From 7475651cd047fb25a984b81e28be9943c363c905 Mon Sep 17 00:00:00 2001 From: Jake Bailey <5341706+jakebailey@users.noreply.github.com> Date: Tue, 12 Aug 2025 11:37:11 -0700 Subject: [PATCH 01/16] Don't filter codeql (#3432) --- .github/codeql/codeql-configuration.yml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/codeql/codeql-configuration.yml b/.github/codeql/codeql-configuration.yml index 611555557..912999c8a 100644 --- a/.github/codeql/codeql-configuration.yml +++ b/.github/codeql/codeql-configuration.yml @@ -1,4 +1,7 @@ name : CodeQL Configuration -paths: - - './packages' +paths-ignore: + # Contains syntax errors. + - 'packages/ts-twoslasher/test/fixtures/**' + # Contains code examples with syntax errors. + - '**/copy/en/**' From 4a3a6a9b6b222d25215cb8b546f9eb9d86909124 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 12 Aug 2025 18:55:54 +0000 Subject: [PATCH 02/16] Bump the github-actions group across 1 directory with 4 updates (#3431) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/CI.yml | 4 ++-- .github/workflows/codeql.yml | 8 ++++---- .github/workflows/deploy-preview.yml | 2 +- .github/workflows/deploy-prod-static.yml | 2 +- .github/workflows/keepalive.yml | 2 +- .github/workflows/publish-packages.yml | 4 ++-- 6 files changed, 11 insertions(+), 11 deletions(-) diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index 8afbb4c1f..8d9350f46 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -23,7 +23,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 with: node-version: "18.x" @@ -80,7 +80,7 @@ jobs: name: changesets runs-on: ubuntu-latest steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: fetch-depth: 0 - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index d48ed1c2f..ff2b106b9 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -40,11 +40,11 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15 + uses: github/codeql-action/init@df559355d593797519d70b90fc8edd5db049e7a2 # v3.29.9 with: config-file: ./.github/codeql/codeql-configuration.yml # Override language selection by uncommenting this and choosing your languages @@ -54,7 +54,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below). - name: Autobuild - uses: github/codeql-action/autobuild@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15 + uses: github/codeql-action/autobuild@df559355d593797519d70b90fc8edd5db049e7a2 # v3.29.9 # ℹ️ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -68,4 +68,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15 + uses: github/codeql-action/analyze@df559355d593797519d70b90fc8edd5db049e7a2 # v3.29.9 diff --git a/.github/workflows/deploy-preview.yml b/.github/workflows/deploy-preview.yml index 918fd78b2..315d84f54 100644 --- a/.github/workflows/deploy-preview.yml +++ b/.github/workflows/deploy-preview.yml @@ -131,7 +131,7 @@ jobs: - name: Download site build from PR if: ${{ steps.get-info.outputs.result != 'null' }} - uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1 + uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 with: name: site path: site diff --git a/.github/workflows/deploy-prod-static.yml b/.github/workflows/deploy-prod-static.yml index de21d355b..a9962eaeb 100644 --- a/.github/workflows/deploy-prod-static.yml +++ b/.github/workflows/deploy-prod-static.yml @@ -26,7 +26,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: # Fetch the full history, to build attribution.json fetch-depth: 0 diff --git a/.github/workflows/keepalive.yml b/.github/workflows/keepalive.yml index 3bd232ac0..62f4a46fd 100644 --- a/.github/workflows/keepalive.yml +++ b/.github/workflows/keepalive.yml @@ -11,7 +11,7 @@ jobs: contents: write steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - run: | if [[ $(git log --format="%H" --since "50 days" | head -c1 | wc -c) == 0 ]]; then git config user.email "typescriptbot@microsoft.com" diff --git a/.github/workflows/publish-packages.yml b/.github/workflows/publish-packages.yml index e36ab37ce..76c0938fe 100644 --- a/.github/workflows/publish-packages.yml +++ b/.github/workflows/publish-packages.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: fetch-depth: 0 filter: blob:none @@ -33,7 +33,7 @@ jobs: pnpm bootstrap pnpm build - - uses: changesets/action@06245a4e0a36c064a573d4150030f5ec548e4fcc # v1.4.10 + - uses: changesets/action@e0145edc7d9d8679003495b11f87bd8ef63c0cba # v1.5.3 with: publish: pnpm ci:publish env: From c95f3eb8a2e86eb158947a0582ee211a577a1438 Mon Sep 17 00:00:00 2001 From: Theo Date: Thu, 14 Aug 2025 15:39:54 +0100 Subject: [PATCH 03/16] Fix: correct filename for src/tsconfig-base.json in docs (#3433) --- .../documentation/copy/en/project-config/Project References.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/documentation/copy/en/project-config/Project References.md b/packages/documentation/copy/en/project-config/Project References.md index f7daf7c92..17bcedce8 100644 --- a/packages/documentation/copy/en/project-config/Project References.md +++ b/packages/documentation/copy/en/project-config/Project References.md @@ -172,7 +172,7 @@ Another good practice is to have a "solution" `tsconfig.json` file that simply h This presents a simple entry point; e.g. in the TypeScript repo we simply run `tsc -b src` to build all endpoints because we list all the subprojects in `src/tsconfig.json` -You can see these patterns in the TypeScript repo - see `src/tsconfig_base.json`, `src/tsconfig.json`, and `src/tsc/tsconfig.json` as key examples. +You can see these patterns in the TypeScript repo - see `src/tsconfig-base.json`, `src/tsconfig.json`, and `src/tsc/tsconfig.json` as key examples. ### Structuring for relative modules From c2b25d220465dac34dd2da41a2a44cb30c6f42e4 Mon Sep 17 00:00:00 2001 From: Rob Palmer Date: Fri, 5 Sep 2025 18:49:14 +0100 Subject: [PATCH 04/16] Modules Theory: require(ESM) is in Node 20 (#3440) --- packages/documentation/copy/en/modules-reference/Theory.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/packages/documentation/copy/en/modules-reference/Theory.md b/packages/documentation/copy/en/modules-reference/Theory.md index 3c54f7f9b..5e64354c5 100644 --- a/packages/documentation/copy/en/modules-reference/Theory.md +++ b/packages/documentation/copy/en/modules-reference/Theory.md @@ -180,11 +180,11 @@ Can an ES module `import` a CommonJS module? If so, does a default import link t 1. **ESM-only.** Some runtimes, like browser engines, only support what’s actually a part of the language: ECMAScript Modules. 2. **Bundler-like.** Before any major JavaScript engine could run ES modules, Babel allowed developers to write them by transpiling them to CommonJS. The way these ESM-transpiled-to-CJS files interacted with hand-written-CJS files implied a set of permissive interoperability rules that have become the de facto standard for bundlers and transpilers. -3. **Node.js.** Until Node.js v22.12.0, CommonJS modules could not load ES modules synchronously (with `require`); they could only load them asynchronously with dynamic `import()` calls. ES modules can default-import CJS modules, which always binds to `exports`. (This means that a default import of a Babel-like CJS output with `__esModule` behaves differently between Node.js and some bundlers.) +3. **Node.js.** Until Node.js v20.19.0, CommonJS modules could not load ES modules synchronously (with `require`); they could only load them asynchronously with dynamic `import()` calls. ES modules can default-import CJS modules, which always binds to `exports`. (This means that a default import of a Babel-like CJS output with `__esModule` behaves differently between Node.js and some bundlers.) TypeScript needs to know which of these rule sets to assume in order to provide correct types on (particularly `default`) imports and to error on imports that will crash at runtime. When the `module` compiler option is set to `node16`, `node18`, or `nodenext`, Node.js’s version-specific rules are enforced.[^1] All other `module` settings, combined with the [`esModuleInterop`](/docs/handbook/modules/reference.html#esModuleInterop) option, result in bundler-like interop in TypeScript. (While using `--module esnext` does prevent you from _writing_ CommonJS modules, it does not prevent you from _importing_ them as dependencies. There’s currently no TypeScript setting that can guard against an ES module importing a CommonJS module, as would be appropriate for direct-to-browser code.) -[^1]: In Node.js v22.12.0 and later, a `require` of an ES module is allowed, but only if the resolved module and its top-level imports don’t use top-level `await`. TypeScript does not try to enforce this rule, as it lacks the ability to tell from a declaration file whether the corresponding JavaScript file contains top-level `await`. +[^1]: In Node.js v20.19.0 and later, a `require` of an ES module is allowed, but only if the resolved module and its top-level imports don’t use top-level `await`. TypeScript does not try to enforce this rule, as it lacks the ability to tell from a declaration file whether the corresponding JavaScript file contains top-level `await`. ### Module specifiers are not transformed by default @@ -341,7 +341,7 @@ import { add } from "./math.ts"; This restriction applies since TypeScript [won’t rewrite the extension](#module-specifiers-are-not-transformed) to `.js`, and if `"./math.ts"` appears in an output JS file, that import won’t resolve to another JS file at runtime. TypeScript really wants to prevent you from generating an unsafe output JS file. But what if there _is_ no output JS file? What if you’re in one of these situations: - You’re bundling this code, the bundler is configured to transpile TypeScript files in-memory, and it will eventually consume and erase all the imports you’ve written to produce a bundle. -- You’re running this code directly in a TypeScript runtime like Deno or Bun. +- You’re running this code directly in a TypeScript runtime like Node, Deno or Bun. - You’re using `ts-node`, `tsx`, or another transpiling loader for Node. In these cases, you can turn on `noEmit` (or `emitDeclarationOnly`) and `allowImportingTsExtensions` to disable emitting unsafe JavaScript files and silence the error on `.ts`-extensioned imports. From c964e94d427477ac93b99d1445ffe8e64234bb53 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 21 Oct 2025 01:46:57 +0000 Subject: [PATCH 05/16] Bump the github-actions group across 1 directory with 5 updates (#3448) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/CI.yml | 8 ++++---- .github/workflows/codeql.yml | 6 +++--- .github/workflows/deploy-preview.yml | 4 ++-- .github/workflows/deploy-prod-static.yml | 6 +++--- .github/workflows/publish-packages.yml | 4 ++-- 5 files changed, 14 insertions(+), 14 deletions(-) diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index 8d9350f46..dd62b806d 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -24,10 +24,10 @@ jobs: steps: - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 + - uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0 with: node-version: "18.x" - - uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # v4.1.0 + - uses: pnpm/action-setup@41ff72655975bd51cab0327fa583b6e92b6d3061 # v4.2.0 - run: pnpm install @@ -83,10 +83,10 @@ jobs: - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: fetch-depth: 0 - - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 + - uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0 with: node-version: 'lts/*' - - uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # v4.1.0 + - uses: pnpm/action-setup@41ff72655975bd51cab0327fa583b6e92b6d3061 # v4.2.0 - run: pnpm install diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index ff2b106b9..148b82263 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -44,7 +44,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@df559355d593797519d70b90fc8edd5db049e7a2 # v3.29.9 + uses: github/codeql-action/init@16140ae1a102900babc80a33c44059580f687047 # v4.30.9 with: config-file: ./.github/codeql/codeql-configuration.yml # Override language selection by uncommenting this and choosing your languages @@ -54,7 +54,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below). - name: Autobuild - uses: github/codeql-action/autobuild@df559355d593797519d70b90fc8edd5db049e7a2 # v3.29.9 + uses: github/codeql-action/autobuild@16140ae1a102900babc80a33c44059580f687047 # v4.30.9 # ℹ️ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -68,4 +68,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@df559355d593797519d70b90fc8edd5db049e7a2 # v3.29.9 + uses: github/codeql-action/analyze@16140ae1a102900babc80a33c44059580f687047 # v4.30.9 diff --git a/.github/workflows/deploy-preview.yml b/.github/workflows/deploy-preview.yml index 315d84f54..d318caf64 100644 --- a/.github/workflows/deploy-preview.yml +++ b/.github/workflows/deploy-preview.yml @@ -23,7 +23,7 @@ jobs: steps: - name: Get PR/workflow run info id: get-info - uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 + uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 with: script: | console.dir(context, { depth: null }); @@ -154,7 +154,7 @@ jobs: - name: Comment on PR if: ${{ steps.get-info.outputs.result != 'null' }} - uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 + uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 env: PR_NUMBER: ${{ fromJson(steps.get-info.outputs.result).pr }} SITE_URL: ${{ steps.deploy.outputs.static_web_app_url }} diff --git a/.github/workflows/deploy-prod-static.yml b/.github/workflows/deploy-prod-static.yml index a9962eaeb..8299b5164 100644 --- a/.github/workflows/deploy-prod-static.yml +++ b/.github/workflows/deploy-prod-static.yml @@ -30,11 +30,11 @@ jobs: with: # Fetch the full history, to build attribution.json fetch-depth: 0 - - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 + - uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0 with: node-version: "18.x" - - uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # v4.1.0 + - uses: pnpm/action-setup@41ff72655975bd51cab0327fa583b6e92b6d3061 # v4.2.0 # Builds the modules, and boostraps the other modules - name: Build website @@ -54,7 +54,7 @@ jobs: uses: actions/configure-pages@983d7736d9b0ae728b81ab479565c72886d7745b # v5 - name: Upload artifact - uses: actions/upload-pages-artifact@56afc609e74202658d3ffba0e8f6dda462b719fa # v3 + uses: actions/upload-pages-artifact@7b1f4a764d45c48632c6b24a0339c27f5614fb0b # v3 with: path: './site' diff --git a/.github/workflows/publish-packages.yml b/.github/workflows/publish-packages.yml index 76c0938fe..dd88acaba 100644 --- a/.github/workflows/publish-packages.yml +++ b/.github/workflows/publish-packages.yml @@ -21,11 +21,11 @@ jobs: fetch-depth: 0 filter: blob:none token: ${{ secrets.TS_BOT_TOKEN }} - - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 + - uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0 with: node-version: "18.x" registry-url: "https://registry.npmjs.org/" - - uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # v4.1.0 + - uses: pnpm/action-setup@41ff72655975bd51cab0327fa583b6e92b6d3061 # v4.2.0 - name: Prepare website v2 run: | From 1843cf45e06193b3dc072088785fe2bfad477de5 Mon Sep 17 00:00:00 2001 From: Yam C Borodetsky Date: Fri, 24 Oct 2025 21:27:43 +0500 Subject: [PATCH 06/16] Add proper localStorage availability checks to support Node v25 in @typescript/vfs (#3450) Co-authored-by: Jake Bailey <5341706+jakebailey@users.noreply.github.com> --- .changeset/famous-pillows-kiss.md | 5 +++++ packages/typescript-vfs/src/index.ts | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) create mode 100644 .changeset/famous-pillows-kiss.md diff --git a/.changeset/famous-pillows-kiss.md b/.changeset/famous-pillows-kiss.md new file mode 100644 index 000000000..97f384436 --- /dev/null +++ b/.changeset/famous-pillows-kiss.md @@ -0,0 +1,5 @@ +--- +"@typescript/vfs": patch +--- + +Modify localStorage check to prevent crashes in Node 25 diff --git a/packages/typescript-vfs/src/index.ts b/packages/typescript-vfs/src/index.ts index be88ea840..11f0c0e2e 100755 --- a/packages/typescript-vfs/src/index.ts +++ b/packages/typescript-vfs/src/index.ts @@ -23,7 +23,7 @@ try { } catch (error) { } const hasProcess = typeof process !== `undefined` -const shouldDebug = (hasLocalStorage && localStorage!.getItem("DEBUG")) || (hasProcess && process.env.DEBUG) +const shouldDebug = (hasLocalStorage && typeof localStorage!.getItem === 'function' && localStorage!.getItem("DEBUG")) || (hasProcess && process.env.DEBUG) const debugLog = shouldDebug ? console.log : (_message?: any, ..._optionalParams: any[]) => "" export interface VirtualTypeScriptEnvironment { From fdbf8d2a61a1bf2fffcccfe44566fc01dbdfbce5 Mon Sep 17 00:00:00 2001 From: TypeScript Bot <23042052+typescript-bot@users.noreply.github.com> Date: Fri, 24 Oct 2025 09:46:34 -0700 Subject: [PATCH 07/16] Version Packages (#3453) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- .changeset/famous-pillows-kiss.md | 5 ----- .changeset/tender-crabs-tease.md | 2 -- packages/sandbox/CHANGELOG.md | 7 +++++++ packages/sandbox/package.json | 2 +- packages/ts-twoslasher/CHANGELOG.md | 7 +++++++ packages/ts-twoslasher/package.json | 2 +- packages/typescript-vfs/CHANGELOG.md | 6 ++++++ packages/typescript-vfs/package.json | 2 +- 8 files changed, 23 insertions(+), 10 deletions(-) delete mode 100644 .changeset/famous-pillows-kiss.md delete mode 100644 .changeset/tender-crabs-tease.md diff --git a/.changeset/famous-pillows-kiss.md b/.changeset/famous-pillows-kiss.md deleted file mode 100644 index 97f384436..000000000 --- a/.changeset/famous-pillows-kiss.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -"@typescript/vfs": patch ---- - -Modify localStorage check to prevent crashes in Node 25 diff --git a/.changeset/tender-crabs-tease.md b/.changeset/tender-crabs-tease.md deleted file mode 100644 index a845151cc..000000000 --- a/.changeset/tender-crabs-tease.md +++ /dev/null @@ -1,2 +0,0 @@ ---- ---- diff --git a/packages/sandbox/CHANGELOG.md b/packages/sandbox/CHANGELOG.md index 6f4f005e4..1c21179bd 100644 --- a/packages/sandbox/CHANGELOG.md +++ b/packages/sandbox/CHANGELOG.md @@ -1,5 +1,12 @@ # @typescript/sandbox +## 0.1.10 + +### Patch Changes + +- Updated dependencies [[`1843cf4`](https://github.com/microsoft/TypeScript-Website/commit/1843cf45e06193b3dc072088785fe2bfad477de5)]: + - @typescript/vfs@1.6.2 + ## 0.1.9 ### Patch Changes diff --git a/packages/sandbox/package.json b/packages/sandbox/package.json index cba5e4c79..a5ce7049e 100644 --- a/packages/sandbox/package.json +++ b/packages/sandbox/package.json @@ -1,6 +1,6 @@ { "name": "@typescript/sandbox", - "version": "0.1.9", + "version": "0.1.10", "license": "MIT", "author": "TypeScript team", "homepage": "https://github.com/microsoft/TypeScript-Website", diff --git a/packages/ts-twoslasher/CHANGELOG.md b/packages/ts-twoslasher/CHANGELOG.md index 65a2519d6..346fa87f0 100644 --- a/packages/ts-twoslasher/CHANGELOG.md +++ b/packages/ts-twoslasher/CHANGELOG.md @@ -1,5 +1,12 @@ # @typescript/twoslash +## 3.2.10 + +### Patch Changes + +- Updated dependencies [[`1843cf4`](https://github.com/microsoft/TypeScript-Website/commit/1843cf45e06193b3dc072088785fe2bfad477de5)]: + - @typescript/vfs@1.6.2 + ## 3.2.9 ### Patch Changes diff --git a/packages/ts-twoslasher/package.json b/packages/ts-twoslasher/package.json index f521f87d5..925379139 100755 --- a/packages/ts-twoslasher/package.json +++ b/packages/ts-twoslasher/package.json @@ -1,6 +1,6 @@ { "name": "@typescript/twoslash", - "version": "3.2.9", + "version": "3.2.10", "license": "MIT", "author": "TypeScript team", "homepage": "https://github.com/microsoft/TypeScript-Website", diff --git a/packages/typescript-vfs/CHANGELOG.md b/packages/typescript-vfs/CHANGELOG.md index e478bf9c2..f9d2b4fbd 100644 --- a/packages/typescript-vfs/CHANGELOG.md +++ b/packages/typescript-vfs/CHANGELOG.md @@ -1,5 +1,11 @@ # @typescript/vfs +## 1.6.2 + +### Patch Changes + +- [#3450](https://github.com/microsoft/TypeScript-Website/pull/3450) [`1843cf4`](https://github.com/microsoft/TypeScript-Website/commit/1843cf45e06193b3dc072088785fe2bfad477de5) Thanks [@yamcodes](https://github.com/yamcodes)! - Modify localStorage check to prevent crashes in Node 25 + ## 1.6.1 ### Patch Changes diff --git a/packages/typescript-vfs/package.json b/packages/typescript-vfs/package.json index 5130df704..aa633bb5f 100755 --- a/packages/typescript-vfs/package.json +++ b/packages/typescript-vfs/package.json @@ -1,6 +1,6 @@ { "name": "@typescript/vfs", - "version": "1.6.1", + "version": "1.6.2", "license": "MIT", "author": "TypeScript team", "homepage": "https://github.com/microsoft/TypeScript-Website", From 9d070104bcad495ecba761cd246e4b06e338e56e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 28 Oct 2025 00:17:11 +0000 Subject: [PATCH 08/16] Bump the github-actions group with 3 updates (#3454) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/CI.yml | 4 ++-- .github/workflows/codeql.yml | 6 +++--- .github/workflows/deploy-preview.yml | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index dd62b806d..60aefd333 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -41,7 +41,7 @@ jobs: # Verify it compiles - run: pnpm build-site - - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 if: github.event_name == 'pull_request' && matrix.os == 'ubuntu-latest' with: name: site @@ -71,7 +71,7 @@ jobs: - name: Upload diff artifact if: ${{ failure() && steps.check-diff.conclusion == 'failure' }} - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: missing.patch path: missing.patch diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 148b82263..166d4b83f 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -44,7 +44,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@16140ae1a102900babc80a33c44059580f687047 # v4.30.9 + uses: github/codeql-action/init@4e94bd11f71e507f7f87df81788dff88d1dacbfb # v4.31.0 with: config-file: ./.github/codeql/codeql-configuration.yml # Override language selection by uncommenting this and choosing your languages @@ -54,7 +54,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below). - name: Autobuild - uses: github/codeql-action/autobuild@16140ae1a102900babc80a33c44059580f687047 # v4.30.9 + uses: github/codeql-action/autobuild@4e94bd11f71e507f7f87df81788dff88d1dacbfb # v4.31.0 # ℹ️ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -68,4 +68,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@16140ae1a102900babc80a33c44059580f687047 # v4.30.9 + uses: github/codeql-action/analyze@4e94bd11f71e507f7f87df81788dff88d1dacbfb # v4.31.0 diff --git a/.github/workflows/deploy-preview.yml b/.github/workflows/deploy-preview.yml index d318caf64..8133372d7 100644 --- a/.github/workflows/deploy-preview.yml +++ b/.github/workflows/deploy-preview.yml @@ -131,7 +131,7 @@ jobs: - name: Download site build from PR if: ${{ steps.get-info.outputs.result != 'null' }} - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 + uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: name: site path: site From 0d9644195cfe341617b20728fcac174a8e6f3920 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 4 Nov 2025 00:03:18 +0000 Subject: [PATCH 09/16] Bump github/codeql-action from 4.31.0 to 4.31.2 in the github-actions group (#3456) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/codeql.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 166d4b83f..5546cc512 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -44,7 +44,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@4e94bd11f71e507f7f87df81788dff88d1dacbfb # v4.31.0 + uses: github/codeql-action/init@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2 with: config-file: ./.github/codeql/codeql-configuration.yml # Override language selection by uncommenting this and choosing your languages @@ -54,7 +54,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below). - name: Autobuild - uses: github/codeql-action/autobuild@4e94bd11f71e507f7f87df81788dff88d1dacbfb # v4.31.0 + uses: github/codeql-action/autobuild@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2 # ℹ️ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -68,4 +68,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@4e94bd11f71e507f7f87df81788dff88d1dacbfb # v4.31.0 + uses: github/codeql-action/analyze@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2 From 162dee4e3a227dfa994785b30a272e841502a4c3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 17 Nov 2025 17:10:34 -0800 Subject: [PATCH 10/16] Bump the github-actions group with 2 updates (#3460) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/CI.yml | 4 ++-- .github/workflows/codeql.yml | 8 ++++---- .github/workflows/deploy-prod-static.yml | 2 +- .github/workflows/keepalive.yml | 2 +- .github/workflows/publish-packages.yml | 2 +- 5 files changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index 60aefd333..fe37373de 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -23,7 +23,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 - uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0 with: node-version: "18.x" @@ -80,7 +80,7 @@ jobs: name: changesets runs-on: ubuntu-latest steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: fetch-depth: 0 - uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0 diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 5546cc512..5dbb4743a 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -40,11 +40,11 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2 + uses: github/codeql-action/init@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3 with: config-file: ./.github/codeql/codeql-configuration.yml # Override language selection by uncommenting this and choosing your languages @@ -54,7 +54,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below). - name: Autobuild - uses: github/codeql-action/autobuild@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2 + uses: github/codeql-action/autobuild@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3 # ℹ️ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -68,4 +68,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2 + uses: github/codeql-action/analyze@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3 diff --git a/.github/workflows/deploy-prod-static.yml b/.github/workflows/deploy-prod-static.yml index 8299b5164..86ea51093 100644 --- a/.github/workflows/deploy-prod-static.yml +++ b/.github/workflows/deploy-prod-static.yml @@ -26,7 +26,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: # Fetch the full history, to build attribution.json fetch-depth: 0 diff --git a/.github/workflows/keepalive.yml b/.github/workflows/keepalive.yml index 62f4a46fd..4e441d77b 100644 --- a/.github/workflows/keepalive.yml +++ b/.github/workflows/keepalive.yml @@ -11,7 +11,7 @@ jobs: contents: write steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 - run: | if [[ $(git log --format="%H" --since "50 days" | head -c1 | wc -c) == 0 ]]; then git config user.email "typescriptbot@microsoft.com" diff --git a/.github/workflows/publish-packages.yml b/.github/workflows/publish-packages.yml index dd88acaba..950aedeab 100644 --- a/.github/workflows/publish-packages.yml +++ b/.github/workflows/publish-packages.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: fetch-depth: 0 filter: blob:none From 5b2c0a7c557102f2b6aa1c736fbea94e9863d82e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 25 Nov 2025 02:45:48 -0500 Subject: [PATCH 11/16] Bump the github-actions group with 2 updates (#3462) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/CI.yml | 4 ++-- .github/workflows/codeql.yml | 8 ++++---- .github/workflows/deploy-prod-static.yml | 2 +- .github/workflows/keepalive.yml | 2 +- .github/workflows/publish-packages.yml | 2 +- 5 files changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index fe37373de..d5ccb2ca2 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -23,7 +23,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0 with: node-version: "18.x" @@ -80,7 +80,7 @@ jobs: name: changesets runs-on: ubuntu-latest steps: - - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 with: fetch-depth: 0 - uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0 diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 5dbb4743a..5f65a7ad8 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -40,11 +40,11 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3 + uses: github/codeql-action/init@fdbfb4d2750291e159f0156def62b853c2798ca2 # v4.31.5 with: config-file: ./.github/codeql/codeql-configuration.yml # Override language selection by uncommenting this and choosing your languages @@ -54,7 +54,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below). - name: Autobuild - uses: github/codeql-action/autobuild@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3 + uses: github/codeql-action/autobuild@fdbfb4d2750291e159f0156def62b853c2798ca2 # v4.31.5 # ℹ️ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -68,4 +68,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3 + uses: github/codeql-action/analyze@fdbfb4d2750291e159f0156def62b853c2798ca2 # v4.31.5 diff --git a/.github/workflows/deploy-prod-static.yml b/.github/workflows/deploy-prod-static.yml index 86ea51093..46e673559 100644 --- a/.github/workflows/deploy-prod-static.yml +++ b/.github/workflows/deploy-prod-static.yml @@ -26,7 +26,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 with: # Fetch the full history, to build attribution.json fetch-depth: 0 diff --git a/.github/workflows/keepalive.yml b/.github/workflows/keepalive.yml index 4e441d77b..6b7c221c1 100644 --- a/.github/workflows/keepalive.yml +++ b/.github/workflows/keepalive.yml @@ -11,7 +11,7 @@ jobs: contents: write steps: - - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - run: | if [[ $(git log --format="%H" --since "50 days" | head -c1 | wc -c) == 0 ]]; then git config user.email "typescriptbot@microsoft.com" diff --git a/.github/workflows/publish-packages.yml b/.github/workflows/publish-packages.yml index 950aedeab..e20ac7510 100644 --- a/.github/workflows/publish-packages.yml +++ b/.github/workflows/publish-packages.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 with: fetch-depth: 0 filter: blob:none From 5daeca1c8092283b05afa6025babcc58ac495fbe Mon Sep 17 00:00:00 2001 From: Dhruv Girish Nayak <137804786+DrNayak2306@users.noreply.github.com> Date: Mon, 1 Dec 2025 23:56:28 +0530 Subject: [PATCH 12/16] style: use --code-font for code sections (#3461) --- .../typescriptlang-org/src/templates/markdown-twoslash.scss | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/typescriptlang-org/src/templates/markdown-twoslash.scss b/packages/typescriptlang-org/src/templates/markdown-twoslash.scss index 3bef2d872..ded155935 100644 --- a/packages/typescriptlang-org/src/templates/markdown-twoslash.scss +++ b/packages/typescriptlang-org/src/templates/markdown-twoslash.scss @@ -128,7 +128,7 @@ pre .code-container:focus a { pre code { font-size: 15px; - font-family: "JetBrains Mono", Menlo, Monaco, Consolas, Courier New, monospace; + font-family: var(--code-font); white-space: pre; -webkit-overflow-scrolling: touch; } From da2034981ef04fbd3533a18ea3032b14afacdbb5 Mon Sep 17 00:00:00 2001 From: Rob Palmer Date: Tue, 2 Dec 2025 00:33:38 +0000 Subject: [PATCH 13/16] Docs: `erasableSyntaxOnly` should mention type assertions (#3465) --- .../tsconfig-reference/copy/en/options/erasableSyntaxOnly.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/packages/tsconfig-reference/copy/en/options/erasableSyntaxOnly.md b/packages/tsconfig-reference/copy/en/options/erasableSyntaxOnly.md index 92f662b42..7f6729778 100644 --- a/packages/tsconfig-reference/copy/en/options/erasableSyntaxOnly.md +++ b/packages/tsconfig-reference/copy/en/options/erasableSyntaxOnly.md @@ -13,6 +13,7 @@ That means the following constructs are not supported: * `namespace`s and `module`s with runtime code * parameter properties in classes * Non-ECMAScript `import =` and `export =` assignments +* ``-style type assertions ```ts // ❌ error: An `import ... = require(...)` alias @@ -43,6 +44,9 @@ enum Direction { Left, Right, } + +// ❌ error: -style type assertion. +const num = 1; ``` Similar tools like [ts-blank-space](https://github.com/bloomberg/ts-blank-space) or [Amaro](https://github.com/nodejs/amaro) (the underlying library for type-stripping in Node.js) have the same limitations. From cb6b8eaa6e2b1cc5a9c58590be0fb5a0eb3d5762 Mon Sep 17 00:00:00 2001 From: Jake Bailey <5341706+jakebailey@users.noreply.github.com> Date: Mon, 8 Dec 2025 09:59:49 -0800 Subject: [PATCH 14/16] Disable CI jobs in forks (#3471) --- .github/workflows/close-preview.yml | 1 + .github/workflows/deploy-preview.yml | 1 + .github/workflows/deploy-prod-static.yml | 2 ++ .github/workflows/keepalive.yml | 1 + .github/workflows/publish-packages.yml | 1 + 5 files changed, 6 insertions(+) diff --git a/.github/workflows/close-preview.yml b/.github/workflows/close-preview.yml index a8a6503f2..31ff64561 100644 --- a/.github/workflows/close-preview.yml +++ b/.github/workflows/close-preview.yml @@ -12,6 +12,7 @@ on: jobs: close: runs-on: ubuntu-latest + if: github.repository == 'microsoft/TypeScript-Website' steps: - uses: Azure/static-web-apps-deploy@v1 with: diff --git a/.github/workflows/deploy-preview.yml b/.github/workflows/deploy-preview.yml index 8133372d7..a7ac56c71 100644 --- a/.github/workflows/deploy-preview.yml +++ b/.github/workflows/deploy-preview.yml @@ -20,6 +20,7 @@ permissions: jobs: deploy: runs-on: ubuntu-latest + if: github.repository == 'microsoft/TypeScript-Website' steps: - name: Get PR/workflow run info id: get-info diff --git a/.github/workflows/deploy-prod-static.yml b/.github/workflows/deploy-prod-static.yml index 46e673559..96c2d4cf2 100644 --- a/.github/workflows/deploy-prod-static.yml +++ b/.github/workflows/deploy-prod-static.yml @@ -24,6 +24,7 @@ concurrency: jobs: build: runs-on: ubuntu-latest + if: github.repository == 'microsoft/TypeScript-Website' steps: - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 @@ -64,6 +65,7 @@ jobs: url: ${{ steps.deployment.outputs.page_url }} runs-on: ubuntu-latest needs: build + if: github.repository == 'microsoft/TypeScript-Website' steps: - name: Deploy to GitHub Pages id: deployment diff --git a/.github/workflows/keepalive.yml b/.github/workflows/keepalive.yml index 6b7c221c1..3ee368647 100644 --- a/.github/workflows/keepalive.yml +++ b/.github/workflows/keepalive.yml @@ -6,6 +6,7 @@ on: jobs: keepalive: runs-on: ubuntu-latest + if: github.repository == 'microsoft/TypeScript-Website' permissions: contents: write diff --git a/.github/workflows/publish-packages.yml b/.github/workflows/publish-packages.yml index e20ac7510..d8bb83b1a 100644 --- a/.github/workflows/publish-packages.yml +++ b/.github/workflows/publish-packages.yml @@ -14,6 +14,7 @@ concurrency: ${{ github.workflow }}-${{ github.ref }} jobs: build: runs-on: ubuntu-latest + if: github.repository == 'microsoft/TypeScript-Website' steps: - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 From 5d333d7e1ad55f9b5ac6bf06c24f237a71e1e15c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 9 Dec 2025 00:22:57 +0000 Subject: [PATCH 15/16] Bump the github-actions group across 1 directory with 3 updates (#3472) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/CI.yml | 8 ++++---- .github/workflows/codeql.yml | 8 ++++---- .github/workflows/deploy-prod-static.yml | 4 ++-- .github/workflows/keepalive.yml | 2 +- .github/workflows/publish-packages.yml | 4 ++-- 5 files changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index d5ccb2ca2..210f46f3c 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -23,8 +23,8 @@ jobs: runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - - uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 with: node-version: "18.x" - uses: pnpm/action-setup@41ff72655975bd51cab0327fa583b6e92b6d3061 # v4.2.0 @@ -80,10 +80,10 @@ jobs: name: changesets runs-on: ubuntu-latest steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 - - uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0 + - uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 with: node-version: 'lts/*' - uses: pnpm/action-setup@41ff72655975bd51cab0327fa583b6e92b6d3061 # v4.2.0 diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 5f65a7ad8..4f853d942 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -40,11 +40,11 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@fdbfb4d2750291e159f0156def62b853c2798ca2 # v4.31.5 + uses: github/codeql-action/init@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7 with: config-file: ./.github/codeql/codeql-configuration.yml # Override language selection by uncommenting this and choosing your languages @@ -54,7 +54,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below). - name: Autobuild - uses: github/codeql-action/autobuild@fdbfb4d2750291e159f0156def62b853c2798ca2 # v4.31.5 + uses: github/codeql-action/autobuild@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7 # ℹ️ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -68,4 +68,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@fdbfb4d2750291e159f0156def62b853c2798ca2 # v4.31.5 + uses: github/codeql-action/analyze@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7 diff --git a/.github/workflows/deploy-prod-static.yml b/.github/workflows/deploy-prod-static.yml index 96c2d4cf2..6a8be5f5a 100644 --- a/.github/workflows/deploy-prod-static.yml +++ b/.github/workflows/deploy-prod-static.yml @@ -27,11 +27,11 @@ jobs: if: github.repository == 'microsoft/TypeScript-Website' steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: # Fetch the full history, to build attribution.json fetch-depth: 0 - - uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0 + - uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 with: node-version: "18.x" diff --git a/.github/workflows/keepalive.yml b/.github/workflows/keepalive.yml index 3ee368647..a65625c56 100644 --- a/.github/workflows/keepalive.yml +++ b/.github/workflows/keepalive.yml @@ -12,7 +12,7 @@ jobs: contents: write steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - run: | if [[ $(git log --format="%H" --since "50 days" | head -c1 | wc -c) == 0 ]]; then git config user.email "typescriptbot@microsoft.com" diff --git a/.github/workflows/publish-packages.yml b/.github/workflows/publish-packages.yml index d8bb83b1a..185e6621a 100644 --- a/.github/workflows/publish-packages.yml +++ b/.github/workflows/publish-packages.yml @@ -17,12 +17,12 @@ jobs: if: github.repository == 'microsoft/TypeScript-Website' steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 filter: blob:none token: ${{ secrets.TS_BOT_TOKEN }} - - uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0 + - uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 with: node-version: "18.x" registry-url: "https://registry.npmjs.org/" From 9ec526c794799dbbd1de61b1586e1158d1c51867 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 16 Dec 2025 00:18:49 +0000 Subject: [PATCH 16/16] Bump the github-actions group with 3 updates (#3474) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/CI.yml | 4 ++-- .github/workflows/codeql.yml | 6 +++--- .github/workflows/deploy-preview.yml | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index 210f46f3c..9d06a71eb 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -41,7 +41,7 @@ jobs: # Verify it compiles - run: pnpm build-site - - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 if: github.event_name == 'pull_request' && matrix.os == 'ubuntu-latest' with: name: site @@ -71,7 +71,7 @@ jobs: - name: Upload diff artifact if: ${{ failure() && steps.check-diff.conclusion == 'failure' }} - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 with: name: missing.patch path: missing.patch diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 4f853d942..5e5e99a87 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -44,7 +44,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7 + uses: github/codeql-action/init@1b168cd39490f61582a9beae412bb7057a6b2c4e # v4.31.8 with: config-file: ./.github/codeql/codeql-configuration.yml # Override language selection by uncommenting this and choosing your languages @@ -54,7 +54,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below). - name: Autobuild - uses: github/codeql-action/autobuild@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7 + uses: github/codeql-action/autobuild@1b168cd39490f61582a9beae412bb7057a6b2c4e # v4.31.8 # ℹ️ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -68,4 +68,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7 + uses: github/codeql-action/analyze@1b168cd39490f61582a9beae412bb7057a6b2c4e # v4.31.8 diff --git a/.github/workflows/deploy-preview.yml b/.github/workflows/deploy-preview.yml index a7ac56c71..a8bb746f5 100644 --- a/.github/workflows/deploy-preview.yml +++ b/.github/workflows/deploy-preview.yml @@ -132,7 +132,7 @@ jobs: - name: Download site build from PR if: ${{ steps.get-info.outputs.result != 'null' }} - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 + uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 with: name: site path: site