Merge pull request #12 from DeterminateSystems/ts

Switch to a typescript based action

.eslintrc.json

@@ -0,0 +1,73 @@
+{
+  "plugins": ["@typescript-eslint"],
+  "extends": ["plugin:github/recommended"],
+  "parser": "@typescript-eslint/parser",
+  "parserOptions": {
+    "ecmaVersion": 9,
+    "sourceType": "module",
+    "project": "./tsconfig.json"
+  },
+  "settings": {
+    "import/resolver": {
+      "typescript": {}
+    }
+  },
+  "rules": {
+    "i18n-text/no-en": "off",
+    "eslint-comments/no-use": "off",
+    "import/no-namespace": "off",
+    "no-unused-vars": "off",
+    "@typescript-eslint/no-unused-vars": [
+      "error",
+      {
+        "argsIgnorePattern": "^_"
+      }
+    ],
+    "@typescript-eslint/explicit-member-accessibility": [
+      "error",
+      {
+        "accessibility": "no-public"
+      }
+    ],
+    "@typescript-eslint/no-require-imports": "error",
+    "@typescript-eslint/array-type": "error",
+    "@typescript-eslint/await-thenable": "error",
+    "@typescript-eslint/ban-ts-comment": "error",
+    "camelcase": "error",
+    "@typescript-eslint/consistent-type-assertions": "error",
+    "@typescript-eslint/explicit-function-return-type": [
+      "error",
+      {
+        "allowExpressions": true
+      }
+    ],
+    "@typescript-eslint/func-call-spacing": ["error", "never"],
+    "@typescript-eslint/no-array-constructor": "error",
+    "@typescript-eslint/no-empty-interface": "error",
+    "@typescript-eslint/no-explicit-any": "error",
+    "@typescript-eslint/no-floating-promises": "error",
+    "@typescript-eslint/no-extraneous-class": "error",
+    "@typescript-eslint/no-for-in-array": "error",
+    "@typescript-eslint/no-inferrable-types": "error",
+    "@typescript-eslint/no-misused-new": "error",
+    "@typescript-eslint/no-namespace": "error",
+    "@typescript-eslint/no-non-null-assertion": "warn",
+    "@typescript-eslint/no-unnecessary-qualifier": "error",
+    "@typescript-eslint/no-unnecessary-type-assertion": "error",
+    "@typescript-eslint/no-useless-constructor": "error",
+    "@typescript-eslint/no-var-requires": "error",
+    "@typescript-eslint/prefer-for-of": "warn",
+    "@typescript-eslint/prefer-function-type": "warn",
+    "@typescript-eslint/prefer-includes": "error",
+    "@typescript-eslint/prefer-string-starts-ends-with": "error",
+    "@typescript-eslint/promise-function-async": "error",
+    "@typescript-eslint/require-array-sort-compare": "error",
+    "@typescript-eslint/restrict-plus-operands": "error",
+    "@typescript-eslint/type-annotation-spacing": "error",
+    "@typescript-eslint/unbound-method": "error"
+  },
+  "env": {
+    "node": true,
+    "es6": true
+  }
+}

.gitattributes

@@ -0,0 +1,2 @@
+dist/* linguist-generated=true
+

.github/workflows/ci.yaml

@@ -6,19 +6,37 @@ on:
     branches: [main]
 
 jobs:
+  check-dist-up-to-date:
+    name: Check the dist/ folder is up to date
+    runs-on: ubuntu-22.04
+    permissions:
+      contents: read
+      id-token: write
+    steps:
+      - uses: actions/checkout@v4
+      - uses: DeterminateSystems/nix-installer-action@main
+      - uses: DeterminateSystems/magic-nix-cache-action@main
+      - run: nix develop --command pnpm install
+      - run: nix develop --command pnpm run format
+      - run: nix develop --command pnpm run lint
+      - run: nix develop --command pnpm run build
+      - run: nix develop --command pnpm run package
+      - run: git status --porcelain=v1
+      - run: git diff --exit-code
+
   run-x86_64-linux-clean:
     name: Run x86_64 Linux (clean)
     runs-on: ubuntu-22.04
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Check flake.lock
         uses: ./
 
   run-x86_64-linux-dirty:
     name: Run x86_64 Linux (dirty)
     runs-on: ubuntu-22.04
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Check flake.lock
         uses: ./
         with:
@@ -28,15 +46,15 @@ jobs:
     name: Run x86_64 Darwin (clean)
     runs-on: macos-12
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Check flake.lock
         uses: ./
 
   run-x86_64-darwin-dirty:
     name: Run x86_64 Darwin (dirty)
     runs-on: macos-12
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Check flake.lock
         uses: ./
         with:

.gitignore

@@ -0,0 +1,101 @@
+# Dependency directory
+node_modules
+
+# Rest pulled from https://github.com/github/gitignore/blob/master/Node.gitignore
+# Logs
+logs
+*.log
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+lerna-debug.log*
+
+# Diagnostic reports (https://nodejs.org/api/report.html)
+report.[0-9]*.[0-9]*.[0-9]*.[0-9]*.json
+
+# Runtime data
+pids
+*.pid
+*.seed
+*.pid.lock
+
+# Directory for instrumented libs generated by jscoverage/JSCover
+lib-cov
+
+# Coverage directory used by tools like istanbul
+coverage
+*.lcov
+
+# nyc test coverage
+.nyc_output
+
+# Grunt intermediate storage (https://gruntjs.com/creating-plugins#storing-task-files)
+.grunt
+
+# Bower dependency directory (https://bower.io/)
+bower_components
+
+# node-waf configuration
+.lock-wscript
+
+# Compiled binary addons (https://nodejs.org/api/addons.html)
+build/Release
+
+# Dependency directories
+jspm_packages/
+
+# TypeScript v1 declaration files
+typings/
+
+# TypeScript cache
+*.tsbuildinfo
+
+# Optional npm cache directory
+.npm
+
+# Optional eslint cache
+.eslintcache
+
+# Optional REPL history
+.node_repl_history
+
+# Output of 'npm pack'
+*.tgz
+
+# Yarn Integrity file
+.yarn-integrity
+
+# dotenv environment variables file
+.env
+.env.test
+
+# parcel-bundler cache (https://parceljs.org/)
+.cache
+
+# next.js build output
+.next
+
+# nuxt.js build output
+.nuxt
+
+# vuepress build output
+.vuepress/dist
+
+# Serverless directories
+.serverless/
+
+# FuseBox cache
+.fusebox/
+
+# DynamoDB Local files
+.dynamodb/
+
+# OS metadata
+.DS_Store
+Thumbs.db
+
+# Ignore built ts files
+__tests__/runner/*
+lib/**/*
+
+.direnv

.prettierignore

@@ -0,0 +1,4 @@
+dist/
+lib/
+node_modules/
+pnpm-lock.yaml

.prettierrc.json

@@ -0,0 +1 @@
+{}

README.md

@@ -3,9 +3,9 @@
 This repo houses a [Github Action][action] from [Determinate Systems][detsys] that performs health checks on your repos' [`flake.lock`][lock] files.
 Specifically, it wraps the [Nix Flake Checker][flake-checker] tool, which verifies that your root [Nixpkgs] inputs:
 
-* Have been updated within the last 30 days
-* Have the [`NixOS`][nixos-org] GitHub org as their owner
-* Are from a supported Git branch
+- Have been updated within the last 30 days
+- Have the [`NixOS`][nixos-org] GitHub org as their owner
+- Are from a supported Git branch
 
 Here's an example configuration that uses `flake-checker-action` as part of a broader Actions workflow involving Nix.
 
@@ -33,16 +33,16 @@ jobs:
 
 The Nix Flake Checker Action has a number of configuration parameters that you can set in the `with` block:
 
-Parameter | Description | Default
-:---------|:------------|:-------
-`flake-lock-path` | The path to the `flake.lock` file you want to check. | `flake.lock`
-`check-outdated` | Whether to check that the root Nixpkgs input is less than 30 days old. | `true`
-`check-owner` | Whether to check that the root Nixpkgs input has the `NixOS` GitHub org as its owner. | `true`
-`check-supported` | Whether to check that the root Nixpkgs input has a supported Git ref. Currently supported refs: `nixos-22.11`, `nixos-22.11-small`, `nixos-23.05`, `nixos-23.05-small`, `nixos-unstable`, `nixos-unstable-small`, `nixpkgs-22.11-darwin`, `nixpkgs-23.05-darwin`, `nixpkgs-unstable`. | `true`
-`nixpkgs-keys` | The names of the Nixpkgs inputs you want to check. By default the checker only checks the `nixpkgs` but you can specify multiple names as a comma-separated list, such as `nixpkgs,nixpkgs-macos,nixpkgs-unstable`. | `nixpkgs`
-`ignore-missing-flake-lock` | Whether to ignore a missing `flake.lock` file, where the path to the file is the value of `flake-lock-path` parameter. If set to `false` (the default is `true`), the Action throws an error and the job fails if the lockfile is missing. | `true`
-`fail-mode` | Fail with an exit code of 1 if any issues are encountered. | `false`
-`send-statistics` | Anonymously report the number of issues detected by the flake checker. This reporting helps measure the effectiveness of the flake checker. Set to `false` to disable. | `true`
+| Parameter                   | Description                                                                                                                                                                                                                                                                           | Default      |
+| :-------------------------- | :------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | :----------- |
+| `flake-lock-path`           | The path to the `flake.lock` file you want to check.                                                                                                                                                                                                                                  | `flake.lock` |
+| `check-outdated`            | Whether to check that the root Nixpkgs input is less than 30 days old.                                                                                                                                                                                                                | `true`       |
+| `check-owner`               | Whether to check that the root Nixpkgs input has the `NixOS` GitHub org as its owner.                                                                                                                                                                                                 | `true`       |
+| `check-supported`           | Whether to check that the root Nixpkgs input has a supported Git ref. Currently supported refs: `nixos-22.11`, `nixos-22.11-small`, `nixos-23.05`, `nixos-23.05-small`, `nixos-unstable`, `nixos-unstable-small`, `nixpkgs-22.11-darwin`, `nixpkgs-23.05-darwin`, `nixpkgs-unstable`. | `true`       |
+| `nixpkgs-keys`              | The names of the Nixpkgs inputs you want to check. By default the checker only checks the `nixpkgs` but you can specify multiple names as a comma-separated list, such as `nixpkgs,nixpkgs-macos,nixpkgs-unstable`.                                                                   | `nixpkgs`    |
+| `ignore-missing-flake-lock` | Whether to ignore a missing `flake.lock` file, where the path to the file is the value of `flake-lock-path` parameter. If set to `false` (the default is `true`), the Action throws an error and the job fails if the lockfile is missing.                                            | `true`       |
+| `fail-mode`                 | Fail with an exit code of 1 if any issues are encountered.                                                                                                                                                                                                                            | `false`      |
+| `send-statistics`           | Anonymously report the number of issues detected by the flake checker. This reporting helps measure the effectiveness of the flake checker. Set to `false` to disable.                                                                                                                | `true`       |
 
 Here's an example non-default configuration:
 
@@ -62,4 +62,3 @@ Here's an example non-default configuration:
 [lock]: https://zero-to-nix.com/concepts/flakes#lockfile
 [nixos-org]: https://github.com/NixOS
 [nixpkgs]: https://github.com/NixOS/nixpkgs
-

action.yml

@@ -44,50 +44,5 @@ inputs:
       measure (and thereby improve) the effectiveness of the checker. Set to `false` to disable.
     default: true
 runs:
-  using: composite
-  steps:
-    - name: Install the flake checker
-      shell: bash
-      run: |
-        set -eu
-
-        curl \
-          --connect-timeout 5 \
-          --retry 5 \
-          --retry-connrefused \
-          --proto '=https' \
-          --tlsv1.2 \
-          -fsLS \
-          https://install.determinate.systems/flake-checker/stable/$RUNNER_ARCH-$RUNNER_OS > "$RUNNER_TEMP/flake-checker"
-
-        chmod +x "$RUNNER_TEMP/flake-checker"
-
-        export NIX_FLAKE_CHECKER_FLAKE_LOCK_PATH="${{ inputs.flake-lock-path }}"
-
-        export NIX_FLAKE_CHECKER_NIXPKGS_KEYS="${{ inputs.nixpkgs-keys }}"
-
-        if [ "${{ inputs.send-statistics }}" == "false" ]; then
-          export NIX_FLAKE_CHECKER_NO_TELEMETRY="false"
-        fi
-
-        if [ "${{ inputs.check-outdated }}" == "false" ]; then
-          export NIX_FLAKE_CHECKER_CHECK_OUTDATED="false"
-        fi
-
-        if [ "${{ inputs.check-owner }}" == "false" ]; then
-          export NIX_FLAKE_CHECKER_CHECK_OWNER="false"
-        fi
-
-        if [ "${{ inputs.check-supported }}" == "false" ]; then
-          export NIX_FLAKE_CHECKER_CHECK_SUPPORTED="false"
-        fi
-
-        if [ "${{ inputs.ignore-missing-flake-lock }}" == "false" ]; then
-          export NIX_FLAKE_CHECKER_IGNORE_MISSING_FLAKE_LOCK="false"
-        fi
-
-        if [ "${{ inputs.fail-mode }}" == "true" ]; then
-          export NIX_FLAKE_CHECKER_FAIL_MODE="true"
-        fi
-
-        "$RUNNER_TEMP/flake-checker"
+  using: "node20"
+  main: "dist/index.js"