the-nexim · njfamirm · Jan 2, 2025 · Jan 2, 2025 · Jan 2, 2025 · Jan 2, 2025
@@ -10,7 +10,9 @@ on:
 
 jobs:
   main:
-    uses: the-nexim/actions/.github/workflows/build-lint-test.yaml@next
+    uses: the-nexim/actions/.github/workflows/build-lint-test.yaml@v1
+    permissions:
+      contents: read
     with:
-      node-version: 22.11.0
+      node-version: lts/*
     secrets: inherit
@@ -15,34 +15,9 @@ on:
   #            └───────────── minute (0 - 59)
 
 jobs:
-  analyze-code-ql:
-    name: CodeQL Analyze
-    runs-on: ubuntu-latest
-
+  main:
+    uses: the-nexim/actions/.github/workflows/codeql.yaml@v1
     permissions:
       actions: read
       contents: read
       security-events: write
-
-    strategy:
-      fail-fast: false
-      matrix:
-        language: ['TypeScript', 'JavaScript']
-        # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
-
-    steps:
-      - name: ⤵️ Checkout repository
-        uses: actions/checkout@v4
-
-      - name: 🏗 Initialize CodeQL
-        uses: github/codeql-action/init@v3
-        with:
-          languages: ${{ matrix.language }}
-          # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
-          # queries: security-extended,security-and-quality
-
-      - name: 🏗 Auto build
-        uses: github/codeql-action/autobuild@v3
-
-      - name: 🚀 Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v3
@@ -8,16 +8,7 @@ on:
   pull_request:
 
 jobs:
-  dependency-review:
-    name: Dependency Review
-    runs-on: ubuntu-latest
-
+  main:
+    uses: the-nexim/actions/.github/workflows/dependency-review.yaml@v1
     permissions:
       contents: read
-
-    steps:
-      - name: ⤵️ Checkout repository
-        uses: actions/checkout@v4
-
-      - name: 🚀 Dependency Review
-        uses: actions/dependency-review-action@v4
@@ -13,53 +13,11 @@ env:
   NODE_VERSION: lts/*
 
 jobs:
-  publish-npm:
-    if: github.repository_owner == 'the-nexim'
-
-    name: Publish NPM
-    runs-on: ubuntu-latest
-
+  main:
+    uses: the-nexim/actions/.github/workflows/publish-npm.yaml@v1
     permissions:
       contents: read
       id-token: write
-
-    steps:
-      - name: ⤵️ Checkout repository
-        uses: actions/checkout@v4
-
-      - name: 🏗 Setup nodejs
-        uses: actions/setup-node@v4
-        with:
-          node-version: ${{ env.NODE_VERSION }}
-          registry-url: 'https://registry.npmjs.org'
-
-      - name: 🏗 Setup nodejs corepack
-        run: corepack enable
-
-      - name: 🏗 Get yarn config
-        id: yarn_config
-        run: echo "cache_folder=$(yarn config get cacheFolder)" >> $GITHUB_OUTPUT
-
-      - name: 🏗 Cache Layer
-        uses: actions/cache@v4
-        with:
-          path: ${{ steps.yarn_config.outputs.cache_folder }}
-          key: ${{ runner.os }}-yarn-${{ hashFiles('yarn.lock') }}
-          restore-keys: |
-            ${{ runner.os }}-yarn-
-
-      - name: 🏗 Install dependencies
-        run: yarn install --immutable
-
-      - name: 🏗 Build
-        run: yarn build
-        env:
-          NODE_ENV: production
-          WIREIT_LOGGER: metrics
-
-      - name: 🚀 Publish
-        run: yarn run publish -- --yes
-        env:
-          NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}}
-          NPM_CONFIG_PROVENANCE: true
-          WIREIT_LOGGER: metrics
+    with:
+      node-version: lts/*
+    secrets: inherit
@@ -11,73 +11,9 @@ env:
 
 jobs:
   main:
-    name: Build & Lint & Test & Release
-    runs-on: ubuntu-latest
-
+    uses: the-nexim/actions/.github/workflows/release.yaml@v1
     permissions:
-      contents: write
-
-    steps:
-      - name: ⤵️ Checkout repository
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-          token: ${{ secrets.BOT_TOKEN }}
-
-      - name: 🙂‍↔️ Import GPG key
-        run: |
-          echo "${{ secrets.GPG_PRIVATE_KEY }}" | gpg --batch --import
-          echo -e "5\ny\n" | gpg --batch --yes --command-fd 0 --edit-key ${{ env.GPG_KEY_ID }} trust quit
-        env:
-          GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
-
-      - name: 🫡 Setup Git
-        run: |
-          git config --global user.name "Nexim Bot"
-          git config --global user.email "[email protected]"
-          git config --global user.signingkey ${{ env.GPG_KEY_ID }}
-          git config --global commit.gpgsign true
-
-      - name: 🏗 Setup nodejs
-        uses: actions/setup-node@v4
-        with:
-          node-version: ${{ env.NODE_VERSION }}
-
-      - name: 🏗 Setup nodejs corepack
-        run: corepack enable
-
-      - name: 🏗 Get yarn config
-        id: yarn_config
-        run: echo "cache_folder=$(yarn config get cacheFolder)" >> $GITHUB_OUTPUT
-
-      - name: 🏗 Cache Layer
-        uses: actions/cache@v4
-        with:
-          path: ${{ steps.yarn_config.outputs.cache_folder }}
-          key: ${{ runner.os }}-yarn-${{ hashFiles('yarn.lock') }}
-          restore-keys: |
-            ${{ runner.os }}-yarn-
-
-      - name: 🏗 Install dependencies
-        run: yarn install --immutable
-
-      - name: 🚀 Build Typescript
-        run: yarn build
-        env:
-          WIREIT_LOGGER: metrics
-
-      - name: 🚀 Run ESLint
-        run: yarn lint
-        env:
-          WIREIT_LOGGER: metrics
-
-      - name: 🧪 Run Test
-        run: yarn test
-        env:
-          WIREIT_LOGGER: metrics
-
-      - name: 🤖 Get Release
-        run: yarn lerna version --yes
-        env:
-          GITHUB_TOKEN: ${{ secrets.BOT_TOKEN }}
-          WIREIT_LOGGER: metrics
+      contents: read
+    with:
+      node-version: lts/*
+    secrets: inherit
@@ -11,19 +11,6 @@ on:
       - .github/labels.yml
 
 jobs:
-  labels:
-    name: Sync labels
-    runs-on: ubuntu-latest
-
-    permissions:
-      contents: read
-      issues: write
-
-    steps:
-      - name: ⤵️ Check out code from GitHub
-        uses: actions/checkout@v4
-
-      - name: 🚀 Run Label Syncer
-        uses: micnncim/action-label-syncer@v1
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  main:
+    uses: the-nexim/actions/.github/workflows/sync-labels.yaml@v1
+    secrets: inherit