Switch from yarn to npm and refactor the action code

.devcontainer/devcontainer.json

@@ -0,0 +1,17 @@
+{
+  "$schema": "https://raw.githubusercontent.com/devcontainers/spec/main/schemas/devContainer.base.schema.json",
+  "name": "default",
+  "image": "node:20-bookworm",
+  "features": {
+    "ghcr.io/devcontainers/features/github-cli:1": {},
+    "ghcr.io/devcontainers/features/sshd:1": {}
+  },
+  "customizations": {
+    "vscode": {
+      "extensions": [
+        "streetsidesoftware.code-spell-checker"
+      ]
+    }
+  },
+  "postCreateCommand": "npm install"
+}

.editorconfig

@@ -9,3 +9,10 @@ insert_final_newline = true
 indent_style = space
 indent_size = 2
 trim_trailing_whitespace = true
+
+[{*.yml,*.yaml}]
+ij_any_spaces_within_braces = false
+ij_any_spaces_within_brackets = false
+
+[Makefile]
+indent_style = tab

.github/dependabot.yml

@@ -1,4 +1,5 @@
-# Docs: <https://docs.github.com/en/free-pro-team@latest/github/administering-a-repository/customizing-dependency-updates>
+# yaml-language-server: $schema=https://json.schemastore.org/dependabot-2.0.json
+# docs: https://docs.github.com/en/free-pro-team@latest/github/administering-a-repository/customizing-dependency-updates
 
 version: 2
 

.github/release.yml

@@ -0,0 +1,13 @@
+# yaml-language-server: $schema=https://json.schemastore.org/github-release-config.json
+# docs: https://docs.github.com/en/repositories/releasing-projects-on-github/automatically-generated-release-notes
+
+changelog:
+  categories:
+    - title: 🛠 Fixes
+      labels: [type:fix, type:bug]
+    - title: 🚀 Features
+      labels: [type:feature, type:feature_request]
+    - title: 📦 Dependency updates
+      labels: [dependencies]
+    - title: Other Changes
+      labels: ['*']

.github/workflows/dependabot.yml

@@ -1,4 +1,7 @@
-name: dependabot
+# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
+# docs: https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions
+
+name: 🤖 Dependabot
 
 on:
   pull_request: {}
@@ -9,15 +12,15 @@ permissions:
 
 jobs:
   dependabot: # https://tinyurl.com/e69djmen
+    name: Enable auto-merge for Dependabot PRs
     runs-on: ubuntu-latest
     if: ${{ github.actor == 'dependabot[bot]' }}
     steps:
       - uses: dependabot/fetch-metadata@v2
         id: metadata
         with: {github-token: "${{ secrets.GITHUB_TOKEN }}"}
 
-      - name: Enable auto-merge for Dependabot PRs
-        if: ${{ contains(fromJSON('["version-update:semver-minor", "version-update:semver-patch"]'), steps.metadata.outputs.update-type) }}
+      - if: ${{ contains(fromJSON('["version-update:semver-minor", "version-update:semver-patch"]'), steps.metadata.outputs.update-type) }}
         run: gh pr merge --auto --merge "$PR_URL"
         env:
           PR_URL: ${{ github.event.pull_request.html_url }}

.github/workflows/release.yml

@@ -1,4 +1,7 @@
-name: release
+# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
+# docs: https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions
+
+name: 🚀 Release
 
 on:
   release: # Docs: <https://help.github.com/en/articles/events-that-trigger-workflows#release-event-release>
@@ -10,12 +13,8 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
-
-      - uses: gacts/github-slug@v1
-        id: slug
-
-      - name: Setup git
-        env: {REPO_PATH: "${{ github.repository_owner }}/${{ github.event.repository.name }}"}
+      - {uses: gacts/github-slug@v1, id: slug}
+      - env: {REPO_PATH: "${{ github.repository_owner }}/${{ github.event.repository.name }}"}
         run: |
           git config --local user.email '[email protected]'
           git config --local user.name "${{ github.actor }}"

.github/workflows/tests.yml

@@ -1,4 +1,7 @@
-name: tests
+# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
+# docs: https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions
+
+name: 🧪 Tests
 
 on:
   push:
@@ -12,56 +15,37 @@ concurrency:
   group: ${{ github.ref }}
   cancel-in-progress: true
 
+env: {FORCE_COLOR: 'true'}
+
 jobs:
+  gitleaks:
+    name: Check for GitLeaks
+    runs-on: ubuntu-latest
+    steps:
+      - {uses: actions/checkout@v4, with: {fetch-depth: 0}}
+      - uses: gacts/gitleaks@v1
+
   eslint:
-    name: Run eslint
+    name: Run code linter
     runs-on: ubuntu-latest
-    env: {FORCE_COLOR: 'true'}
     steps:
       - uses: actions/checkout@v4
-
-      - uses: actions/setup-node@v4
-        with: {node-version: '20'}
-
-      - uses: actions/cache@v4
-        id: yarn-cache
-        with:
-          path: '**/node_modules'
-          key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
-          restore-keys: ${{ runner.os }}-yarn-
-
-      - if: steps.yarn-cache.outputs.cache-hit != 'true'
-        run: yarn install --frozen-lockfile --no-progress --non-interactive
-
-      - run: yarn lint
+      - {uses: gacts/setup-node-with-cache@v1, with: {node-version: 20}}
+      - run: npm install
+      - run: npm run lint
 
   dist-built:
     name: Check distributive built state
     runs-on: ubuntu-latest
     outputs:
       dist-changed: ${{ steps.state.outputs.changed }}
-    env: {FORCE_COLOR: 'true'}
     steps:
       - uses: actions/checkout@v4
-
-      - uses: actions/setup-node@v4
-        with: {node-version: '20'}
-
-      - uses: actions/cache@v4
-        id: yarn-cache
-        with:
-          path: '**/node_modules'
-          key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
-          restore-keys: ${{ runner.os }}-yarn-
-
-      - if: steps.yarn-cache.outputs.cache-hit != 'true'
-        run: yarn install --frozen-lockfile --no-progress --non-interactive
-
-      - run: yarn build
-
+      - {uses: gacts/setup-node-with-cache@v1, with: {node-version: 20}}
+      - run: npm install
+      - run: npm run build
       - uses: actions/upload-artifact@v4
         with: {name: dist, path: ./dist/, retention-days: 1}
-
       - id: state
         run: echo "changed=`git diff --diff-filter=ACMUXTR --name-only | grep dist/ > /dev/null && echo 'true' || echo 'false'`" >> $GITHUB_OUTPUT
 
@@ -75,30 +59,29 @@ jobs:
       pull-requests: write
     steps:
       - uses: actions/checkout@v4
-
       - uses: actions/download-artifact@v4
         with: {name: dist, path: ./dist/}
-
       - uses: stefanzweifel/git-auto-commit-action@v5
         with: {commit_message: Automatic distributive rebuild}
 
   run-this-action:
-    name: Run action (${{ matrix.runs-on }}, version ${{ matrix.version }})
+    name: Run action (${{ matrix.runs-on }}, ${{ matrix.version }})
     runs-on: ${{ matrix.runs-on }}
     strategy:
       fail-fast: false
       matrix:
         runs-on: [ubuntu-latest, macos-latest, windows-latest]
-        version: [7.3.0, 8.7.1, latest]
+        version: [7.3.0, 8.7.1, 8.18.4, latest]
+        exclude:
+          - {runs-on: macos-latest, version: 7.3.0} # GitLeaks v7.x for macOS on arm64 is not supported
     steps:
       - uses: actions/checkout@v4
         with: {fetch-depth: 0}
 
       - name: Run this action
         id: gitleaks
         uses: ./
-        with:
-          version: ${{ matrix.version }}
+        with: {version: '${{ matrix.version }}'}
 
       #- if: ${{ always() }}
       #  uses: github/codeql-action/upload-sarif@v2

.gitignore

@@ -8,14 +8,12 @@
 # Environment files
 *.env
 
-# npm lock file (use yarn only)
-package-lock.json
+# yarn lock file (use npm only)
+yarn.lock
 
 # Logs
 logs
 *.log
-yarn-debug.log*
-yarn-error.log*
 
 # Temp dirs & trash
 /temp

Makefile

@@ -1,23 +1,28 @@
 #!/usr/bin/make
+# Makefile readme: <https://www.gnu.org/software/make/manual/html_node/index.html#SEC_Contents>
 
-SHELL = /bin/bash
-DC_RUN_ARGS = --rm --user "$(shell id -u):$(shell id -g)"
+.DEFAULT_GOAL := build
+.MAIN := build
 
-.PHONY : help install shell lint test build
-.DEFAULT_GOAL : help
-
-help: ## Show this help
-	@printf "\033[33m%s:\033[0m\n" 'Available commands'
-	@awk 'BEGIN {FS = ":.*?## "} /^[a-zA-Z_-]+:.*?## / {printf "  \033[32m%-18s\033[0m %s\n", $$1, $$2}' $(MAKEFILE_LIST)
+NODE_IMAGE = node:20-alpine
+RUN_ARGS = --rm -v "$(shell pwd):/src:rw" \
+	-t --workdir "/src" \
+	-u "$(shell id -u):$(shell id -g)" \
+	-e "NPM_CONFIG_UPDATE_NOTIFIER=false" \
+	-e PATH="$$PATH:/src/node_modules/.bin" $(NODE_IMAGE)
 
+.PHONY: install
 install: ## Install all dependencies
-	docker-compose run $(DC_RUN_ARGS) node yarn install --no-progress --non-interactive
+	docker run $(RUN_ARGS) npm install
 
+.PHONY: shell
 shell: ## Start shell into a container with node
-	docker-compose run $(DC_RUN_ARGS) node sh
+	docker run -e "PS1=\[\033[1;34m\]\w\[\033[0;35m\] \[\033[1;36m\]# \[\033[0m\]" -i $(RUN_ARGS) sh
 
-lint: ## Execute provided linters
-	docker-compose run $(DC_RUN_ARGS) node yarn lint
+.PHONY: lint
+lint: ## Run lint
+	docker run $(RUN_ARGS) npm run lint
 
-build: ## Build frontend
-	docker-compose run $(DC_RUN_ARGS) node yarn build
+.PHONY: build
+build: install ## Build the extension and pack it into a zip file
+	docker run $(RUN_ARGS) npm run build