diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index a122846990f36..5610dc28d52ae 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -31,7 +31,6 @@ apps/site/redirects.json @nodejs/web-infra # Critical Documents LICENSE @nodejs/tsc -GOVERNANCE.md @nodejs/tsc CONTRIBUTING.md @nodejs/nodejs-website @nodejs/web-infra docs @nodejs/nodejs-website @nodejs/web-infra diff --git a/.github/scripts/report-inactive-collaborators.mjs b/.github/scripts/report-inactive-collaborators.mjs deleted file mode 100644 index a1b306dba9786..0000000000000 --- a/.github/scripts/report-inactive-collaborators.mjs +++ /dev/null @@ -1,131 +0,0 @@ -import { readFile } from 'node:fs/promises'; - -const CONFIG = { - GOVERNANCE_FILE: 'GOVERNANCE.md', - CURRENT_MEMBERS_HEADER: '#### Current Members', - INACTIVE_MONTHS: 12, - ISSUE_TITLE: 'Inactive Collaborator Report', - ISSUE_LABELS: ['meta', 'inactive-collaborator-report'], -}; - -// Get date N months ago in YYYY-MM-DD format -const getDateMonthsAgo = (months = CONFIG.INACTIVE_MONTHS) => { - const date = new Date(); - date.setMonth(date.getMonth() - months); - return date.toISOString().split('T')[0]; -}; - -// Check if there's already an open issue -async function hasOpenIssue(github, context) { - const { owner, repo } = context.repo; - const { data: issues } = await github.rest.issues.listForRepo({ - owner, - repo, - state: 'open', - labels: CONFIG.ISSUE_LABELS[1], - per_page: 1, - }); - - return issues.length > 0; -} - -// Parse collaborator usernames from governance file -async function parseCollaborators() { - const content = await readFile(CONFIG.GOVERNANCE_FILE, 'utf8'); - const lines = content.split('\n'); - const collaborators = []; - - const startIndex = - lines.findIndex(l => l.startsWith(CONFIG.CURRENT_MEMBERS_HEADER)) + 1; - if (startIndex <= 0) return collaborators; - - for (let i = startIndex; i < lines.length; i++) { - const line = lines[i]; - if (line.startsWith('#')) break; - - const match = line.match(/^\s*-\s*\[([^\]]+)\]/); - if (match) collaborators.push(match[1]); - } - - return collaborators; -} - -// Check if users have been active since cutoff date -async function getInactiveUsers(github, usernames, repo, cutoffDate) { - const inactiveUsers = []; - - for (const username of usernames) { - // Check commits - const { data: commits } = await github.rest.search.commits({ - q: `author:${username} repo:${repo} committer-date:>=${cutoffDate}`, - per_page: 1, - }); - - // Check issues and PRs - const { data: issues } = await github.rest.search.issuesAndPullRequests({ - q: `involves:${username} repo:${repo} updated:>=${cutoffDate}`, - per_page: 1, - }); - - // User is inactive if they have no commits AND no issues/PRs - if (commits.total_count === 0 && issues.total_count === 0) { - inactiveUsers.push(username); - } - } - - return inactiveUsers; -} - -// Generate report for inactive members -function formatReport(inactiveMembers, cutoffDate) { - if (!inactiveMembers.length) return null; - - const today = getDateMonthsAgo(0); - return `# Inactive Collaborators Report - -Last updated: ${today} -Checking for inactivity since: ${cutoffDate} - -## Inactive Collaborators (${inactiveMembers.length}) - -| Login | -| ----- | -${inactiveMembers.map(m => `| @${m} |`).join('\n')} - -## What happens next? - -@nodejs/nodejs-website should review this list and contact inactive collaborators to confirm their continued interest in participating in the project.`; -} - -async function createIssue(github, context, report) { - if (!report) return; - - const { owner, repo } = context.repo; - await github.rest.issues.create({ - owner, - repo, - title: CONFIG.ISSUE_TITLE, - body: report, - labels: CONFIG.ISSUE_LABELS, - }); -} - -export default async function (github, context) { - // Check for existing open issue first - exit early if one exists - if (await hasOpenIssue(github, context)) { - return; - } - - const cutoffDate = getDateMonthsAgo(); - const collaborators = await parseCollaborators(); - - const inactiveMembers = await getInactiveUsers( - github, - collaborators, - `${context.repo.owner}/${context.repo.repo}`, - cutoffDate - ); - const report = formatReport(inactiveMembers, cutoffDate); - - await createIssue(github, context, report); -} diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index f74fef5121b64..c7ddd7df387f9 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -47,10 +47,12 @@ jobs: os: [ubuntu-latest, windows-latest] steps: - - name: Harden Runner - uses: step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49 # v2.12.2 + - uses: nodejs/web-team/actions/setup-environment@4fe2167f55e4aa670f7f97da16490945bb061d51 with: - egress-policy: audit + pnpm: true + use-version-file: true + # We only want to install required production packages + install-flags: --prod - name: Use GNU tar instead BSD tar # This ensures that we use GNU `tar` which is more efficient for extracting caches's @@ -58,38 +60,12 @@ jobs: shell: cmd run: echo C:\Program Files\Git\usr\bin>>"%GITHUB_PATH%" - - name: Git Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - # Provides the Pull Request commit SHA or the GitHub merge group ref - ref: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.sha || github.ref }} - # We only need to fetch the last commit from the head_ref - # since we're not using the `--filter` operation from turborepo - # We don't use the `--filter` as we always want to force builds regardless of having changes or not - # this ensures that our bundle analysis script always runs and that we always ensure next.js is building - # regardless of having code changes or not - fetch-depth: 1 - - uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3 with: path: ${{ github.workspace }}/apps/site/.next/cache key: ${{ runner.os }}-nextjs-${{ hashFiles('**/pnpm-lock.yaml') }}-${{ hashFiles('**/*.js', '**/*.jsx', '**/*.ts', '**/*.tsx') }} restore-keys: ${{ runner.os }}-nextjs-${{ hashFiles('**/pnpm-lock.yaml') }}- - - name: Set up pnpm - uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # v4.1.0 - - - name: Set up Node.js - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 - with: - # We want to ensure that the Node.js version running here respects our supported versions - node-version-file: '.nvmrc' - cache: 'pnpm' - - - name: Install packages - # We only want to install required production packages - run: pnpm install --prod --frozen-lockfile - - name: Build Next.js (ISR) # We want a ISR build on CI to ensure that regular Next.js builds work as expected. run: node_modules/.bin/turbo build ${{ env.TURBO_ARGS }} diff --git a/.github/workflows/chromatic.yml b/.github/workflows/chromatic.yml index 650347e38eae6..a845bcbb3192b 100644 --- a/.github/workflows/chromatic.yml +++ b/.github/workflows/chromatic.yml @@ -53,32 +53,10 @@ jobs: url: ${{ steps.chromatic-deploy.outputs.storybookUrl }} steps: - - name: Harden Runner - uses: step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49 # v2.12.2 + - uses: nodejs/web-team/actions/setup-environment@4fe2167f55e4aa670f7f97da16490945bb061d51 with: - egress-policy: audit - - - name: Git Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - # Provides the Pull Request commit SHA or the GitHub merge group ref - ref: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.sha || github.ref }} - # The Chromatic (@chromaui/action) Action requires a full history of the current branch in order to be able to compare - # previous changes and previous commits and determine which Storybooks should be tested against and what should be built - fetch-depth: 0 - - - name: Set up pnpm - uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # v4.1.0 - - - name: Set up Node.js - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 - with: - # We want to ensure that the Node.js version running here respects our supported versions - node-version-file: '.nvmrc' - cache: 'pnpm' - - - name: Install packages - run: pnpm install --frozen-lockfile + pnpm: true + use-version-file: true - name: Start Visual Regression Tests (Chromatic) # This assigns the Environment Deployment for Storybook diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 9ab0bc255a919..a7af27aa9c69f 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -1,21 +1,9 @@ -# For most projects, this workflow file will not need changing; you simply need -# to commit it to your repository. -# -# You may wish to alter this file to override the set of languages analyzed, -# or to provide custom queries or build logic. -# -# ******** NOTE ******** -# We have attempted to detect the languages in your repository. Please check -# the `language` matrix defined below to confirm you have the correct set of -# supported CodeQL languages. -# name: 'CodeQL' on: push: branches: ['main'] pull_request: - # The branches below must be a subset of the branches above branches: ['main'] schedule: - cron: '0 0 * * 1' @@ -25,54 +13,4 @@ permissions: jobs: analyze: - name: Analyze - runs-on: ubuntu-latest - permissions: - actions: read - contents: read - security-events: write - - strategy: - fail-fast: false - matrix: - language: ['javascript', 'typescript'] - # CodeQL supports [ $supported-codeql-languages ] - # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support - - steps: - - name: Harden Runner - uses: step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49 # v2.12.2 - with: - egress-policy: audit - - - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - - # Initializes the CodeQL tools for scanning. - - name: Initialize CodeQL - uses: github/codeql-action/init@181d5eefc20863364f96762470ba6f862bdef56b # v3.29.2 - with: - languages: ${{ matrix.language }} - # If you wish to specify custom queries, you can do so here or in a config file. - # By default, queries listed here will override any specified in a config file. - # Prefix the list here with "+" to use these queries and those in the config file. - - # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). - # If this step fails, then you should remove it and run the build manually (see below) - - name: Autobuild - uses: github/codeql-action/autobuild@181d5eefc20863364f96762470ba6f862bdef56b # v3.29.2 - - # ℹ️ Command-line programs to run using the OS shell. - # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun - - # If the Autobuild fails above, remove it and uncomment the following three lines. - # modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance. - - # - run: | - # echo "Run, Build Application using script" - # ./location_of_script_within_repo/buildscript.sh - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@181d5eefc20863364f96762470ba6f862bdef56b # v3.29.2 - with: - category: '/language:${{matrix.language}}' + uses: nodejs/web-team/.github/workflows/codeql.yml diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 73c0dafc8a9c8..76bb6c7ddf064 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -1,11 +1,3 @@ -# Dependency Review Action -# -# This Action will scan dependency manifest files that change as part of a Pull Request, -# surfacing known-vulnerable versions of the packages declared or updated in the PR. -# Once installed, if the workflow run is marked as required, -# PRs introducing known-vulnerable packages will be blocked from merging. -# -# Source repository: https://github.com/actions/dependency-review-action name: Review Dependencies on: @@ -23,15 +15,4 @@ permissions: jobs: dependency-review: - runs-on: ubuntu-latest - steps: - - name: Harden Runner - uses: step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49 # v2.12.2 - with: - egress-policy: audit - - - name: Git Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - - - name: Review Dependencies - uses: actions/dependency-review-action@da24556b548a50705dd671f47852072ea4c105d9 # v4.7.1 + uses: nodejs/web-team/.github/workflows/dependency-review.yml diff --git a/.github/workflows/find-inactive-collaborators.yml b/.github/workflows/find-inactive-collaborators.yml deleted file mode 100644 index e09d4965dee62..0000000000000 --- a/.github/workflows/find-inactive-collaborators.yml +++ /dev/null @@ -1,32 +0,0 @@ -name: Find inactive collaborators - -on: - schedule: - - cron: '0 0 1 * *' # Runs at 00:00 UTC on the 1st day of every month - - workflow_dispatch: - -permissions: - contents: read - issues: write - -jobs: - find: - if: github.repository == 'nodejs/nodejs.org' - runs-on: ubuntu-latest - - steps: - - name: Harden Runner - uses: step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49 # v2.12.2 - with: - egress-policy: audit - - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - - - name: Report inactive collaborators - id: inactive - uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 - with: - script: | - const { default: report } = await import("${{github.workspace}}/.github/scripts/report-inactive-collaborators.mjs"); - report(github, context); diff --git a/.github/workflows/lint-and-tests.yml b/.github/workflows/lint-and-tests.yml index 2ec9e94dcf49d..ad419295ea747 100644 --- a/.github/workflows/lint-and-tests.yml +++ b/.github/workflows/lint-and-tests.yml @@ -42,13 +42,10 @@ jobs: runs-on: ubuntu-latest steps: - - name: Harden Runner - uses: step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49 # v2.12.2 + - uses: nodejs/web-team/actions/setup-environment@4fe2167f55e4aa670f7f97da16490945bb061d51 with: - egress-policy: audit - - - name: Git Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + pnpm: true + use-version-file: true - name: Restore Lint Cache uses: actions/cache/restore@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3 @@ -68,19 +65,6 @@ jobs: cache-lint-${{ hashFiles('pnpm-lock.yaml') }}- cache-lint- - - name: Set up pnpm - uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # v4.1.0 - - - name: Set up Node.js - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 - with: - # We want to ensure that the Node.js version running here respects our supported versions - node-version-file: '.nvmrc' - cache: 'pnpm' - - - name: Install packages - run: pnpm install --frozen-lockfile - - name: Run quality checks with `turbo` # We run the ESLint and Prettier commands on all Workflow triggers of the `Lint` job, besides if # the Pull Request comes from a Crowdin Branch, as we don't want to run ESLint and Prettier on Crowdin PRs diff --git a/.github/workflows/notify-on-push.yml b/.github/workflows/notify-on-push.yml index 9fd8ad4647cfa..98befe3b2bb47 100644 --- a/.github/workflows/notify-on-push.yml +++ b/.github/workflows/notify-on-push.yml @@ -11,20 +11,10 @@ jobs: notify_on_push: name: Notify on any direct push to `main` if: > - github.repository == 'nodejs/nodejs.org' && + github.repository == 'nodejs/nodejs.org' && github.actor != 'github-merge-queue[bot]' runs-on: ubuntu-latest steps: - - name: Slack Notification - uses: rtCamp/action-slack-notify@e31e87e03dd19038e411e38ae27cbad084a90661 # 2.3.3 - env: - SLACK_COLOR: '#DE512A' - SLACK_ICON: https://github.com/nodejs.png?size=48 - SLACK_TITLE: ${{ github.actor }} directly pushed to ${{ github.ref }} - SLACK_MESSAGE: | - A commit was directly pushed to by - - Before: - After: - SLACK_USERNAME: nodejs-bot - SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} + - uses: nodejs/web-team/actions/notify-on-push@4fe2167f55e4aa670f7f97da16490945bb061d51 + with: + webhook: ${{ secrets.SLACK_WEBHOOK }} diff --git a/.github/workflows/playwright-cloudflare-open-next.yml b/.github/workflows/playwright-cloudflare-open-next.yml index 6cffd5c93868c..0bdbff2320c12 100644 --- a/.github/workflows/playwright-cloudflare-open-next.yml +++ b/.github/workflows/playwright-cloudflare-open-next.yml @@ -28,28 +28,11 @@ jobs: runs-on: ubuntu-latest steps: - - name: Harden Runner - uses: step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49 # v2.12.2 - with: - egress-policy: audit - - - name: Git Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: nodejs/web-team/actions/setup-environment@4fe2167f55e4aa670f7f97da16490945bb061d51 with: + pnpm: true fetch-depth: 2 - - - name: Set up pnpm - uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # v4.1.0 - - - name: Set up Node.js - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 - with: - # We want to ensure that the Node.js version running here respects our supported versions - node-version-file: '.nvmrc' - cache: 'pnpm' - - - name: Install packages - run: pnpm install --frozen-lockfile + use-version-file: true - name: Get Playwright version id: playwright-version diff --git a/.github/workflows/playwright.yml b/.github/workflows/playwright.yml index ee81a6b64de1f..e868d9b4c7d15 100644 --- a/.github/workflows/playwright.yml +++ b/.github/workflows/playwright.yml @@ -54,28 +54,11 @@ jobs: runs-on: ubuntu-latest steps: - - name: Harden Runner - uses: step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49 # v2.12.2 - with: - egress-policy: audit - - - name: Git Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: nodejs/web-team/actions/setup-environment@4fe2167f55e4aa670f7f97da16490945bb061d51 with: + pnpm: true fetch-depth: 2 - - - name: Set up pnpm - uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # v4.1.0 - - - name: Set up Node.js - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 - with: - # We want to ensure that the Node.js version running here respects our supported versions - node-version-file: '.nvmrc' - cache: 'pnpm' - - - name: Install packages - run: pnpm install --frozen-lockfile + use-version-file: true - name: Get Playwright version id: playwright-version diff --git a/.github/workflows/publish-packages.yml b/.github/workflows/publish-packages.yml index 5149194a5108d..5ab7a28192568 100644 --- a/.github/workflows/publish-packages.yml +++ b/.github/workflows/publish-packages.yml @@ -95,22 +95,10 @@ jobs: matrix: ${{ fromJson(needs.prepare-packages.outputs.matrix) }} fail-fast: false # Continue publishing other packages even if one fails steps: - - name: Harden Runner - uses: step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49 # v2.12.2 - with: - egress-policy: audit - - - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - - - name: Set up pnpm - uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # v4.1.0 - - - name: Setup Node.js - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 + - uses: nodejs/web-team/actions/setup-environment@4fe2167f55e4aa670f7f97da16490945bb061d51 with: - # Don't use caching here as we never install dependencies in this workflow - node-version-file: '.nvmrc' + pnpm: true + use-version-file: true registry-url: 'https://registry.npmjs.org' - name: Publish @@ -118,8 +106,6 @@ jobs: env: NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} run: | - # Install deps - pnpm install --frozen-lockfile # Create a unique version using the commit SHA as a prerelease identifier npm version --no-git-tag-version 1.0.1-$COMMIT_SHA diff --git a/.github/workflows/pull-request-label.yml b/.github/workflows/pull-request-label.yml index ce82d583898be..b9b4e5744a5a9 100644 --- a/.github/workflows/pull-request-label.yml +++ b/.github/workflows/pull-request-label.yml @@ -1,41 +1,26 @@ -# Security Notes -# Only selected Actions are allowed within this repository. Please refer to (https://github.com/nodejs/nodejs.org/settings/actions) -# for the full list of available actions. If you want to add a new one, please reach out a maintainer with Admin permissions. -# REVIEWERS, please always double-check security practices before merging a PR that contains Workflow changes!! -# AUTHORS, please only use actions with explicit SHA references, and avoid using `@master` or `@main` references or `@version` tags. - -name: Pull Request CI Label - +name: OpenSSF Scorecard Review on: - pull_request_target: + # For Branch-Protection check. Only the default branch is supported. See + # https://github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection + branch_protection_rule: + # To guarantee that the Maintained check is occasionally updated. See + # https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained + schedule: + - cron: '20 7 * * 2' + push: branches: - main - types: - - labeled -defaults: - run: - # This ensures that the working directory is the root of the repository - working-directory: ./ - -permissions: - # This permission is required by `actions-ecosystem/action-remove-label` - pull-requests: write +# Declare default permissions as read only. +permissions: read-all jobs: - # This Job removes the `github_actions:pull-request` label after it got applied - # which allows people with write access to the repository to easily reapply the label if they need to trigger - # this Workflow again - remove_pull_request_label: - name: Remove Pull Request Label - runs-on: ubuntu-latest - steps: - - name: Harden Runner - uses: step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49 # v2.12.2 - with: - egress-policy: audit - - - name: Remove GitHub Actions Label - uses: actions-ecosystem/action-remove-labels@2ce5d41b4b6aa8503e285553f75ed56e0a40bae0 # v1.3.0 - with: - labels: github_actions:pull-request + analysis: + permissions: + # Needed to upload the results to code-scanning dashboard. + security-events: write + # Needed to publish results and get a badge (see publish_results below). + id-token: write + contents: read + actions: read + uses: nodejs/web-team/.github/workflows/scorecard.yml diff --git a/.github/workflows/translations-sync.yml b/.github/workflows/translations-sync.yml index 250e9e25f975f..99fcee6ed01f5 100644 --- a/.github/workflows/translations-sync.yml +++ b/.github/workflows/translations-sync.yml @@ -65,14 +65,10 @@ jobs: contents: write steps: - - name: Harden Runner - uses: step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49 # v2.12.2 - with: - egress-policy: audit - - - name: Git Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: nodejs/web-team/actions/setup-environment@4fe2167f55e4aa670f7f97da16490945bb061d51 with: + pnpm: true + use-version-file: true ref: ${{ env.BRANCH_NAME }} token: ${{ secrets.CROWDIN_GITHUB_BOT_TOKEN }} @@ -92,19 +88,6 @@ jobs: cache-lint-${{ hashFiles('pnpm-lock.yaml') }}- cache-lint- - - name: Set up pnpm - uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # v4.1.0 - - - name: Set up Node.js - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 - with: - # We want to ensure that the Node.js version running here respects our supported versions - node-version-file: '.nvmrc' - cache: 'pnpm' - - - name: Install packages - run: pnpm install --frozen-lockfile - - name: Run ESLint working-directory: apps/site run: node --run lint:md -- --fix diff --git a/GOVERNANCE.md b/GOVERNANCE.md deleted file mode 100644 index 555217dc82a23..0000000000000 --- a/GOVERNANCE.md +++ /dev/null @@ -1,90 +0,0 @@ -# Node.js Web Team Governance - -The Node.js Web Team (@nodejs/web) is a team in the Node.js Project that is composed by a set of subteams. Each containing specific responsibilities and goals. - -### TSC Oversight - -Any website change that expresses a position about a global event or group of people requires explicit -[TSC](https://github.com/nodejs/TSC/blob/main/TSC-Charter.md#section-4-responsibilities-of-the-tsc) -approval. This can be obtained by pinging `@nodejs/tsc` and receive no objections after seven days, -or by sending an email to `tsc@iojs.org` and receive at least one approval and no objections after seven days. - -### Node.js Website Team (`@nodejs/nodejs-website`) - -The Node.js Website Team is responsible for the day-to-day technical development of the Node.js Website. This is primarily the development of the website itself, adding new features, pages and components, but also fixing any security issues in the website code, handling operational maintenance, and so on. - -The maintainers on the Node.js Website Team are responsible for steering the technical direction of the Node.js Website, and reserve the right to make final decisions on any issues or pull requests, in line with the Contribution Guidelines, Collaborator Guidelines, the Code of Conduct and the overall Governance premises of the Node.js project. - -Members of this team are nominated through the guidelines provided in the [Contributing Guidelines](https://github.com/nodejs/nodejs.org/blob/main/CONTRIBUTING.md#becoming-a-collaborator) within this repository. After a passed nomination, members should submit a PR to add themselves to the list of current members, shown below. - -#### Current Members - -- [araujogui](https://github.com/araujogui) - **Guilherme Araújo** (he/him) - -- [AugustinMauroy](https://github.com/AugustinMauroy) - **Augustin Mauroy** (he/him) - -- [avivkeller](https://github.com/avivkeller) - **Aviv Keller** (he/him) - -- [aymen94](https://github.com/aymen94) - **Aymen Naghmouchi** - -- [benhalverson](https://github.com/benhalverson) - **Ben Halverson** (he/him) - -- [bjohansebas](https://github.com/bjohansebas) - **Sebastian Beltran** - -- [bmuenzenmeyer](https://github.com/bmuenzenmeyer) - **Brian Muenzenmeyer** (he/him) - -- [bnb](https://github.com/bnb) - **Tierney Cyren** (they/them) - -- [canerakdas](https://github.com/canerakdas) - **Caner Akdas** - -- [dario-piotrowicz](https://github.com/dario-piotrowicz) - **Dario Piotrowicz** - -- [Harkunwar](https://github.com/Harkunwar) - **Harkunwar Kochar** (he/him) - -- [HinataKah0](https://github.com/HinataKah0) - **HinataKah0** (he/him) - -- [manishprivet](https://github.com/manishprivet) - **Manish Kumar** (he/him) - -- [mikeesto](https://github.com/mikeesto) - **Michael Esteban** (he/him) - -- [ovflowd](https://github.com/ovflowd) - **Claudio Wunder** (they/them) - -- [SEWeiTung](https://github.com/SEWeiTung) - **Wei Tung** - -- [shanpriyan](https://github.com/shanpriyan) - **Shanmughapriyan S** - -### Node.js Web Infra Team (`@nodejs/web-infra`) - -The Node.js Web Infra Team is responsible for maintaining the Infrastructure relating to Node.js's Web Presence. The Node.js Web Infra team has the responsibilities of: - -- Maintaining CI/CD pipelines related to Web Infrastructure -- Maintaining our Infrastructure Providers\* -- Have technical ownership on best-standards and best-practices for our Web Infrastructure (such as Web Frameworks that we use) - -Web Infra Team members should have access to be able to maintain the services mentioned above. - -Members of this team are nominated either by the Node.js Technical Steering Committee (TSC) or the Node.js Build WG and follow the guidelines provided in the Collaborator Guidelines of the Node.js Build WG. Note that members of the Node.js Web Team might also recommend people for nomination. - -\* This team has access to infrastructure providers directly related to the Website only, such as Vercel. Other providers that are shared beyond the Website may be controlled by other teams (for example, the Node.js Build WG owns Cloudflare). - -### Node.js Web Standards Team (`@nodejs/web-standards`) - -The Node.js Web Standards Team is composed of Node.js Collaborators and External Collaborators that have extensive experience or expertisè on Web Standards, such as Ecma262. The Standards Team is responsible for guiding and serving as points of contact when either Node.js Collaborators, the Node.js Technical Steering Committee (TSC), or the Web Team, requires assistance or guidance regarding Web Standards. - -Members of this team are nominated by the Node.js Technical Steering Committee (TSC). Note that members of the Node.js Web Team might also recommend people for nomination. - -### Node.js UX & Design Team (`@nodejs/ux-and-design`) - -The Node.js UX & Design Team is composed of Node.js Collaborators and External Collaborators that have experience or expertisè with UX & Design. The UX & Design Team is responsible for guiding and serving as points of contact when members of the Node.js Web Team require assistance or guidance regarding UX & Design. - -Often members of this team will collaborate on providing best practices and guidelines for the Node.js Website, on matters of UX & Design. Members of this team are also responsible for providing feedback on the Node.js Website, and providing feedback on the Node.js Website's design. (For example, when a discussion arises regarding best practices on topics such as CSS, accessibility, UX flows and intent, or component design, the UX & Design Team has a say on the matter). - -Members of this team are nominated by the Node.js Technical Steering Committee (TSC). Note that members of the Node.js Web Team might also recommend people for nomination. - -## The Interoperability of the Node.js Web Team - -As seen above, the different teams under the Node.js Web Team umbrella are responsible for having the oversight on different aspects of Node.js's Web-related projects. However, it is important to note that the Node.js Web Team is not a set of siloed teams, but rather a set of teams that work together to achieve the same goal: Providing the best Web Experience for Node.js. - -Following this line of thought, the Web Infra Team is responsible for the technical aspects of the Node.js Website (Infrastructure, Framework, CI/CD, etc); The Website Team is responsible for the day-to-day development of the Node.js Website; The UX and Design Team advise on Design Matters and the Web Standards Team advise on best-practices for Web APIs and Web Technologies/Standards. - -But above all, the Web Team should work together to better the Web Experience for Node.js, aiming to provide the best experience for Node.js users. diff --git a/README.md b/README.md index aa076088a5427..442bfb1c0e309 100644 --- a/README.md +++ b/README.md @@ -90,6 +90,8 @@ These are maintained in different repositories and we urge users to open **issue [Code of Conduct][] +[Governance Document][] + [Contribution Guidelines][] [Collaborator Guide][] @@ -123,3 +125,4 @@ These are maintained in different repositories and we urge users to open **issue [collaborator guide]: https://github.com/nodejs/nodejs.org/blob/main/docs/collaborator-guide.md [figma design]: https://www.figma.com/file/a10cjjw3MzvRQMPT9FP3xz [translation guidelines]: https://github.com/nodejs/nodejs.org/blob/main/docs/translation.md +[governance document]: https://github.com/nodejs/web-team/blob/main/GOVERNANCE.md