Add Windows CI testing#2
Conversation
|
Warning Review limit reached
More reviews will be available in 52 minutes and 41 seconds. Learn how PR review limits work. Your organization has run out of usage credits. Purchase more in the billing tab. ⌛ How to resolve this issue?After more reviews become available, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available. Please see our Fair Usage Limits Policy for further information. 📝 WalkthroughWalkthroughThe CI workflow now runs the build-and-test job on a matrix of OS runners ( ChangesCI Cross-Platform Testing Matrix
Estimated code review effort🎯 2 (Simple) | ⏱️ ~10 minutes Poem
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
|
@coderabbitai review |
✅ Action performedReview finished.
|
There was a problem hiding this comment.
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (2)
.github/workflows/ci.yml (2)
10-40:⚠️ Potential issue | 🟠 Major | ⚡ Quick winAdd explicit permissions block to follow least-privilege principle.
The workflow uses default permissions, which are overly broad. Explicitly define the minimum required permissions to improve security posture.
🔒 Proposed fix to add explicit permissions
jobs: build-and-test: + permissions: + contents: read + strategy: matrix: os: [ubuntu-latest, windows-latest]🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In @.github/workflows/ci.yml around lines 10 - 40, Add an explicit permissions block to the GitHub Actions workflow (for the build-and-test job) to avoid default broad permissions: identify which token permissions your steps need (e.g., contents: read for checkout, actions: read if using actions, id-token: write only if OIDC is used, packages: read if fetching packages, checks: write if creating check runs) and add a top-level permissions: map or a job-level permissions: map just above the steps in the build-and-test job to grant only those scopes; update the job named build-and-test so the workflow uses the minimal required permissions for the actions/checkout, setup-node, and any publishing or status-reporting steps.Source: Linters/SAST tools
33-34:⚠️ Potential issue | 🟡 MinorEnsure Prettier line endings don’t break
format:checkon Windows.
npm run format:checkrunsprettier --check ., but the repo has no.gitattributesand.prettierrcdoesn’t setendOfLine. With default Git checkout behavior onwindows-latest, files can end up with CRLF and cause Prettier--checkto fail. SetendOfLineexplicitly in.prettierrc(e.g.,"lf") and/or add a.gitattributesrule to normalize line endings.🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In @.github/workflows/ci.yml around lines 33 - 34, The CI formatting check fails on Windows due to CRLF line endings; update project config so Prettier's `--check` (invoked by the `format:check` npm script) is deterministic: add an explicit endOfLine setting (e.g., "lf") to your .prettierrc and/or add a .gitattributes entry to normalize line endings (e.g., `* text=auto eol=lf`) so files checked by the workflow step named "Check formatting" always use the expected line endings.
🧹 Nitpick comments (1)
.github/workflows/ci.yml (1)
10-40: ⚡ Quick winAdd concurrency group to cancel outdated workflow runs.
Adding a concurrency group will automatically cancel in-progress runs when new commits are pushed, saving CI resources and reducing confusion from stale runs.
⚡ Proposed optimization to add concurrency control
jobs: build-and-test: + concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + strategy: matrix: os: [ubuntu-latest, windows-latest]🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In @.github/workflows/ci.yml around lines 10 - 40, Add a concurrency block to the workflow (preferably at the job level for the build-and-test job) to cancel outdated runs: inside the build-and-test job (the job with id "build-and-test") add a concurrency: section with group: set to a stable identifier like "${{ github.workflow }}-${{ github.ref }}" and cancel-in-progress: true so any in-progress build-and-test run for the same ref is cancelled when a new run starts; ensure indentation matches the existing YAML structure.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Outside diff comments:
In @.github/workflows/ci.yml:
- Around line 10-40: Add an explicit permissions block to the GitHub Actions
workflow (for the build-and-test job) to avoid default broad permissions:
identify which token permissions your steps need (e.g., contents: read for
checkout, actions: read if using actions, id-token: write only if OIDC is used,
packages: read if fetching packages, checks: write if creating check runs) and
add a top-level permissions: map or a job-level permissions: map just above the
steps in the build-and-test job to grant only those scopes; update the job named
build-and-test so the workflow uses the minimal required permissions for the
actions/checkout, setup-node, and any publishing or status-reporting steps.
- Around line 33-34: The CI formatting check fails on Windows due to CRLF line
endings; update project config so Prettier's `--check` (invoked by the
`format:check` npm script) is deterministic: add an explicit endOfLine setting
(e.g., "lf") to your .prettierrc and/or add a .gitattributes entry to normalize
line endings (e.g., `* text=auto eol=lf`) so files checked by the workflow step
named "Check formatting" always use the expected line endings.
---
Nitpick comments:
In @.github/workflows/ci.yml:
- Around line 10-40: Add a concurrency block to the workflow (preferably at the
job level for the build-and-test job) to cancel outdated runs: inside the
build-and-test job (the job with id "build-and-test") add a concurrency: section
with group: set to a stable identifier like "${{ github.workflow }}-${{
github.ref }}" and cancel-in-progress: true so any in-progress build-and-test
run for the same ref is cancelled when a new run starts; ensure indentation
matches the existing YAML structure.
There was a problem hiding this comment.
🧹 Nitpick comments (1)
.github/workflows/ci.yml (1)
27-28: ⚡ Quick winUse
npm ciin CI for deterministic cross-OS installs.
npm installcan produce non-reproducible dependency resolution between runners. In CI,npm ciis safer and faster when a lockfile is present.Proposed change
- - name: Install dependencies - run: npm install + - name: Install dependencies + run: npm ci🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In @.github/workflows/ci.yml around lines 27 - 28, Replace the CI step that currently runs "npm install" with "npm ci" to ensure deterministic, faster installs using the lockfile; locate the GitHub Actions step named "Install dependencies" (the run: npm install line) and change the command to run: npm ci so the workflow uses the lockfile for reproducible cross-OS installs.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Nitpick comments:
In @.github/workflows/ci.yml:
- Around line 27-28: Replace the CI step that currently runs "npm install" with
"npm ci" to ensure deterministic, faster installs using the lockfile; locate the
GitHub Actions step named "Install dependencies" (the run: npm install line) and
change the command to run: npm ci so the workflow uses the lockfile for
reproducible cross-OS installs.
Summary
Adds Windows to the GitHub Actions CI matrix so that linting, formatting checks, tests, and builds are validated on both Ubuntu and Windows.
Motivation
The current CI workflow only runs on
ubuntu-latest. Adding Windows CI helps catch platform-specific issues early and improves support for Windows contributors and users.Changes
Added a build matrix for:
ubuntu-latestwindows-latestExisting CI steps remain unchanged:
Testing
Verified the workflow configuration locally before submitting the PR.
Summary by CodeRabbit