From 132df5921bc38323de07cbbab3e5a53360734f9e Mon Sep 17 00:00:00 2001 From: Edwin Kofler Date: Sun, 12 Apr 2026 01:12:01 -0700 Subject: [PATCH 1/5] Add "issue type"s to issue templates and cleanup rarely used labels (#5562) --- .github/FUNDING.yml | 1 - .github/ISSUE_TEMPLATE/bug_report.yml | 1 + .../feature_request_new_schema.yml | 1 + .../feature_request_website.yml | 1 + .github/labeler.yml | 19 ++++++------------- 5 files changed, 9 insertions(+), 14 deletions(-) diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml index 884cb09d1d8..5499268b08b 100644 --- a/.github/FUNDING.yml +++ b/.github/FUNDING.yml @@ -1,3 +1,2 @@ # These are supported funding model platforms - github: ['madskristensen', 'hyperupcall'] diff --git a/.github/ISSUE_TEMPLATE/bug_report.yml b/.github/ISSUE_TEMPLATE/bug_report.yml index 20c9f6de829..ec961fd7deb 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.yml +++ b/.github/ISSUE_TEMPLATE/bug_report.yml @@ -2,6 +2,7 @@ name: '🐛 Bug report' description: Report errors or unexpected behavior labels: - Issue-Bug +type: Bug body: - type: markdown attributes: diff --git a/.github/ISSUE_TEMPLATE/feature_request_new_schema.yml b/.github/ISSUE_TEMPLATE/feature_request_new_schema.yml index cd324316f0c..eaf038d442b 100644 --- a/.github/ISSUE_TEMPLATE/feature_request_new_schema.yml +++ b/.github/ISSUE_TEMPLATE/feature_request_new_schema.yml @@ -2,6 +2,7 @@ name: '⭐ Request (schema)' description: Request to add a new JSON schema. labels: - Request-for-new-schema +type: Feature body: - type: textarea attributes: diff --git a/.github/ISSUE_TEMPLATE/feature_request_website.yml b/.github/ISSUE_TEMPLATE/feature_request_website.yml index 651dd325447..94061ff3d6e 100644 --- a/.github/ISSUE_TEMPLATE/feature_request_website.yml +++ b/.github/ISSUE_TEMPLATE/feature_request_website.yml @@ -2,6 +2,7 @@ name: '⭐ Request (feature)' description: Propose something new for the SchemaStore web site or build server. labels: - Feature-for-website-or-build-server +type: Feature body: - type: textarea attributes: diff --git a/.github/labeler.yml b/.github/labeler.yml index 065c3ecde5f..78d79d8275b 100644 --- a/.github/labeler.yml +++ b/.github/labeler.yml @@ -1,11 +1,10 @@ # Changes to continuous integration. -ci: +CI: - changed-files: - any-glob-to-any-file: - '.github/**/*' -# Changes to JavaScript. This label used to have the name of "Gruntfile.js". -# This label also supersedes the old "NodeJS" label, which was too broad. +# Changes to JavaScript. 'cli.js': - changed-files: - any-glob-to-any-file: @@ -13,17 +12,11 @@ ci: - 'package.json' # Changes to configuration. -'config:editorconfig': +config: - changed-files: - any-glob-to-any-file: - '.editorconfig' -'config:eslintrcjson': - - changed-files: - - any-glob-to-any-file: - - 'src/.eslintrc.json' -'config:gitignore': - - changed-files: - - any-glob-to-any-file: + - 'eslint.config.js' - '.gitignore' - '.gitattributes' @@ -33,8 +26,8 @@ documentation: - any-glob-to-any-file: - '**/*.md' -# Changes to Asp.Net files. Generally, they must NOT be updated. -WARNING_AspNetFiles: +# Changes to website files. Generally, they must NOT be updated. +WARNING_WebsiteFiles: - changed-files: - any-glob-to-any-file: - 'src/bin/**/*' From 1bb14782c941af2915fc1886ca45689ce11cfb86 Mon Sep 17 00:00:00 2001 From: Edwin Kofler Date: Sun, 12 Apr 2026 01:26:00 -0700 Subject: [PATCH 2/5] Partially Harden CI (#5563) --- .github/dependabot.yml | 2 ++ .github/workflows/auto-update.yml | 8 +++++--- .github/workflows/codeowners-merge.yml | 2 +- .github/workflows/github-pages.yml | 12 +++++++----- .github/workflows/label-prs.yml | 2 +- .github/workflows/pre-commit-checks.yml | 6 ++++-- .github/workflows/stale-prs.yml | 2 +- .github/workflows/validate.yml | 6 ++++-- 8 files changed, 25 insertions(+), 15 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index b22df070864..06a5bd42d26 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,6 +1,8 @@ version: 2 updates: - package-ecosystem: 'github-actions' + cooldown: + default-days: 14 directory: '/' schedule: interval: 'monthly' diff --git a/.github/workflows/auto-update.yml b/.github/workflows/auto-update.yml index b41373be261..188b33ce70c 100644 --- a/.github/workflows/auto-update.yml +++ b/.github/workflows/auto-update.yml @@ -26,12 +26,14 @@ jobs: contents: 'write' pull-requests: 'write' steps: - - uses: 'actions/checkout@v6' - - uses: 'actions/setup-node@v6' + - uses: 'actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd' # v6.0.2 + with: + persist-credentials: false + - uses: 'actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f' # v6.3.0 with: node-version: '20' cache: 'npm' cache-dependency-path: './package-lock.json' - run: 'npm clean-install' - run: 'node ./cli.js build-xregistry' - - uses: peter-evans/create-pull-request@v8 + - uses: peter-evans/create-pull-request@5f6978faf089d4d20b00c7766989d076bb2fc7f1 # v8.1.1 diff --git a/.github/workflows/codeowners-merge.yml b/.github/workflows/codeowners-merge.yml index e9cda562c26..b381bdff887 100644 --- a/.github/workflows/codeowners-merge.yml +++ b/.github/workflows/codeowners-merge.yml @@ -10,7 +10,7 @@ jobs: runs-on: ubuntu-latest permissions: 'write-all' steps: - - uses: 'actions/checkout@v6' + - uses: 'actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd' # v6.0.2 - name: 'Run Codeowners check' uses: 'OSS-Docs-Tools/code-owner-self-merge@9f01f6d51b10a0e0a12300cdd614c9fa80787868' env: diff --git a/.github/workflows/github-pages.yml b/.github/workflows/github-pages.yml index da379cf9dab..2669fe3f1d9 100644 --- a/.github/workflows/github-pages.yml +++ b/.github/workflows/github-pages.yml @@ -25,16 +25,18 @@ jobs: runs-on: 'ubuntu-latest' if: ${{ github.repository_owner == 'SchemaStore' }} steps: - - uses: 'actions/checkout@v6' - - uses: 'actions/setup-node@v6' + - uses: 'actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd' # v6.0.2 + with: + persist-credentials: false + - uses: 'actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f' # v6.3.0 with: node-version: '22' cache: 'npm' cache-dependency-path: './package-lock.json' - run: 'npm clean-install' - run: 'node ./cli.js build-website' - - uses: 'actions/configure-pages@v5' - - uses: 'actions/upload-pages-artifact@v4' + - uses: 'actions/configure-pages@983d7736d9b0ae728b81ab479565c72886d7745b' # v5.0.0 + - uses: 'actions/upload-pages-artifact@7b1f4a764d45c48632c6b24a0339c27f5614fb0b' # v4.0.0 with: path: './website' @@ -48,4 +50,4 @@ jobs: needs: 'build' steps: - id: 'deployment' - uses: 'actions/deploy-pages@v4' + uses: 'actions/deploy-pages@d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e' # v4.0.5 diff --git a/.github/workflows/label-prs.yml b/.github/workflows/label-prs.yml index 08705d93ee8..e33f48373f9 100644 --- a/.github/workflows/label-prs.yml +++ b/.github/workflows/label-prs.yml @@ -7,7 +7,7 @@ jobs: if: github.repository == 'SchemaStore/schemastore' runs-on: ubuntu-latest steps: - - uses: actions/labeler@v6 + - uses: actions/labeler@634933edcd8ababfe52f92936142cc22ac488b1b # v6.0.1 with: repo-token: '${{ secrets.GITHUB_TOKEN }}' sync-labels: true diff --git a/.github/workflows/pre-commit-checks.yml b/.github/workflows/pre-commit-checks.yml index 0a06e4fd043..f6f347a1525 100644 --- a/.github/workflows/pre-commit-checks.yml +++ b/.github/workflows/pre-commit-checks.yml @@ -8,13 +8,15 @@ jobs: name: Run pre-commit checks steps: - name: Checkout the repository - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + with: + persist-credentials: false # Enablement of https://pre-commit.ci is desirable as it also # enable auto-fixes for formatting violations. Still we still want to run # our own GitHub action, just in case the external service becomes # unavailable. - - uses: actions/setup-python@v6 + - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: '3.11' - name: Install pre-commit diff --git a/.github/workflows/stale-prs.yml b/.github/workflows/stale-prs.yml index 80b71e82c65..2aaac5fc1cd 100644 --- a/.github/workflows/stale-prs.yml +++ b/.github/workflows/stale-prs.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest if: github.repository_owner == 'SchemaStore' steps: - - uses: actions/stale@v10 + - uses: actions/stale@b5d41d4e1d5dceea10e7104786b73624c18a190f # v10.2.0 with: stale-pr-message: 'This PR is stale because it has been open 60 days with no activity. Comment or this will be closed in 7 days.' close-pr-message: 'This PR was closed because it has been stalled for 7 days with no activity.' diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index 13859438d45..2bda190285f 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -8,8 +8,10 @@ jobs: timeout-minutes: 10 steps: - - uses: actions/checkout@v6 - - uses: actions/setup-node@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + with: + persist-credentials: false + - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0 with: node-version: '20' cache: 'npm' From a50addea6e7810fcba5fb79f00c4a21fe0c9c59b Mon Sep 17 00:00:00 2001 From: Jo <10510431+j178@users.noreply.github.com> Date: Sun, 12 Apr 2026 16:31:10 +0800 Subject: [PATCH 3/5] Update prek's schema to 0.3.8 (#5561) --- .github/CODEOWNERS | 5 ++ src/schemas/json/prek.json | 98 +++++++++++++++++++++++++++----------- 2 files changed, 74 insertions(+), 29 deletions(-) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 3ce227c9187..a4f8e0fc8d5 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -80,6 +80,11 @@ src/schemas/json/popxf-* @peterstangl @alekssmolkovic @kenmimasu src/test/popxf-* @peterstangl @alekssmolkovic @kenmimasu src/negative_test/popxf-* @peterstangl @alekssmolkovic @kenmimasu +# Managed by Prek Team: +src/schemas/json/prek.json @j178 +src/test/prek/ @j178 +src/negative_test/prek/ @j178 + # Managed by Open-KYA Team: src/schemas/json/kya.json @wp-lkl src/test/kya/ @wp-lkl diff --git a/src/schemas/json/prek.json b/src/schemas/json/prek.json index c2f7650c0f4..1b6b9b332c6 100644 --- a/src/schemas/json/prek.json +++ b/src/schemas/json/prek.json @@ -34,6 +34,9 @@ "dart": { "type": "string" }, + "deno": { + "type": "string" + }, "docker": { "type": "string" }, @@ -96,7 +99,8 @@ "type": "array", "items": { "$ref": "#/definitions/Stage" - } + }, + "uniqueItems": true }, "files": { "$ref": "#/definitions/FilePattern", @@ -208,21 +212,24 @@ "type": "array", "items": { "type": "string" - } + }, + "uniqueItems": true }, "types_or": { "description": "List of file types to run on (OR).\nDefault is `[]`.", "type": "array", "items": { "type": "string" - } + }, + "uniqueItems": true }, "exclude_types": { "description": "List of file types to exclude.\nDefault is `[]`.", "type": "array", "items": { "type": "string" - } + }, + "uniqueItems": true }, "additional_dependencies": { "description": "Not documented in the official docs.", @@ -254,8 +261,8 @@ "type": "boolean" }, "pass_filenames": { - "description": "Append filenames that would be checked to the hook entry as arguments.\nDefault is true.", - "type": "boolean" + "$ref": "#/definitions/PassFilenames", + "description": "Append filenames that would be checked to the hook entry as arguments.\nDefault is true." }, "description": { "description": "A description of the hook. For metadata only.", @@ -274,11 +281,12 @@ "type": "boolean" }, "stages": { - "description": "Select which git hook(s) to run for.\nDefault all stages are selected.\nSee .", + "description": "Select which Git hook stages this hook runs for.\nDefault all stages are selected.\nSee .", "type": "array", "items": { "$ref": "#/definitions/Stage" - } + }, + "uniqueItems": true }, "verbose": { "description": "Print the output of the hook even if it passes.\nDefault is false.", @@ -299,6 +307,7 @@ "conda", "coursier", "dart", + "deno", "docker", "docker_image", "dotnet", @@ -349,6 +358,18 @@ } ] }, + "PassFilenames": { + "description": "Whether to pass filenames to the hook. `true` passes all matching filenames (default), `false` passes none, and a positive integer limits each invocation to at most that many filenames.", + "oneOf": [ + { + "type": "boolean" + }, + { + "type": "integer", + "exclusiveMinimum": 0 + } + ] + }, "Stage": { "type": "string", "enum": [ @@ -425,21 +446,24 @@ "type": "array", "items": { "type": "string" - } + }, + "uniqueItems": true }, "types_or": { "description": "List of file types to run on (OR).\nDefault is `[]`.", "type": "array", "items": { "type": "string" - } + }, + "uniqueItems": true }, "exclude_types": { "description": "List of file types to exclude.\nDefault is `[]`.", "type": "array", "items": { "type": "string" - } + }, + "uniqueItems": true }, "additional_dependencies": { "description": "Not documented in the official docs.", @@ -471,8 +495,8 @@ "type": "boolean" }, "pass_filenames": { - "description": "Append filenames that would be checked to the hook entry as arguments.\nDefault is true.", - "type": "boolean" + "$ref": "#/definitions/PassFilenames", + "description": "Append filenames that would be checked to the hook entry as arguments.\nDefault is true." }, "description": { "description": "A description of the hook. For metadata only.", @@ -491,11 +515,12 @@ "type": "boolean" }, "stages": { - "description": "Select which git hook(s) to run for.\nDefault all stages are selected.\nSee .", + "description": "Select which Git hook stages this hook runs for.\nDefault all stages are selected.\nSee .", "type": "array", "items": { "$ref": "#/definitions/Stage" - } + }, + "uniqueItems": true }, "verbose": { "description": "Print the output of the hook even if it passes.\nDefault is false.", @@ -569,21 +594,24 @@ "type": "array", "items": { "type": "string" - } + }, + "uniqueItems": true }, "types_or": { "description": "List of file types to run on (OR).\nDefault is `[]`.", "type": "array", "items": { "type": "string" - } + }, + "uniqueItems": true }, "exclude_types": { "description": "List of file types to exclude.\nDefault is `[]`.", "type": "array", "items": { "type": "string" - } + }, + "uniqueItems": true }, "additional_dependencies": { "description": "Not documented in the official docs.", @@ -615,8 +643,8 @@ "type": "boolean" }, "pass_filenames": { - "description": "Append filenames that would be checked to the hook entry as arguments.\nDefault is true.", - "type": "boolean" + "$ref": "#/definitions/PassFilenames", + "description": "Append filenames that would be checked to the hook entry as arguments.\nDefault is true." }, "description": { "description": "A description of the hook. For metadata only.", @@ -635,11 +663,12 @@ "type": "boolean" }, "stages": { - "description": "Select which git hook(s) to run for.\nDefault all stages are selected.\nSee .", + "description": "Select which Git hook stages this hook runs for.\nDefault all stages are selected.\nSee .", "type": "array", "items": { "$ref": "#/definitions/Stage" - } + }, + "uniqueItems": true }, "verbose": { "description": "Print the output of the hook even if it passes.\nDefault is false.", @@ -717,21 +746,24 @@ "type": "array", "items": { "type": "string" - } + }, + "uniqueItems": true }, "types_or": { "description": "List of file types to run on (OR).\nDefault is `[]`.", "type": "array", "items": { "type": "string" - } + }, + "uniqueItems": true }, "exclude_types": { "description": "List of file types to exclude.\nDefault is `[]`.", "type": "array", "items": { "type": "string" - } + }, + "uniqueItems": true }, "additional_dependencies": { "description": "Not documented in the official docs.", @@ -763,8 +795,8 @@ "type": "boolean" }, "pass_filenames": { - "description": "Append filenames that would be checked to the hook entry as arguments.\nDefault is true.", - "type": "boolean" + "$ref": "#/definitions/PassFilenames", + "description": "Append filenames that would be checked to the hook entry as arguments.\nDefault is true." }, "description": { "description": "A description of the hook. For metadata only.", @@ -783,11 +815,12 @@ "type": "boolean" }, "stages": { - "description": "Select which git hook(s) to run for.\nDefault all stages are selected.\nSee .", + "description": "Select which Git hook stages this hook runs for.\nDefault all stages are selected.\nSee .", "type": "array", "items": { "$ref": "#/definitions/Stage" - } + }, + "uniqueItems": true }, "verbose": { "description": "Print the output of the hook even if it passes.\nDefault is false.", @@ -807,18 +840,25 @@ "check-added-large-files", "check-case-conflict", "check-executables-have-shebangs", + "check-illegal-windows-names", "check-json", "check-json5", "check-merge-conflict", + "check-shebang-scripts-are-executable", "check-symlinks", "check-toml", + "check-vcs-permalinks", "check-xml", "check-yaml", + "destroyed-symlinks", "detect-private-key", "end-of-file-fixer", + "file-contents-sorter", "fix-byte-order-marker", + "forbid-new-submodules", "mixed-line-ending", "no-commit-to-branch", + "pretty-format-json", "trailing-whitespace" ] }, From 209b0a3a6c6e9717953b956afd3a4cddc19810a9 Mon Sep 17 00:00:00 2001 From: Edwin Kofler Date: Sun, 12 Apr 2026 02:21:24 -0700 Subject: [PATCH 4/5] Update GitHub Actions dependencies (#5565) --- .github/workflows/github-pages.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/github-pages.yml b/.github/workflows/github-pages.yml index 2669fe3f1d9..71c2dd5ee2b 100644 --- a/.github/workflows/github-pages.yml +++ b/.github/workflows/github-pages.yml @@ -35,8 +35,8 @@ jobs: cache-dependency-path: './package-lock.json' - run: 'npm clean-install' - run: 'node ./cli.js build-website' - - uses: 'actions/configure-pages@983d7736d9b0ae728b81ab479565c72886d7745b' # v5.0.0 - - uses: 'actions/upload-pages-artifact@7b1f4a764d45c48632c6b24a0339c27f5614fb0b' # v4.0.0 + - uses: 'actions/configure-pages@45bfe0192ca1faeb007ade9deae92b16b8254a0d' # v6.0.0 + - uses: 'actions/upload-pages-artifact@fc324d3547104276b827a68afc52ff2a11cc49c9' # v5.0.0 with: path: './website' @@ -50,4 +50,4 @@ jobs: needs: 'build' steps: - id: 'deployment' - uses: 'actions/deploy-pages@d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e' # v4.0.5 + uses: 'actions/deploy-pages@cd2ce8fcbc39b97be8ca5fce6e763baed58fa128' # v5.0.0 From 2fa3201d9a5f9043f1371784b4261f4595580bf1 Mon Sep 17 00:00:00 2001 From: jelrwi Date: Sun, 12 Apr 2026 21:47:06 +0900 Subject: [PATCH 5/5] Deprecate `authors` field in `cargo.json` (#5566) Co-authored-by: ya7010 --- src/schemas/json/cargo.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/schemas/json/cargo.json b/src/schemas/json/cargo.json index 8c7e42114b8..5d7bd0e07c3 100644 --- a/src/schemas/json/cargo.json +++ b/src/schemas/json/cargo.json @@ -459,7 +459,7 @@ }, "authors": { "title": "Authors", - "description": "The `authors` field lists people or organizations that are considered the\n\"authors\" of the package. The exact meaning is open to interpretation — it may\nlist the original or primary authors, current maintainers, or owners of the\npackage. These names will be listed on the crate's page on\n[crates.io](https://crates.io). An optional email address may be included within angled\nbrackets at the end of each author.\n\n> **Note**: [crates.io](https://crates.io) requires at least one author to be listed.", + "description": "The `authors` field lists people or organizations that are considered the\n\"authors\" of the package. The exact meaning is open to interpretation — it may\nlist the original or primary authors, current maintainers, or owners of the\npackage. These names will be listed on the crate's page on\n[crates.io](https://crates.io). An optional email address may be included within angled\nbrackets at the end of each author.\n\n> **Note**: This field is deprecated.", "anyOf": [ { "$ref": "#/definitions/Authors"