Merge remote-tracking branch 'origin/master' into alexjsully-250708-citationcff

AlexJSully · AlexJSully · commit d7d5d2aff541 · 2025-07-08T21:49:15.000-04:00
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
diff --git a/.github/workflows/code-qa.yml b/.github/workflows/code-qa.yml
@@ -15,15 +15,26 @@ jobs:
 
         strategy:
             matrix:
-                node-version: [15.x]
+                node-version: [22.x]
                 # See supported Node.js release schedule at https://nodejs.org/en/about/releases/
 
         steps:
-            - uses: actions/checkout@v2
+            - name: Checkout repository
+              uses: actions/checkout@v4
             - name: Use Node.js ${{ matrix.node-version }}
-              uses: actions/setup-node@v1
+              uses: actions/setup-node@v4
               with:
                   node-version: ${{ matrix.node-version }}
-            - run: npm ci
-            # - run: npm run build --if-present
-            - run: npm test --if-present
+            - name: Cache Node.js modules
+              uses: actions/cache@v4
+              with:
+                  path: ~/.npm
+                  key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
+                  restore-keys: |
+                      ${{ runner.os }}-node-
+            - name: Check installs
+              run: npm ci
+            - name: Quality check - prettier
+              run: npm run prettier:check
+            - name: Quality check - eslint
+              run: npm run eslint:check
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -33,11 +33,11 @@ jobs:
 
         steps:
             - name: Checkout repository
-              uses: actions/checkout@v2
+              uses: actions/checkout@v4
 
             # Initializes the CodeQL tools for scanning.
             - name: Initialize CodeQL
-              uses: github/codeql-action/init@v2
+              uses: github/codeql-action/init@v3
               with:
                   languages: ${{ matrix.language }}
                   # If you wish to specify custom queries, you can do so here or in a config file.
@@ -48,7 +48,7 @@ jobs:
             # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
             # If this step fails, then you should remove it and run the build manually (see below)
             - name: Autobuild
-              uses: github/codeql-action/autobuild@v2
+              uses: github/codeql-action/autobuild@v3
 
             # ℹ️ Command-line programs to run using the OS shell.
             # 📚 https://git.io/JvXDl
@@ -62,4 +62,4 @@ jobs:
             #   make release
 
             - name: Perform CodeQL Analysis
-              uses: github/codeql-action/analyze@v2
+              uses: github/codeql-action/analyze@v3
diff --git a/.github/workflows/ossar.yml b/.github/workflows/ossar.yml
@@ -25,7 +25,7 @@ jobs:
 
         steps:
             - name: Checkout repository
-              uses: actions/checkout@v3
+              uses: actions/checkout@v4
 
             # Ensure a compatible version of dotnet is installed.
             # The [Microsoft Security Code Analysis CLI](https://aka.ms/mscadocs) is built with dotnet v3.1.201.
@@ -43,6 +43,6 @@ jobs:
 
               # Upload results to the Security tab
             - name: Upload OSSAR results
-              uses: github/codeql-action/upload-sarif@v2
+              uses: github/codeql-action/upload-sarif@v3
               with:
                   sarif_file: ${{ steps.ossar.outputs.sarifFile }}
