Skip to content

chore: improved workflows #584

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 7 commits into from
Aug 22, 2025
Merged

chore: improved workflows #584

merged 7 commits into from
Aug 22, 2025

Conversation

gabrielmfern
Copy link
Member

@gabrielmfern gabrielmfern commented Aug 21, 2025
edited by cubic-dev-ai bot
Loading

This pull request cleans up our workflows so that they can better, faster, more safely, and more consistently with what we also have in React Email:

  • Removes the extra Node setup step we had which was unnecessary since we're already running in the Node container
  • Remove the extra Doppler CLI step since we aren't actually using Doppler for anything
  • Uses only Node 20 for consistency (we should upgrade to a more recent version soon)
  • Use only pinned commit versions for all outside actions: https://github.com/resend/resend-node/security/code-scanning/165
  • Use explicit permissions for all workflows
  • Separate the code for checking pinned dependencies onto another file in .github/scripts

Summary by cubic

Cleaned up and hardened CI workflows for faster, safer, and more consistent runs aligned with React Email. Standardized on Node 20, pinned external actions, and added explicit permissions.

  • Refactors
    • Removed setup-node and Doppler CLI steps; rely on Node container.
    • Pinned external actions (e.g., checkout, pnpm) to commit SHAs; added explicit permissions.
    • Moved the pinned-dependencies check into .github/scripts/check-pinned-dependencies.mjs and invoked it from the workflow.
    • Standardized tests to node:20 and run on pushes to main and canary.

@gabrielmfern gabrielmfern self-assigned this Aug 21, 2025
@gabrielmfern gabrielmfern requested a review from a team as a code owner August 21, 2025 20:11
@gabrielmfern gabrielmfern requested review from joaopcm, vcapretz and isabellaaquino and removed request for joaopcm and vcapretz August 21, 2025 20:11
cubic-dev-ai[bot]
cubic-dev-ai bot reviewed Aug 21, 2025
View reviewed changes
Copy link
Contributor

@cubic-dev-ai cubic-dev-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

2 issues found across 5 files

React with 👍 or 👎 to teach cubic. You can also tag @cubic-dev-ai to give feedback, ask questions, or re-run the review.

@gabrielmfern gabrielmfern marked this pull request as draft August 21, 2025 20:15
@gabrielmfern gabrielmfern marked this pull request as ready for review August 21, 2025 20:16
cubic-dev-ai[bot]
cubic-dev-ai bot reviewed Aug 21, 2025
View reviewed changes
Copy link
Contributor

@cubic-dev-ai cubic-dev-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

2 issues found across 5 files

React with 👍 or 👎 to teach cubic. You can also tag @cubic-dev-ai to give feedback, ask questions, or re-run the review.

@gabrielmfern gabrielmfern merged commit 546af97 into canary Aug 22, 2025
10 checks passed
@gabrielmfern gabrielmfern deleted the chore/improve-workflows branch August 22, 2025 12:57
gabrielmfern added a commit that referenced this pull request Sep 15, 2025
@gabrielmfern
chore: improved workflows (#584)
ab66751
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cubic-dev-ai cubic-dev-ai[bot] cubic-dev-ai[bot] left review comments

@isabellaaquino isabellaaquino isabellaaquino approved these changes

Assignees

@gabrielmfern gabrielmfern

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@gabrielmfern @isabellaaquino