Skip to content

chore(deps): upgrade stack to latest (Vite 8, TS 6, React 19.2.7), re… #48

chore(deps): upgrade stack to latest (Vite 8, TS 6, React 19.2.7), re…

chore(deps): upgrade stack to latest (Vite 8, TS 6, React 19.2.7), re… #48

Workflow file for this run

name: Portfolio CI/CD
on:
push:
branches: [main]
pull_request:
branches: [main]
# Rebuild after the Credly sync bot pushes new badge data. A push by the
# default GITHUB_TOKEN does not retrigger `on: push`, so deploy via
# workflow_run instead (not subject to that restriction).
workflow_run:
workflows: ["Sync Credly Badges"]
types: [completed]
# Allow only one concurrent deployment
concurrency:
group: "pages-${{ github.ref }}"
cancel-in-progress: true
jobs:
ci:
runs-on: ubuntu-latest
permissions:
contents: read
pages: write
id-token: write
timeout-minutes: 20
steps:
- name: Checkout code
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- name: Setup pnpm
uses: pnpm/action-setup@c5ba7f7862a0f64c1b1a05fbac13e0b8e86ba08c # v4
with:
version: 10
- name: Setup Node.js
uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6
with:
node-version: 24
cache: "pnpm"
- name: Install dependencies
run: pnpm install --frozen-lockfile
- name: Lint code
run: pnpm lint
- name: Validate JSON data files
run: |
echo "Validating JSON data files..."
find data -name "*.json" -exec echo "Checking {}" \; -exec node -e "JSON.parse(require('fs').readFileSync('{}', 'utf8'))" \;
- name: Build with Vite
run: pnpm build
- name: Security audit
run: |
echo "Running security audit..."
pnpm audit --audit-level=high || echo "Security vulnerabilities found, but continuing build"
continue-on-error: true
- name: Setup Pages
uses: actions/configure-pages@983d7736d9b0ae728b81ab479565c72886d7745b # v5
- name: Upload artifact
uses: actions/upload-pages-artifact@7b1f4a764d45c48632c6b24a0339c27f5614fb0b # v4
with:
path: "build"
deploy:
if: >
(github.event_name == 'push' && github.ref == 'refs/heads/main') ||
(github.event_name == 'workflow_run' && github.event.workflow_run.conclusion == 'success')
permissions:
pages: write
id-token: write
environment:
name: github-pages
url: ${{ steps.deployment.outputs.page_url }}
runs-on: ubuntu-latest
needs: ci
steps:
- name: Deploy to GitHub Pages
id: deployment
uses: actions/deploy-pages@d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e # v4