honojs/hono
5 workflows · maturity 50% · 4 patterns · GitHub ↗
Practices
✓ Matrix✓ Permissions○ Security scan○ AI review○ Cache✓ Concurrency○ Reusable workflows
Detected patterns
Security dimensions
Workflows (5)
autofix perms .github/workflows/autofix.yml
View raw YAML
name: autofix.ci
on:
pull_request:
push:
branches: [main]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
permissions:
contents: read
jobs:
autofix:
name: autofix
runs-on: ubuntu-latest
if: ${{ github.event_name == 'push' || !github.event.pull_request.draft }}
steps:
- name: Checkout
uses: actions/checkout@v6
- uses: oven-sh/setup-bun@v2
with:
bun-version-file: '.tool-versions'
- run: bun install --frozen-lockfile
- run: bun run format:fix
- run: bun run lint:fix
- name: Apply fixes
uses: autofix-ci/action@v1
with:
commit-message: 'ci: apply automated fixes'
ci matrix .github/workflows/ci.yml
View raw YAML
name: ci
on:
push:
branches: [main, next]
pull_request:
branches: ['*']
paths-ignore:
- 'docs/**'
- '.vscode/**'
- 'README.md'
- '.gitignore'
- 'LICENSE'
jobs:
coverage:
name: 'Coverage'
runs-on: ubuntu-latest
needs:
- main
- bun
- deno
steps:
- uses: actions/checkout@v6
- uses: actions/download-artifact@v6
with:
pattern: coverage-*
merge-multiple: true
path: ./coverage
- uses: codecov/codecov-action@v5
with:
fail_ci_if_error: true
directory: ./coverage
main:
name: 'Main'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- uses: actions/setup-node@v6
with:
node-version-file: '.tool-versions'
- uses: oven-sh/setup-bun@v2
with:
bun-version-file: '.tool-versions'
- run: bun install --frozen-lockfile
- run: bun run format
- run: bun run lint
- run: bun run editorconfig-checker -format github-actions
- run: bun run build
- run: bun run test
- uses: actions/upload-artifact@v5
with:
name: coverage-main
path: coverage/
jsr-dry-run:
name: "Checking if it's valid for JSR"
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- uses: denoland/setup-deno@v2
with:
deno-version-file: '.tool-versions'
- uses: oven-sh/setup-bun@v2
with:
bun-version-file: '.tool-versions'
- run: bunx jsr publish --dry-run
deno:
name: 'Deno'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- uses: denoland/setup-deno@v2
with:
deno-version-file: '.tool-versions'
- run: env NAME=Deno deno test --coverage=coverage/raw/deno-runtime --allow-read --allow-env --allow-write --allow-net -c runtime-tests/deno/deno.json runtime-tests/deno
- run: deno test -c runtime-tests/deno-jsx/deno.precompile.json --coverage=coverage/raw/deno-precompile-jsx runtime-tests/deno-jsx
- run: deno test -c runtime-tests/deno-jsx/deno.react-jsx.json --coverage=coverage/raw/deno-react-jsx runtime-tests/deno-jsx
- run: grep -R '"url":' coverage | grep -v runtime-tests | sed -e 's/.*file:..//;s/.,//' | xargs deno cache --unstable-sloppy-imports
- run: deno coverage --lcov > coverage/deno-runtime-coverage-lcov.info
- uses: actions/upload-artifact@v5
with:
name: coverage-deno
path: coverage/
bun:
name: 'Bun'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- uses: oven-sh/setup-bun@v2
with:
bun-version-file: '.tool-versions'
- run: bun install --frozen-lockfile
- run: bun run test:bun
- uses: actions/upload-artifact@v5
with:
name: coverage-bun
path: coverage/
bun-windows:
name: 'Bun - Windows'
runs-on: windows-latest
steps:
- uses: actions/checkout@v6
- uses: oven-sh/setup-bun@v2
with:
bun-version-file: '.tool-versions'
- run: bun run test:bun
fastly:
name: 'Fastly Compute'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- uses: oven-sh/setup-bun@v2
with:
bun-version-file: '.tool-versions'
- run: bun install --frozen-lockfile
- run: bun run build
- run: bun run test:fastly
node:
name: 'Node.js v${{ matrix.node }}'
runs-on: ubuntu-latest
strategy:
matrix:
node: ['18.18.2', '20.x', '22.x']
steps:
- uses: actions/checkout@v6
- uses: actions/setup-node@v6
with:
node-version: ${{ matrix.node }}
- uses: oven-sh/setup-bun@v2
with:
bun-version-file: '.tool-versions'
- run: bun install --frozen-lockfile
- run: bun run build
- run: bun run test:node
workerd:
name: 'workerd'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- uses: actions/setup-node@v6
with:
node-version-file: '.tool-versions'
- uses: oven-sh/setup-bun@v2
with:
bun-version-file: '.tool-versions'
- run: bun install --frozen-lockfile
- run: bun run build
- run: bun run test:workerd
lambda:
name: 'AWS Lambda'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- uses: oven-sh/setup-bun@v2
with:
bun-version-file: '.tool-versions'
- run: bun install --frozen-lockfile
- run: bun run build
- run: bun run test:lambda
lambda-edge:
name: 'Lambda@Edge'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- uses: oven-sh/setup-bun@v2
with:
bun-version-file: '.tool-versions'
- run: bun install --frozen-lockfile
- run: bun run build
- run: bun run test:lambda-edge
perf-measures-check-on-pr:
name: 'Type & Bundle size Check on PR'
runs-on: ubuntu-latest
if: github.event_name == 'pull_request'
steps:
- uses: actions/checkout@v6
- uses: ./.github/actions/perf-measures
with:
target-ref: 'auto'
http-benchmark-on-pr:
name: 'HTTP Speed Check on PR'
runs-on: ubuntu-latest
if: github.event_name == 'pull_request'
steps:
- uses: actions/checkout@v6
- uses: oven-sh/setup-bun@v2
with:
bun-version-file: '.tool-versions'
- run: bun install --frozen-lockfile
- name: Install bombardier
run: |
wget -O bombardier https://github.com/codesenberg/bombardier/releases/download/v2.0.1/bombardier-linux-amd64
chmod +x bombardier
sudo mv bombardier /usr/local/bin/
- name: Run HTTP benchmark
run: |
cd benchmarks/http-server
bun run benchmark.ts
- name: Comment PR
uses: actions/github-script@v7
if: github.event.pull_request.head.repo.full_name == github.repository
with:
script: |
const fs = require('fs');
const results = fs.readFileSync('benchmarks/http-server/benchmark-results.md', 'utf8');
// Minimize previous benchmark comments
const comments = await github.rest.issues.listComments({
owner: context.repo.owner,
repo: context.repo.repo,
issue_number: context.issue.number
});
for (const comment of comments.data) {
if (comment.body.includes('## HTTP Performance Benchmark')) {
await github.graphql(`
mutation {
minimizeComment(input: { subjectId: "${comment.node_id}", classifier: OUTDATED }) {
minimizedComment {
isMinimized
}
}
}
`);
}
}
// Post new comment
await github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: results
});
- name: Show benchmark results for forks
if: github.event.pull_request.head.repo.full_name != github.repository
run: |
echo "## HTTP Performance Benchmark Results"
echo "Note: Cannot post comment due to security restrictions on fork PRs"
cat benchmarks/http-server/benchmark-results.md
perf-measures-check-on-main:
name: 'Type & Bundle size Check on Main'
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/main'
steps:
- uses: actions/checkout@v6
- uses: ./.github/actions/perf-measures
with:
target-ref: 'main'
cr .github/workflows/cr.yml
View raw YAML
name: cr
on:
push:
branches: [main]
tags: ['!**'] # Avoid publishing on tags
pull_request:
types: [opened, synchronize, labeled] # Run on PR creation, updates, and when labels are added
concurrency:
group: ${{ github.workflow }}-${{ github.event.number }} # Concurrency group for each PR
cancel-in-progress: true # Cancel in progress builds for the same PR
jobs:
publish:
if: github.repository == 'honojs/hono' && (github.ref == 'refs/heads/main' || contains(github.event.pull_request.labels.*.name, 'cr-tracked'))
runs-on: ubuntu-latest
name: 'Publish: pkg.pr.new'
steps:
- uses: actions/checkout@v6
with:
fetch-depth: 0
- uses: actions/setup-node@v6
with:
node-version-file: '.tool-versions'
- uses: oven-sh/setup-bun@v2
with:
bun-version-file: '.tool-versions'
- name: Install Dependencies
run: bun install --frozen-lockfile
- name: Build
run: bun run build
- name: Publish to StackBlitz
run: |
bun pkg-pr-new publish --compact
no-response perms .github/workflows/no-response.yml
View raw YAML
name: Close stale issues with "not bug" label
on:
schedule:
- cron: '0 0 * * *'
permissions:
contents: write
issues: write
jobs:
stale:
runs-on: ubuntu-latest
steps:
- name: Close stale issues with "not bug" label
uses: actions/stale@v8
with:
days-before-stale: 7
days-before-close: 2
stale-issue-message: 'This issue has been marked as stale due to inactivity.'
close-issue-message: 'Closing this issue due to inactivity.'
exempt-issue-labels: ''
stale-issue-label: 'stale'
only-labels: 'not bug'
operations-per-run: 30
remove-stale-when-updated: true
release .github/workflows/release.yml
View raw YAML
name: release
on:
push:
tags:
- '*'
jobs:
jsr:
name: publish-to-jsr
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write
steps:
- uses: actions/checkout@v6
- name: Install deno
uses: denoland/setup-deno@v2
with:
deno-version-file: '.tool-versions'
- run: deno install --no-lock --allow-scripts
- name: Publish to JSR
run: deno run -A jsr:@david/publish-on-tag@0.1.4