chore: release package via ci #2982
Conversation
|
Warning Rate limit exceeded@github-actions[bot] has exceeded the limit for the number of commits or files that can be reviewed per hour. Please wait 15 minutes and 23 seconds before requesting another review. ⌛ How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. Please see our FAQ for further information. 📒 Files selected for processing (2)
Walkthrough该PR新增了两个GitHub Actions工作流,用于自动化发布流程,并修改了构建脚本以统一和定制分发目录。同时,更新了.gitignore文件以忽略发布目录,修改了package.json中部分发布前后脚本,并删除了预发布与后发布的辅助脚本,从而简化了包的发布和构建流程。 Changes
Sequence Diagram(s)sequenceDiagram
participant Dev as 开发者
participant GitHub as GitHub系统
participant Runner as CI Runner
participant Repo as 代码仓库
Dev->>GitHub: 推送/更新特定分支或PR
GitHub->>Runner: 触发release工作流
Runner->>Repo: 检出代码 (actions/checkout)
Runner->>Runner: 安装pnpm与设置Node环境
Runner->>Repo: 安装依赖并执行构建 (pnpm build, build:taro)
Runner->>Repo: 执行npm publish --dry-run (nutui-react & nutui-react-taro)
Runner->>GitHub: 汇报工作流执行结果
Possibly related PRs
Suggested reviewers
Poem
Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media? 🪧 TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (Invoked using PR comments)
Other keywords and placeholders
CodeRabbit Configuration File (
|
github-actions
bot
added
action:review
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## feat_v3.x #2982 +/- ##
=============================================
+ Coverage 85.74% 85.75% +0.01%
=============================================
Files 277 277
Lines 18105 18110 +5
Branches 2745 2735 -10
=============================================
+ Hits 15524 15531 +7
+ Misses 2576 2574 -2
Partials 5 5 ☔ View full report in Codecov by Sentry. |
github-actions
bot
added
action:review
github-actions
bot
added
action:review
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 6
🧹 Nitpick comments (4)
scripts/build-comments-to-dts.mjs (2)
13-13: 建议将dist常量移至共享配置文件考虑将
dist常量移至一个共享的配置文件中,以便在所有构建脚本之间共享和维护。这样可以避免重复定义和潜在的不一致性。
139-149: 建议增强getDtsPath函数的健壮性函数可以增加以下改进:
- 添加参数类型注解
- 添加参数验证
- 使用
path.normalize处理路径建议按如下方式重构:
-function getDtsPath(key, outDir) { +function getDtsPath(key: string, outDir: string): string { + if (!key || !outDir) { + throw new Error('key and outDir are required') + } // Tabs.Tabpane -> tabpane let name if (key === 'Tabs.Tabpane') { name = 'tabpane' } else { name = key.toLowerCase().replace('.', '') } - const file = path.join(__dirname, `../${outDir}/es/packages`, name, name + '.d.ts') + const file = path.normalize(path.join(__dirname, `../${outDir}/es/packages`, name, name + '.d.ts')) return file }scripts/build.mjs (1)
352-372: 优化generateReleasePackageJson函数的性能使用
delete操作符可能会影响性能。建议使用对象解构或创建新对象的方式来排除不需要的依赖。建议按如下方式重构:
function generateReleasePackageJson() { - delete packageJson.dependencies['@nutui/icons-react-taro'] + const { '@nutui/icons-react-taro': _, ...dependencies } = packageJson.dependencies return JSON.stringify({ name: '@nutui/nutui-react', version: packageJson.version, style: packageJson.style, main: packageJson.main, module: packageJson.module, typings: packageJson.typings, sideEffects: packageJson.sideEffects, description: packageJson.description, keywords: packageJson.keywords, author: packageJson.author, license: packageJson.license, repository: packageJson.repository, files: packageJson.files, publishConfig: packageJson.publishConfig, - dependencies: packageJson.dependencies, + dependencies, peerDependencies: packageJson.peerDependencies, }) }🧰 Tools
🪛 Biome (1.9.4)
[error] 353-355: Avoid the delete operator which can impact performance.
Unsafe fix: Use an undefined assignment instead.
(lint/performance/noDelete)
scripts/build-taro.mjs (1)
412-432: 优化generateReleasePackageJson函数的性能使用
delete操作符可能会影响性能。建议使用对象解构或创建新对象的方式来排除不需要的依赖。建议按如下方式重构:
function generateReleasePackageJson() { - delete packageJson.dependencies['@nutui/icons-react'] + const { '@nutui/icons-react': _, ...dependencies } = packageJson.dependencies return JSON.stringify({ name: '@nutui/nutui-react-taro', version: packageJson.version, style: packageJson.style, main: packageJson.main, module: packageJson.module, typings: packageJson.typings, sideEffects: packageJson.sideEffects, description: packageJson.description, keywords: packageJson.keywords, author: packageJson.author, license: packageJson.license, repository: packageJson.repository, files: packageJson.files, publishConfig: packageJson.publishConfig, - dependencies: packageJson.dependencies, + dependencies, peerDependencies: packageJson.peerDependencies, }) }🧰 Tools
🪛 Biome (1.9.4)
[error] 416-418: Avoid the delete operator which can impact performance.
Unsafe fix: Use an undefined assignment instead.
(lint/performance/noDelete)
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (8)
.github/workflows/release.yml(1 hunks).gitignore(1 hunks)package.json(0 hunks)scripts/build-comments-to-dts.mjs(3 hunks)scripts/build-taro.mjs(18 hunks)scripts/build.mjs(17 hunks)scripts/postpublish.js(0 hunks)scripts/prepublish.js(0 hunks)
💤 Files with no reviewable changes (3)
- scripts/postpublish.js
- scripts/prepublish.js
- package.json
✅ Files skipped from review due to trivial changes (1)
- .gitignore
🧰 Additional context used
🪛 Biome (1.9.4)
scripts/build.mjs
[error] 353-355: Avoid the delete operator which can impact performance.
Unsafe fix: Use an undefined assignment instead.
(lint/performance/noDelete)
scripts/build-taro.mjs
[error] 416-418: Avoid the delete operator which can impact performance.
Unsafe fix: Use an undefined assignment instead.
(lint/performance/noDelete)
🪛 actionlint (1.7.4)
.github/workflows/release.yml
3-3: could not parse as YAML: yaml: line 3: mapping values are not allowed in this context
(syntax-check)
🪛 YAMLlint (1.35.1)
.github/workflows/release.yml
[error] 3-3: syntax error: mapping values are not allowed here
(syntax)
⏰ Context from checks skipped due to timeout of 90000ms (1)
- GitHub Check: test
github-actions
bot
added
action:review
There was a problem hiding this comment.
Actionable comments posted: 1
🧹 Nitpick comments (1)
.github/workflows/release.yml (1)
34-38: 建议添加发布前验证步骤在执行发布操作之前,建议添加版本号验证和包内容检查步骤,以确保发布内容的正确性。
建议在发布步骤之前添加以下验证:
- name: Verify Package Versions run: | echo "Verifying @nutui/nutui-react version..." jq -r .version ./release/h5/package.json echo "Verifying @nutui/nutui-react-taro version..." jq -r .version ./release/taro/package.json - name: Verify Package Contents run: | echo "Checking @nutui/nutui-react contents..." ls -la ./release/h5 echo "Checking @nutui/nutui-react-taro contents..." ls -la ./release/taro
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (1)
.github/workflows/release.yml(1 hunks)
🧰 Additional context used
🪛 actionlint (1.7.4)
.github/workflows/release.yml
6-6: character '.' is invalid for branch and tag names. ref name must not end with / and .. see man git-check-ref-format for more details. note that regular expression is unavailable. note: filter pattern syntax is explained at https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#filter-pattern-cheat-sheet
(glob)
⏰ Context from checks skipped due to timeout of 90000ms (1)
- GitHub Check: test
🔇 Additional comments (3)
.github/workflows/release.yml (3)
20-21: 完善 pnpm 版本指定pnpm 版本号指定不完整,可能导致安装不稳定。
-run: npm install -g pnpm@v9 +run: npm install -g pnpm@9
31-32: 优化构建命令执行顺序当前的构建命令使用
&并行执行,但缺乏错误处理。建议使用&&串行执行以确保第一个命令成功后再执行第二个命令。-run: pnpm build & pnpm build:taro +run: pnpm build && pnpm build:taro
37-38: 优化目录导航路径使用相对路径
../../进行目录导航可能不可靠。建议使用从工作目录开始的路径。-run: cd ../../release/taro && npm publish --dry-run +run: cd ./release/taro && npm publish --dry-run
github-actions
bot
added
action:review
github-actions
bot
added
action:review
There was a problem hiding this comment.
Actionable comments posted: 0
🧹 Nitpick comments (2)
.github/workflows/release.yml (2)
34-38: 建议添加发布前的包内容验证在发布之前,建议添加步骤来验证包的内容,确保所有必要的文件都已正确打包。
- name: Verify Package Contents run: | cd ./release/h5 && npm pack --dry-run cd ../taro && npm pack --dry-run
11-16: 建议增强工作流程的稳健性为了提高发布过程的可靠性,建议:
- 添加 Node.js 版本矩阵测试
- 添加 npm 凭证验证步骤
jobs: release: strategy: matrix: node-version: [18.x, 20.x] steps: # ... existing steps ... - name: Verify NPM Credentials run: npm whoami
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (1)
.github/workflows/release.yml(1 hunks)
🧰 Additional context used
🪛 actionlint (1.7.4)
.github/workflows/release.yml
6-6: character '.' is invalid for branch and tag names. ref name must not end with / and .. see man git-check-ref-format for more details. note that regular expression is unavailable. note: filter pattern syntax is explained at https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#filter-pattern-cheat-sheet
(glob)
⏰ Context from checks skipped due to timeout of 90000ms (2)
- GitHub Check: build
- GitHub Check: test
🔇 Additional comments (4)
.github/workflows/release.yml (4)
4-7: 修复分支名称模式分支名称模式
feat_v3.x.以句点结尾是无效的。这可能会导致工作流触发失败。- - feat_v3.x. + - feat_v3.x🧰 Tools
🪛 actionlint (1.7.4)
6-6: character '.' is invalid for branch and tag names. ref name must not end with / and .. see
man git-check-ref-formatfor more details. note that regular expression is unavailable. note: filter pattern syntax is explained at https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#filter-pattern-cheat-sheet(glob)
20-21: 修复 pnpm 版本指定pnpm 版本号指定不完整,建议指定完整的版本号以确保安装的稳定性。
-run: npm install -g pnpm@v9 +run: npm install -g pnpm@9.x.x
31-32: 改进构建命令的错误处理当前使用
&并行执行构建命令可能会掩盖错误。建议使用&&确保命令按顺序执行且出错时能及时停止。-run: pnpm build & pnpm build:taro +run: pnpm build && pnpm build:taro
37-38: 优化目录导航路径使用
../../这样的相对路径可能导致导航错误。建议使用更可靠的绝对路径。-run: cd ../../release/taro && npm publish --dry-run +run: cd ./release/taro && npm publish --dry-run
github-actions
bot
added
action:review
github-actions
bot
added
action:review
github-actions
bot
added
the
action:review
There was a problem hiding this comment.
Actionable comments posted: 2
♻️ Duplicate comments (2)
.github/workflows/release-beta.yml (2)
47-49: 🛠️ Refactor suggestion使用锁定的依赖版本
在 CI 环境中应该使用锁定的依赖版本,以确保构建的一致性。
- name: Install dependencies if: env.ABORT != 'true' - run: pnpm install --no-frozen-lockfile + run: pnpm install --frozen-lockfile
51-61: 🛠️ Refactor suggestion优化构建和发布步骤
当前实现存在以下问题:
- 构建命令缺少错误处理
- 发布步骤使用了硬编码的标签
- 缺少文件末尾的换行符
- name: Run Build if: env.ABORT != 'true' - run: pnpm build && pnpm build:taro + run: | + if ! pnpm build; then + echo "构建 nutui-react 失败" + exit 1 + fi + if ! pnpm build:taro; then + echo "构建 nutui-react-taro 失败" + exit 1 + fi - name: Run Release @nutui/nutui-react if: env.ABORT != 'true' - run: cd ./release/h5 && npm publish --dry-run --tag beta + run: | + cd ./release/h5 || exit 1 + if ! npm publish --dry-run --tag ${RELEASE_TAG:-beta}; then + echo "发布 @nutui/nutui-react 失败" + exit 1 + fi - name: Run Releases @nutui/nutui-react-taro if: env.ABORT != 'true' - run: cd ./release/taro && npm publish --dry-run --tag beta + run: | + cd ./release/taro || exit 1 + if ! npm publish --dry-run --tag ${RELEASE_TAG:-beta}; then + echo "发布 @nutui/nutui-react-taro 失败" + exit 1 + fi +🧰 Tools
🪛 YAMLlint (1.35.1)
[error] 61-61: no new line character at the end of file
(new-line-at-end-of-file)
🧹 Nitpick comments (1)
.github/workflows/release-beta.yml (1)
3-10: 建议添加手动触发功能工作流程应该支持手动触发,以便于测试和紧急发布。
on: push: branches: - feat_v3.x pull_request: branches: - feat_v3.x + workflow_dispatch: + inputs: + tags: + description: '发布包版本类型' + required: true + default: 'beta' + type: choice + options: + - beta + - alpha + publish: + description: '是否发布' + required: false + type: boolean
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (1)
.github/workflows/release-beta.yml(1 hunks)
🧰 Additional context used
🪛 YAMLlint (1.35.1)
.github/workflows/release-beta.yml
[error] 61-61: no new line character at the end of file
(new-line-at-end-of-file)
⏰ Context from checks skipped due to timeout of 90000ms (1)
- GitHub Check: test
| - name: Get commit message | ||
| run: | | ||
| COMMIT_MESSAGE=$(git log --format=%s -n 1) | ||
| echo "COMMIT_MESSAGE=${COMMIT_MESSAGE}" >> $GITHUB_ENV | ||
| - name: Show commit message | ||
| run: echo "$COMMIT_MESSAGE" | ||
|
|
||
| - name: Commit message compliance verification | ||
| if: startsWith( env.COMMIT_MESSAGE , 'chore(release):' ) != true && contains( env.COMMIT_MESSAGE , '-beta' ) != true | ||
| run: echo "ABORT=true" >> $GITHUB_ENV | ||
|
|
||
| - name: Get Tag message | ||
| if: contains( env.COMMIT_MESSAGE , '-beta') | ||
| run: echo "RELEASE_TAG=beta" >> $GITHUB_ENV | ||
|
|
There was a problem hiding this comment.
改进提交消息处理的安全性和可靠性
当前的提交消息处理存在以下问题:
- 直接在环境变量中使用未经过滤的提交消息可能存在安全风险
- 条件判断可以更简洁和可靠
- name: Get commit message
run: |
- COMMIT_MESSAGE=$(git log --format=%s -n 1)
- echo "COMMIT_MESSAGE=${COMMIT_MESSAGE}" >> $GITHUB_ENV
+ # 使用 shell 参数扩展来过滤特殊字符
+ COMMIT_MESSAGE=$(git log --format=%s -n 1)
+ FILTERED_MESSAGE="${COMMIT_MESSAGE//[^a-zA-Z0-9.()_:, -]/}"
+ echo "COMMIT_MESSAGE=${FILTERED_MESSAGE}" >> $GITHUB_ENV
- name: Show commit message
run: echo "$COMMIT_MESSAGE"
- name: Commit message compliance verification
- if: startsWith( env.COMMIT_MESSAGE , 'chore(release):' ) != true && contains( env.COMMIT_MESSAGE , '-beta' ) != true
+ if: |
+ !startsWith(env.COMMIT_MESSAGE, 'chore(release):') ||
+ !contains(env.COMMIT_MESSAGE, '-beta')
run: echo "ABORT=true" >> $GITHUB_ENV📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| - name: Get commit message | |
| run: | | |
| COMMIT_MESSAGE=$(git log --format=%s -n 1) | |
| echo "COMMIT_MESSAGE=${COMMIT_MESSAGE}" >> $GITHUB_ENV | |
| - name: Show commit message | |
| run: echo "$COMMIT_MESSAGE" | |
| - name: Commit message compliance verification | |
| if: startsWith( env.COMMIT_MESSAGE , 'chore(release):' ) != true && contains( env.COMMIT_MESSAGE , '-beta' ) != true | |
| run: echo "ABORT=true" >> $GITHUB_ENV | |
| - name: Get Tag message | |
| if: contains( env.COMMIT_MESSAGE , '-beta') | |
| run: echo "RELEASE_TAG=beta" >> $GITHUB_ENV | |
| - name: Get commit message | |
| run: | | |
| # 使用 shell 参数扩展来过滤特殊字符 | |
| COMMIT_MESSAGE=$(git log --format=%s -n 1) | |
| FILTERED_MESSAGE="${COMMIT_MESSAGE//[^a-zA-Z0-9.()_:, -]/}" | |
| echo "COMMIT_MESSAGE=${FILTERED_MESSAGE}" >> $GITHUB_ENV | |
| - name: Show commit message | |
| run: echo "$COMMIT_MESSAGE" | |
| - name: Commit message compliance verification | |
| if: | | |
| !startsWith(env.COMMIT_MESSAGE, 'chore(release):') || | |
| !contains(env.COMMIT_MESSAGE, '-beta') | |
| run: echo "ABORT=true" >> $GITHUB_ENV | |
| - name: Get Tag message | |
| if: contains( env.COMMIT_MESSAGE , '-beta') | |
| run: echo "RELEASE_TAG=beta" >> $GITHUB_ENV |
github-actions
bot
added
action:review
|
可参考ai建议修订 |
github-actions
bot
added
action:review
github-actions
bot
added
action:review
There was a problem hiding this comment.
Actionable comments posted: 3
♻️ Duplicate comments (3)
.github/workflows/release.yml (1)
19-19:⚠️ Potential issue完善 pnpm 版本号
当前的 pnpm 版本号不完整,这可能导致安装不稳定。建议指定完整的版本号。
- run: npm install -g pnpm@v9 + run: npm install -g pnpm@9.8.0.github/workflows/release-beta.yml (2)
19-22: 🛠️ Refactor suggestion优化代码检出配置
当前的
ref配置仅在 PR 事件时有效,这可能导致手动触发时失败。- uses: actions/checkout@v4 with: fetch-depth: 0 - ref: ${{ github.event.pull_request.head.sha }} + ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}
52-52: 🛠️ Refactor suggestion建议使用锁定的依赖版本
在 CI 环境中使用
--no-frozen-lockfile可能导致构建不一致。-run: pnpm install --no-frozen-lockfile +run: pnpm install --frozen-lockfile
🧹 Nitpick comments (3)
.github/workflows/release.yml (1)
4-7: 建议优化标签触发模式当前的标签模式
v3.*过于宽泛,可能会意外触发不需要的发布。建议使用更具体的模式来匹配语义化版本。push: tags: - - v3.* + - v3.[0-9]+.[0-9]+.github/workflows/release-beta.yml (2)
24-36: 改进提交消息处理的安全性和可靠性当前的提交消息验证逻辑有以下问题:
- 条件表达式可以更简洁
- 错误处理机制不够完善
- name: Commit message compliance verification if: | - !startsWith( env.COMMIT_MESSAGE , 'chore(release):' ) || - !contains( env.COMMIT_MESSAGE , '-beta' ) + !startsWith(env.COMMIT_MESSAGE, 'chore(release):') || + !contains(env.COMMIT_MESSAGE, '-beta') run: | echo "ABORT=true" >> $GITHUB_ENV + echo "::error ::提交消息不符合发布规范" + exit 1
66-82: 改进发布步骤的错误处理发布步骤缺少文件末尾的换行符,且错误消息可以更明确。
- name: Run Release @nutui/nutui-react if: env.ABORT != 'true' run: | cd ./release/h5 || exit 1 if ! npm publish --dry-run --tag ${{ env.RELEASE_TAG }}; then - echo "发布 @nutui/nutui-react 失败" + echo "::error ::发布 @nutui/nutui-react (${RELEASE_TAG}) 失败" exit 1 fi - name: Run Releases @nutui/nutui-react-taro if: env.ABORT != 'true' run: | cd ./release/taro || exit 1 if ! npm publish --dry-run --tag ${{ env.RELEASE_TAG }}; then - echo "发布 @nutui/nutui-react-taro 失败" + echo "::error ::发布 @nutui/nutui-react-taro (${RELEASE_TAG}) 失败" exit 1 fi +🧰 Tools
🪛 YAMLlint (1.35.1)
[error] 82-82: no new line character at the end of file
(new-line-at-end-of-file)
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (2)
.github/workflows/release-beta.yml(1 hunks).github/workflows/release.yml(1 hunks)
🧰 Additional context used
🪛 actionlint (1.7.4)
.github/workflows/release.yml
10-10: invalid job ID "release-3.x". job ID must start with a letter or _ and contain only alphanumeric characters, -, or _
(id)
.github/workflows/release-beta.yml
11-11: invalid job ID "release-3.x-beta". job ID must start with a letter or _ and contain only alphanumeric characters, -, or _
(id)
🪛 YAMLlint (1.35.1)
.github/workflows/release-beta.yml
[error] 82-82: no new line character at the end of file
(new-line-at-end-of-file)
⏰ Context from checks skipped due to timeout of 90000ms (2)
- GitHub Check: build
- GitHub Check: test
🔇 Additional comments (1)
.github/workflows/release.yml (1)
30-30: 建议添加环境变量验证当前使用了
env.ABORT变量进行条件判断,但未见该变量的定义。建议在使用前验证该变量。+ - name: Validate environment + run: | + if [ -z "$RELEASE_TAG" ]; then + echo "RELEASE_TAG 环境变量未设置" + exit 1 + fi + - name: Run Build if: env.ABORT != 'true'
There was a problem hiding this comment.
Actionable comments posted: 0
♻️ Duplicate comments (3)
.github/workflows/release-beta.yml (3)
50-53: 🛠️ Refactor suggestion建议使用锁定的依赖版本
使用
--no-frozen-lockfile可能导致不同环境下的构建结果不一致。建议在 CI 环境中始终使用锁定的依赖版本:
- name: Install dependencies if: env.ABORT != 'true' - run: pnpm install --no-frozen-lockfile + run: pnpm install --frozen-lockfile
19-22: 🛠️ Refactor suggestion优化代码检出配置
当前的
ref配置仅在 PR 事件时有效,可能导致其他触发方式失败。建议根据事件类型动态设置:
- uses: actions/checkout@v4 with: fetch-depth: 0 - ref: ${{ github.event.pull_request.head.sha }} + ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}
1-16:⚠️ Potential issue工作流配置需要改进
- 作业ID
release-3x-beta包含无效字符(连字符),这可能导致问题- 工作流触发器配置不完整,缺少手动触发所需的输入参数
建议进行以下修改:
name: Release 3x Beta on: pull_request: # push: branches: - feat_v3.x workflow_dispatch: + inputs: + tags: + description: '发布包版本类型' + required: true + default: 'beta' + type: choice + options: + - beta + - alpha + publish: + description: '是否发布' + required: false + type: boolean jobs: - release-3x-beta: + release_3x_beta: env: NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} NPM_CONFIG_PROVENANCE: true - RELEASE_TAG: beta + RELEASE_TAG: ${{ github.event_name == 'workflow_dispatch' && inputs.tags || 'beta' }}
🧹 Nitpick comments (2)
.github/workflows/release-beta.yml (2)
24-36: 改进提交消息处理的安全性虽然已经添加了基本的字符过滤,但提交消息处理的条件判断可以更简洁和可靠。
建议修改条件判断:
- name: Commit message compliance verification if: | - !startsWith( env.COMMIT_MESSAGE , 'chore(release):' ) || - !contains( env.COMMIT_MESSAGE , '-beta' ) + !startsWith(env.COMMIT_MESSAGE, 'chore(release):') || + !contains(env.COMMIT_MESSAGE, '-beta') run: echo "ABORT=true" >> $GITHUB_ENV
66-82: 改进发布步骤的错误处理发布步骤已经包含了基本的错误处理,但缺少文件末尾的换行符。
建议在文件末尾添加换行符:
if ! npm publish --dry-run --tag ${{ env.RELEASE_TAG }}; then echo "发布 @nutui/nutui-react-taro 失败" exit 1 fi +🧰 Tools
🪛 YAMLlint (1.35.1)
[error] 82-82: no new line character at the end of file
(new-line-at-end-of-file)
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (2)
.github/workflows/release-beta.yml(1 hunks).github/workflows/release.yml(1 hunks)
🚧 Files skipped from review as they are similar to previous changes (1)
- .github/workflows/release.yml
🧰 Additional context used
🪛 YAMLlint (1.35.1)
.github/workflows/release-beta.yml
[error] 82-82: no new line character at the end of file
(new-line-at-end-of-file)
⏰ Context from checks skipped due to timeout of 90000ms (1)
- GitHub Check: test
github-actions
bot
added
action:review
There was a problem hiding this comment.
Actionable comments posted: 0
♻️ Duplicate comments (4)
.github/workflows/release-beta.yml (4)
51-54: 🛠️ Refactor suggestion建议使用锁定的依赖版本
使用
--no-frozen-lockfile可能导致不同环境下的构建结果不一致。建议修改为:
- name: Install dependencies if: env.ABORT != 'true' - run: pnpm install --no-frozen-lockfile + run: pnpm install --frozen-lockfile
20-23: 🛠️ Refactor suggestion优化代码检出配置
当前的
ref配置仅在 PR 事件时有效,这可能导致其他触发方式失败。建议应用以下修改:
- uses: actions/checkout@v4 with: fetch-depth: 0 - ref: ${{ github.event.pull_request.head.sha }} + ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}
11-17:⚠️ Potential issue修复作业 ID 和环境变量配置
- 作业 ID
release-3x-beta包含无效字符RELEASE_TAG环境变量没有考虑手动触发的情况建议应用以下修改:
jobs: - release-3x-beta: + release_3x_beta: env: NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} NPM_CONFIG_PROVENANCE: true - RELEASE_TAG: beta + RELEASE_TAG: ${{ github.event_name == 'workflow_dispatch' && inputs.tags || 'beta' }}
1-10:⚠️ Potential issue工作流触发器配置需要改进
工作流配置缺少手动触发所需的输入参数,这可能导致手动触发时出现问题。
建议应用以下修改:
name: Release 3x Beta on: pull_request: # push: branches: - feat_v3.x workflow_dispatch: + inputs: + tags: + description: '发布包版本类型' + required: true + default: 'beta' + type: choice + options: + - beta + - alpha + publish: + description: '是否发布' + required: false + type: boolean
🧹 Nitpick comments (1)
.github/workflows/release-beta.yml (1)
83-83: 添加文件末尾的换行符YAML 文件末尾缺少换行符。
在文件末尾添加一个空行。
🧰 Tools
🪛 YAMLlint (1.35.1)
[error] 83-83: no new line character at the end of file
(new-line-at-end-of-file)
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (1)
.github/workflows/release-beta.yml(1 hunks)
🧰 Additional context used
🪛 YAMLlint (1.35.1)
.github/workflows/release-beta.yml
[error] 83-83: no new line character at the end of file
(new-line-at-end-of-file)
⏰ Context from checks skipped due to timeout of 90000ms (3)
- GitHub Check: build
- GitHub Check: release-3x-beta
- GitHub Check: test
github-actions
bot
added
action:review
There was a problem hiding this comment.
Actionable comments posted: 1
♻️ Duplicate comments (1)
.github/workflows/release-beta.yml (1)
1-16:⚠️ Potential issue工作流配置需要改进
工作流配置存在以下问题:
- 作业ID
release-3x-beta包含无效字符,可能导致问题- 缺少手动触发的输入参数配置
- PR触发器被注释掉,可能影响开发流程
建议进行以下修改:
name: Release 3x Beta on: -# pull_request: + pull_request: push: branches: - feat_v3.x workflow_dispatch: + inputs: + tags: + description: '发布包版本类型' + required: true + default: 'beta' + type: choice + options: + - beta + - alpha + publish: + description: '是否发布' + required: false + type: boolean jobs: - release-3x-beta: + release_3x_beta: env: NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} NPM_CONFIG_PROVENANCE: true - RELEASE_TAG: beta + RELEASE_TAG: ${{ github.event_name == 'workflow_dispatch' && inputs.tags || 'beta' }}
🧹 Nitpick comments (1)
.github/workflows/release-beta.yml (1)
24-49: 改进环境配置和提交消息处理环境配置有以下改进空间:
- 提交消息过滤可以更严格
- pnpm版本应该使用范围版本
- Node.js版本应考虑LTS版本
建议进行以下修改:
- name: Get commit message run: | COMMIT_MESSAGE=$(git log --format=%s -n 1) - FILTERED_MESSAGE="${COMMIT_MESSAGE//[^a-zA-Z0-9.()_:, -]/}" + FILTERED_MESSAGE="${COMMIT_MESSAGE//[^a-zA-Z0-9.()_:,@/ -]/}" echo "COMMIT_MESSAGE=${FILTERED_MESSAGE}" >> $GITHUB_ENV - name: Install pnpm - run: npm install -g pnpm@v9 + run: npm install -g pnpm@^9.0.0 - uses: actions/setup-node@v4 with: - node-version: '20' + node-version: '20.11.1' # LTS版本 cache: 'pnpm'
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (1)
.github/workflows/release-beta.yml(1 hunks)
🧰 Additional context used
🪛 YAMLlint (1.35.1)
.github/workflows/release-beta.yml
[error] 82-82: no new line character at the end of file
(new-line-at-end-of-file)
⏰ Context from checks skipped due to timeout of 90000ms (2)
- GitHub Check: build
- GitHub Check: test
github-actions
bot
added
action:review
* chore: release package via ci * chore: release package via ci * chore: release package via ci * chore: release package via ci * chore: release package via ci * chore: release package via ci * chore: release package via ci * chore: release package via ci * chore: release package via ci * chore: 测试手动执行 * chore: 测试手动执行 * chore: 测试手动执行 * chore: 测试手动执行 * chore: 测试手动执行 * chore: 测试手动执行 * chore: 测试手动执行 * chore: 测试手动执行 * chore: 测试手动执行 * chore: 测试手动执行 * chore: 测试beta * chore(release): v3.0.0-beta.12 * chore(release): v3.0.0-beta.12 * chore(release): v3.0.0-beta.12 * chore(release): v3.0.0-beta.12 * chore(release): v3.0.0-beta.12 * chore(release): v3.0.0-beta.12 * chore(release): v3.0.0-beta.12 * chore(release): v3.0.0-beta.12 * chore(release): v3.0.0-beta.12 * chore(release): v3.0.0-beta.12 * chore(release): v3.0.0-beta.12 * chore(release): v3.0.0-beta.12 * chore(release): v3.0.0-beta.12 * chore(release): v3.0.0-beta.12 * chore(release): v3.0.0-beta.12 * chore(release): v3.0.0-beta.12 * fix: review * fix: review * chore(release): v3.0.0-beta.12 * chore(release): v3.0.0-beta.12 * chore: remove --dry-run
2 participants
Summary by CodeRabbit
Chores
release目录添加到.gitignore文件中,避免版本控制。Refactor