint-cli": "0.37.0" + "markdownlint-cli": "0.37.0", + "prettier": "3.3.3" }, "type": "module" }