chore: import upstream snapshot with attribution

This commit is contained in:
wehub-resource-sync
2026-07-13 12:10:05 +08:00
commit d37d8d293b
1388 changed files with 484182 additions and 0 deletions
+65
View File
@@ -0,0 +1,65 @@
name: "CodeQL"
on:
push:
branches: [ 'main', 'beta' ]
pull_request:
# The branches below must be a subset of the branches above
branches: [ 'main' ]
schedule:
- cron: '44 16 * * 0'
jobs:
analyze:
name: Analyze
runs-on: ubuntu-22.04
permissions:
actions: read
contents: read
security-events: write
strategy:
fail-fast: false
matrix:
language: [ 'javascript' ]
# CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
# Use only 'java' to analyze code written in Java, Kotlin or both
# Use only 'javascript' to analyze code written in JavaScript, TypeScript or both
# Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
steps:
- name: Checkout repository
uses: actions/checkout@v4
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
# By default, queries listed here will override any specified in a config file.
# Prefix the list here with "+" to use these queries and those in the config file.
# For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
# queries: security-extended,security-and-quality
# Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@v3
# ️ Command-line programs to run using the OS shell.
# 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
# If the Autobuild fails above, remove it and uncomment the following three lines.
# modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
# - run: |
# echo "Run, Build Application using script"
# ./location_of_script_within_repo/buildscript.sh
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
with:
category: "/language:${{matrix.language}}"
@@ -0,0 +1,425 @@
name: Release (feature branch)
on:
workflow_call:
secrets:
PLANETSCALE_CONNECTION_STRING:
required: true
NEON_CONNECTION_STRING:
required: true
# NEON_HTTP_CONNECTION_STRING:
# required: true
NETLIFY_DB_URL:
required: true
TIDB_CONNECTION_STRING:
required: true
XATA_API_KEY:
required: true
XATA_BRANCH:
required: true
LIBSQL_REMOTE_URL:
required: true
LIBSQL_REMOTE_TOKEN:
required: true
jobs:
test:
# only run on all pushes or pull requests from forks
if: github.event_name == 'push' || github.event.pull_request.head.repo.full_name != github.repository
strategy:
matrix:
shard:
- gel
- planetscale
- singlestore-core
- singlestore-proxy
- singlestore-prefixed
- singlestore-custom
- neon-http
- neon-serverless
- netlify-db
- drizzle-orm
- drizzle-kit
- drizzle-zod
- drizzle-seed
- drizzle-typebox
- drizzle-valibot
- drizzle-arktype
- other
runs-on: ubuntu-22.04
services:
postgres-postgis:
image: postgis/postgis:16-3.4
env:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
POSTGRES_DB: drizzle
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
- 54322:5432
postgres-vector:
image: pgvector/pgvector:pg16
env:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
POSTGRES_DB: drizzle
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
- 54321:5432
postgres:
image: postgres:14
env:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
POSTGRES_DB: drizzle
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
- 55433:5432
mysql:
image: mysql:8
env:
MYSQL_ROOT_PASSWORD: root
MYSQL_DATABASE: drizzle
options: >-
--health-cmd "mysqladmin ping"
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
- 33306:3306
singlestore:
image: ghcr.io/singlestore-labs/singlestoredb-dev:latest
env:
ROOT_PASSWORD: singlestore
ports:
- 33307:3306
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: '20.19'
registry-url: 'https://registry.npmjs.org'
- uses: pnpm/action-setup@v3
name: Install pnpm
id: pnpm-install
with:
version: latest
run_install: false
- name: Get pnpm store directory
id: pnpm-cache
shell: bash
run: |
echo "STORE_PATH=$(pnpm store path --silent)" >> $GITHUB_OUTPUT
- uses: actions/cache@v4
name: Setup pnpm cache
with:
path: ${{ steps.pnpm-cache.outputs.STORE_PATH }}
key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }}
restore-keys: |
${{ runner.os }}-pnpm-store-
- name: Install dependencies
run: pnpm install
- name: Build Prisma client
working-directory: drizzle-orm
run: pnpm prisma generate --schema src/prisma/schema.prisma
- name: Build
run: pnpm build
- name: Run tests
env:
PG_CONNECTION_STRING: postgres://postgres:postgres@localhost:55433/drizzle
PG_VECTOR_CONNECTION_STRING: postgres://postgres:postgres@localhost:54321/drizzle
PG_POSTGIS_CONNECTION_STRING: postgres://postgres:postgres@localhost:54322/drizzle
MYSQL_CONNECTION_STRING: mysql://root:root@localhost:33306/drizzle
PLANETSCALE_CONNECTION_STRING: ${{ secrets.PLANETSCALE_CONNECTION_STRING }}
NEON_CONNECTION_STRING: ${{ secrets.NEON_CONNECTION_STRING }}
# NEON_HTTP_CONNECTION_STRING: postgres://postgres:postgres@db.localtest.me:5432/postgres
NEON_HTTP_CONNECTION_STRING: ${{ secrets.NEON_CONNECTION_STRING }}
NEON_SERVERLESS_CONNECTION_STRING: postgres://postgres:postgres@localhost:5445/postgres
NETLIFY_DB_URL: ${{ secrets.NETLIFY_DB_URL }}
TIDB_CONNECTION_STRING: ${{ secrets.TIDB_CONNECTION_STRING }}
XATA_API_KEY: ${{ secrets.XATA_API_KEY }}
XATA_BRANCH: ${{ secrets.XATA_BRANCH }}
LIBSQL_URL: file:local.db
LIBSQL_REMOTE_URL: ${{ secrets.LIBSQL_REMOTE_URL }}
LIBSQL_REMOTE_TOKEN: ${{ secrets.LIBSQL_REMOTE_TOKEN }}
SINGLESTORE_CONNECTION_STRING: singlestore://root:singlestore@localhost:33307/
working-directory: integration-tests
run: |
if [[ ${{ github.event_name }} != "push" && "${{ github.event.pull_request.head.repo.full_name }}" != "${{ github.repository }}" ]]; then
export SKIP_EXTERNAL_DB_TESTS=1
fi
case ${{ matrix.shard }} in
gel)
if [[ -z "$SKIP_EXTERNAL_DB_TESTS" ]]; then
pnpm vitest run tests/gel
fi
;;
planetscale)
if [[ -z "$SKIP_EXTERNAL_DB_TESTS" ]]; then
pnpm vitest run \
tests/mysql/mysql-planetscale.test.ts \
tests/relational/mysql.planetscale-v1.test.ts \
tests/relational/mysql.planetscale.test.ts
fi
;;
singlestore-core)
pnpm vitest run tests/singlestore/singlestore.test.ts
;;
singlestore-proxy)
pnpm vitest run tests/singlestore/singlestore-proxy.test.ts
;;
singlestore-prefixed)
pnpm vitest run tests/singlestore/singlestore-prefixed.test.ts
;;
singlestore-custom)
pnpm vitest run tests/singlestore/singlestore-custom.test.ts
;;
neon-http)
if [[ -z "$SKIP_EXTERNAL_DB_TESTS" ]]; then
pnpm vitest run tests/pg/neon-http.test.ts tests/pg/neon-http-batch.test.ts
fi
;;
neon-serverless)
docker compose -f docker-neon.yml up -d
pnpm vitest run --config=./vitest-ci.config.ts tests/pg/neon-serverless.test.ts
docker compose -f docker-neon.yml down
;;
netlify-db)
pnpm vitest run tests/pg/netlify-db.test.ts
;;
drizzle-orm|drizzle-kit|drizzle-zod|drizzle-seed|drizzle-typebox|drizzle-valibot|drizzle-arktype)
(cd .. && pnpm test --filter ${{ matrix.shard }})
;;
other)
pnpm vitest run \
--exclude tests/gel \
--exclude tests/mysql/mysql-planetscale.test.ts \
--exclude tests/relational/mysql.planetscale-v1.test.ts \
--exclude tests/relational/mysql.planetscale.test.ts \
--exclude tests/singlestore/singlestore.test.ts \
--exclude tests/singlestore/singlestore-proxy.test.ts \
--exclude tests/singlestore/singlestore-prefixed.test.ts \
--exclude tests/singlestore/singlestore-custom.test.ts \
--exclude tests/pg/neon-http.test.ts \
--exclude tests/pg/neon-http-batch.test.ts \
--exclude tests/pg/neon-serverless.test.ts \
--exclude tests/pg/netlify-db.test.ts
;;
esac
attw:
# only run on all pushes or pull requests from forks
if: github.event_name == 'push' || github.event.pull_request.head.repo.full_name != github.repository
strategy:
matrix:
package:
- drizzle-orm
- drizzle-kit
- drizzle-zod
- drizzle-seed
- drizzle-typebox
- drizzle-valibot
- drizzle-arktype
- eslint-plugin-drizzle
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: '22'
registry-url: 'https://registry.npmjs.org'
- uses: pnpm/action-setup@v3
name: Install pnpm
id: pnpm-install
with:
version: latest
run_install: false
- name: Get pnpm store directory
id: pnpm-cache
shell: bash
run: |
echo "STORE_PATH=$(pnpm store path --silent)" >> $GITHUB_OUTPUT
- uses: actions/cache@v4
name: Setup pnpm cache
with:
path: ${{ steps.pnpm-cache.outputs.STORE_PATH }}
key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }}
restore-keys: |
${{ runner.os }}-pnpm-store-
- name: Install dependencies
run: pnpm install
- name: Install Bun
uses: oven-sh/setup-bun@v2
- name: Check preconditions
id: checks
shell: bash
working-directory: ${{ matrix.package }}
run: |
old_version="$(jq -r .version package.json)"
version="$old_version-$(git rev-parse --short HEAD)"
npm version $version
tag="${{ github.ref_name }}"
is_version_published="$(npm view ${{ matrix.package }} versions --json | jq -r '.[] | select(. == "'$version'") | . == "'$version'"')"
if [[ "$is_version_published" == "true" ]]; then
echo "\`${{ matrix.package }}$version\` already published, adding tag \`$tag\`" >> $GITHUB_STEP_SUMMARY
npm dist-tag add ${{ matrix.package }}@$version $tag
else
{
echo "version=$version"
echo "tag=$tag"
echo "has_new_release=true"
} >> $GITHUB_OUTPUT
fi
- name: Build Prisma client
if: steps.checks.outputs.has_new_release == 'true'
working-directory: drizzle-orm
run: pnpm prisma generate --schema src/prisma/schema.prisma
- name: Build
if: steps.checks.outputs.has_new_release == 'true'
run: pnpm build
- name: Pack
if: steps.checks.outputs.has_new_release == 'true'
working-directory: ${{ matrix.package }}
run: npm run pack
- name: Run @arethetypeswrong/cli
if: steps.checks.outputs.has_new_release == 'true'
working-directory: ${{ matrix.package }}
run: bunx attw package.tgz
release:
# only run on all pushes or pull requests from forks
if: github.event_name == 'push' || github.event.pull_request.head.repo.full_name != github.repository
needs:
- test
- attw
strategy:
matrix:
package:
- drizzle-orm
- drizzle-kit
- drizzle-zod
- drizzle-seed
- drizzle-typebox
- drizzle-valibot
- drizzle-arktype
- eslint-plugin-drizzle
runs-on: ubuntu-22.04
permissions:
contents: read
id-token: write # for OIDC
# force empty so npm can use OIDC
env:
NODE_AUTH_TOKEN: ""
NPM_TOKEN: ""
steps:
- uses: actions/checkout@v5
- uses: pnpm/action-setup@v4
with: { run_install: false }
- uses: actions/setup-node@v6
with: { node-version: '24', cache: 'pnpm', cache-dependency-path: pnpm-lock.yaml }
- run: pnpm install --frozen-lockfile --prefer-offline
# >= 11.5.1 for trusted publishing
- name: Update NPM
run: npm install -g npm@11 # npm 12.0.0 ships without sigstore in its bundled tree and breaks `npm publish`
# nuke, so npm can use OIDC
- name: Remove temp npmrc
run: rm -f "$NPM_CONFIG_USERCONFIG"
- name: Check preconditions
id: checks
shell: bash
working-directory: ${{ matrix.package }}
run: |
old_version="$(jq -r .version package.json)"
version="$old_version-$(git rev-parse --short HEAD)"
npm version $version
tag="${{ github.ref_name }}"
is_version_published="$(npm view ${{ matrix.package }} versions --json | jq -r '.[] | select(. == "'$version'") | . == "'$version'"')"
if [[ "$is_version_published" == "true" ]]; then
echo "\`${{ matrix.package }}$version\` already published, adding tag \`$tag\`" >> $GITHUB_STEP_SUMMARY
else
{
echo "version=$version"
echo "tag=$tag"
echo "has_new_release=true"
} >> $GITHUB_OUTPUT
fi
- name: Build Prisma client
working-directory: drizzle-orm
run: pnpm prisma generate --schema src/prisma/schema.prisma
- name: Build
if: steps.checks.outputs.has_new_release == 'true'
run: pnpm build
- name: Pack
if: steps.checks.outputs.has_new_release == 'true'
working-directory: ${{ matrix.package }}
shell: bash
run: npm run pack
- name: Publish
if: github.event_name == 'push' && steps.checks.outputs.has_new_release == 'true'
working-directory: ${{ matrix.package }}
shell: bash
run: |
tag="${{ steps.checks.outputs.tag }}"
version="${{ steps.checks.outputs.version }}"
echo "Publishing ${{ matrix.package }}@$tag using version $version"
npm run publish -- --tag $tag
echo "npm: \`${{ matrix.package }}@$tag | ${{ matrix.package }}@$version\`" >> $GITHUB_STEP_SUMMARY
# Post release message to Discord
# curl -X POST -H "Content-Type: application/json" -d "{\"embeds\": [{\"title\": \"New \`${{ matrix.package }}\` release! 🎉\", \"url\": \"https://www.npmjs.com/package/${{ matrix.package }}/v/$version\", \"color\": \"12907856\", \"fields\": [{\"name\": \"Version\", \"value\": \"\`$version\`\"}, {\"name\": \"Tag\", \"value\": \"\`$tag\`\"}]}]}" ${{ secrets.DISCORD_DEV_RELEASE_WEBHOOK_URL }}
+530
View File
@@ -0,0 +1,530 @@
name: Release (latest)
on:
workflow_call:
secrets:
PLANETSCALE_CONNECTION_STRING:
required: true
NEON_CONNECTION_STRING:
required: true
# NEON_HTTP_CONNECTION_STRING:
# required: true
NETLIFY_DB_URL:
required: true
TIDB_CONNECTION_STRING:
required: true
XATA_API_KEY:
required: true
XATA_BRANCH:
required: true
LIBSQL_REMOTE_URL:
required: true
LIBSQL_REMOTE_TOKEN:
required: true
jobs:
test:
strategy:
matrix:
shard:
- gel
- planetscale
- singlestore-core
- singlestore-proxy
- singlestore-prefixed
- singlestore-custom
- neon-http
- neon-serverless
- netlify-db
- drizzle-orm
- drizzle-kit
- drizzle-zod
- drizzle-seed
- drizzle-typebox
- drizzle-valibot
- drizzle-arktype
- other
runs-on: ubuntu-22.04
services:
postgres-postgis:
image: postgis/postgis:16-3.4
env:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
POSTGRES_DB: drizzle
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
- 54322:5432
postgres-vector:
image: pgvector/pgvector:pg16
env:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
POSTGRES_DB: drizzle
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
- 54321:5432
postgres:
image: postgres:14
env:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
POSTGRES_DB: drizzle
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
- 55433:5432
mysql:
image: mysql:8
env:
MYSQL_ROOT_PASSWORD: root
MYSQL_DATABASE: drizzle
options: >-
--health-cmd "mysqladmin ping"
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
- 33306:3306
singlestore:
image: ghcr.io/singlestore-labs/singlestoredb-dev:latest
env:
ROOT_PASSWORD: singlestore
ports:
- 33307:3306
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: '20.19'
registry-url: 'https://registry.npmjs.org'
- uses: pnpm/action-setup@v3
name: Install pnpm
id: pnpm-install
with:
version: latest
run_install: false
- name: Get pnpm store directory
id: pnpm-cache
shell: bash
run: |
echo "STORE_PATH=$(pnpm store path --silent)" >> $GITHUB_OUTPUT
- uses: actions/cache@v4
name: Setup pnpm cache
with:
path: ${{ steps.pnpm-cache.outputs.STORE_PATH }}
key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }}
restore-keys: |
${{ runner.os }}-pnpm-store-
- name: Install dependencies
run: pnpm install
- name: Build Prisma client
working-directory: drizzle-orm
run: pnpm prisma generate --schema src/prisma/schema.prisma
- name: Build
run: pnpm build
- name: Run tests
env:
PG_CONNECTION_STRING: postgres://postgres:postgres@localhost:55433/drizzle
PG_VECTOR_CONNECTION_STRING: postgres://postgres:postgres@localhost:54321/drizzle
PG_POSTGIS_CONNECTION_STRING: postgres://postgres:postgres@localhost:54322/drizzle
MYSQL_CONNECTION_STRING: mysql://root:root@localhost:33306/drizzle
PLANETSCALE_CONNECTION_STRING: ${{ secrets.PLANETSCALE_CONNECTION_STRING }}
NEON_CONNECTION_STRING: ${{ secrets.NEON_CONNECTION_STRING }}
# NEON_HTTP_CONNECTION_STRING: postgres://postgres:postgres@db.localtest.me:5432/postgres
NEON_HTTP_CONNECTION_STRING: ${{ secrets.NEON_CONNECTION_STRING }}
NEON_SERVERLESS_CONNECTION_STRING: postgres://postgres:postgres@localhost:5445/postgres
NETLIFY_DB_URL: ${{ secrets.NETLIFY_DB_URL }}
TIDB_CONNECTION_STRING: ${{ secrets.TIDB_CONNECTION_STRING }}
XATA_API_KEY: ${{ secrets.XATA_API_KEY }}
XATA_BRANCH: ${{ secrets.XATA_BRANCH }}
LIBSQL_URL: file:local.db
LIBSQL_REMOTE_URL: ${{ secrets.LIBSQL_REMOTE_URL }}
LIBSQL_REMOTE_TOKEN: ${{ secrets.LIBSQL_REMOTE_TOKEN }}
SINGLESTORE_CONNECTION_STRING: singlestore://root:singlestore@localhost:33307/
working-directory: integration-tests
run: |
case ${{ matrix.shard }} in
gel)
pnpm vitest run tests/gel
;;
planetscale)
pnpm vitest run \
tests/mysql/mysql-planetscale.test.ts \
tests/relational/mysql.planetscale-v1.test.ts \
tests/relational/mysql.planetscale.test.ts
;;
singlestore-core)
pnpm vitest run tests/singlestore/singlestore.test.ts
;;
singlestore-proxy)
pnpm vitest run tests/singlestore/singlestore-proxy.test.ts
;;
singlestore-prefixed)
pnpm vitest run tests/singlestore/singlestore-prefixed.test.ts
;;
singlestore-custom)
pnpm vitest run tests/singlestore/singlestore-custom.test.ts
;;
neon-http)
pnpm vitest run tests/pg/neon-http.test.ts tests/pg/neon-http-batch.test.ts
;;
neon-serverless)
docker compose -f docker-neon.yml up -d
pnpm vitest run tests/pg/neon-serverless.test.ts
docker compose -f docker-neon.yml down
;;
netlify-db)
pnpm vitest run tests/pg/netlify-db.test.ts
;;
drizzle-orm|drizzle-kit|drizzle-zod|drizzle-seed|drizzle-typebox|drizzle-valibot|drizzle-arktype)
(cd .. && pnpm test --filter ${{ matrix.shard }})
;;
other)
pnpm vitest run \
--exclude tests/gel \
--exclude tests/mysql/mysql-planetscale.test.ts \
--exclude tests/relational/mysql.planetscale-v1.test.ts \
--exclude tests/relational/mysql.planetscale.test.ts \
--exclude tests/singlestore/singlestore.test.ts \
--exclude tests/singlestore/singlestore-proxy.test.ts \
--exclude tests/singlestore/singlestore-prefixed.test.ts \
--exclude tests/singlestore/singlestore-custom.test.ts \
--exclude tests/pg/neon-http.test.ts \
--exclude tests/pg/neon-http-batch.test.ts \
--exclude tests/pg/neon-serverless.test.ts \
--exclude tests/pg/netlify-db.test.ts
;;
esac
attw:
strategy:
matrix:
package:
- drizzle-orm
- drizzle-kit
- drizzle-zod
- drizzle-seed
- drizzle-typebox
- drizzle-valibot
- drizzle-arktype
- eslint-plugin-drizzle
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: '18.18'
registry-url: 'https://registry.npmjs.org'
- uses: pnpm/action-setup@v3
name: Install pnpm
id: pnpm-install
with:
version: latest
run_install: false
- name: Get pnpm store directory
id: pnpm-cache
shell: bash
run: |
echo "STORE_PATH=$(pnpm store path --silent)" >> $GITHUB_OUTPUT
- uses: actions/cache@v4
name: Setup pnpm cache
with:
path: ${{ steps.pnpm-cache.outputs.STORE_PATH }}
key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }}
restore-keys: |
${{ runner.os }}-pnpm-store-
- name: Install dependencies
run: pnpm install
- name: Install Bun
uses: oven-sh/setup-bun@v2
- name: Check preconditions
id: checks
shell: bash
working-directory: ${{ matrix.package }}
run: |
latest="$(npm view --json ${{ matrix.package }} dist-tags.latest | jq -r)"
version="$(jq -r .version package.json)"
is_version_published="$(npm view ${{ matrix.package }} versions --json | jq -r '.[] | select(. == "'$version'") | . == "'$version'"')"
if [[ "$is_version_published" == "false" && "$latest" != "$version" ]]; then
{
echo "version=$version"
echo "has_new_release=true"
echo "changelog_path=$changelogPath"
} >> $GITHUB_OUTPUT
fi
- name: Build Prisma client
if: steps.checks.outputs.has_new_release == 'true'
working-directory: drizzle-orm
run: pnpm prisma generate --schema src/prisma/schema.prisma
- name: Build
if: steps.checks.outputs.has_new_release == 'true'
run: pnpm build
- name: Pack
if: steps.checks.outputs.has_new_release == 'true'
working-directory: ${{ matrix.package }}
run: npm run pack
- name: Run @arethetypeswrong/cli
if: steps.checks.outputs.has_new_release == 'true'
working-directory: ${{ matrix.package }}
run: bunx attw package.tgz
release:
permissions:
contents: write # for creating GitHub releases
id-token: write # for OIDC
needs:
- test
- attw
strategy:
fail-fast: false
matrix:
package:
- drizzle-orm
- drizzle-kit
- drizzle-zod
- drizzle-seed
- drizzle-typebox
- drizzle-valibot
- drizzle-arktype
- eslint-plugin-drizzle
runs-on: ubuntu-22.04
# force empty so npm can use OIDC
env:
NODE_AUTH_TOKEN: ""
NPM_TOKEN: ""
services:
postgres-postgis:
image: postgis/postgis:16-3.4
env:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
POSTGRES_DB: drizzle
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
- 54322:5432
postgres-vector:
image: pgvector/pgvector:pg16
env:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
POSTGRES_DB: drizzle
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
- 54321:5432
postgres:
image: postgres:14
env:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
POSTGRES_DB: drizzle
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
- 55433:5432
mysql:
image: mysql:8
env:
MYSQL_ROOT_PASSWORD: root
MYSQL_DATABASE: drizzle
options: >-
--health-cmd "mysqladmin ping"
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
- 33306:3306
steps:
- uses: actions/checkout@v5
- uses: pnpm/action-setup@v4
with: { run_install: false }
- uses: actions/setup-node@v6
with: { node-version: '24', cache: 'pnpm', cache-dependency-path: pnpm-lock.yaml }
- run: pnpm install --frozen-lockfile --prefer-offline
# >= 11.5.1 for trusted publishing
- name: Update NPM
run: npm install -g npm@11 # npm 12.0.0 ships without sigstore in its bundled tree and breaks `npm publish`
# nuke, so npm can use OIDC
- name: Remove temp npmrc
run: rm -f "$NPM_CONFIG_USERCONFIG"
- name: Check preconditions
id: checks
shell: bash
working-directory: ${{ matrix.package }}
run: |
latest="$(npm view --json ${{ matrix.package }} dist-tags.latest | jq -r)"
version="$(jq -r .version package.json)"
is_version_published="$(npm view ${{ matrix.package }} versions --json | jq -r '.[] | select(. == "'$version'") | . == "'$version'"')"
if [[ "$is_version_published" == "true" ]]; then
echo "\`${{ matrix.package }}@$version\` already published, adding tag \`latest\`" >> $GITHUB_STEP_SUMMARY
elif [[ "$latest" != "$version" ]]; then
echo "Latest: $latest"
echo "Current: $version"
changelogPath=$(node -e "console.log(require('path').resolve('..', 'changelogs', '${{ matrix.package }}', '$version.md'))")
if [[ ! -f "$changelogPath" ]]; then
echo "::error::Changelog for version $version not found: $changelogPath"
exit 1
fi
{
echo "version=$version"
echo "has_new_release=true"
echo "changelog_path=$changelogPath"
} >> $GITHUB_OUTPUT
else
echo "Already up to date: $version"
echo "\`$version\` is already latest on NPM" >> $GITHUB_STEP_SUMMARY
fi
- name: Build Prisma client
if: steps.checks.outputs.has_new_release == 'true'
working-directory: drizzle-orm
run: pnpm prisma generate --schema src/prisma/schema.prisma
- name: Build
if: steps.checks.outputs.has_new_release == 'true'
run: pnpm build
- name: Pack
if: steps.checks.outputs.has_new_release == 'true'
working-directory: ${{ matrix.package }}
shell: bash
run: npm run pack
- name: Publish
if: steps.checks.outputs.has_new_release == 'true'
working-directory: ${{ matrix.package }}
shell: bash
run: |
version="${{ steps.checks.outputs.version }}"
echo "Publishing ${{ matrix.package }}@$version"
npm run publish
echo "npm: \`+ ${{ matrix.package }}@$version\`" >> $GITHUB_STEP_SUMMARY
# Post release message to Discord
# curl -X POST -H "Content-Type: application/json" -d "{\"embeds\": [{\"title\": \"New \`${{ matrix.package }}\` release! 🎉\", \"url\": \"https://www.npmjs.com/package/${{ matrix.package }}\", \"color\": \"12907856\", \"fields\": [{\"name\": \"Tag\", \"value\": \"\`$tag\`\"}]}]}" ${{ secrets.DISCORD_RELEASE_WEBHOOK_URL }}
- name: Create GitHub release for ORM package
uses: actions/github-script@v6
if: matrix.package == 'drizzle-orm' && steps.checks.outputs.has_new_release == 'true'
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
try {
const fs = require("fs");
const path = require("path");
const version = "${{ steps.checks.outputs.version }}";
const changelog = fs.readFileSync("${{ steps.checks.outputs.changelog_path }}", "utf8");
const release = await github.rest.repos.createRelease({
owner: context.repo.owner,
repo: context.repo.repo,
tag_name: `${version}`,
name: `${version}`,
body: changelog,
});
await github.rest.repos.uploadReleaseAsset({
owner: context.repo.owner,
repo: context.repo.repo,
release_id: release.data.id,
name: `${{ matrix.package }}-${version}-dist.tgz`,
data: fs.readFileSync(path.resolve("${{ matrix.package }}", "package.tgz")),
});
} catch (e) {
core.setFailed(e.message);
}
- name: Create GitHub release for KIT package
uses: actions/github-script@v6
if: matrix.package == 'drizzle-kit' && steps.checks.outputs.has_new_release == 'true'
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
try {
const fs = require("fs");
const path = require("path");
const version = "${{ steps.checks.outputs.version }}";
const changelog = fs.readFileSync("${{ steps.checks.outputs.changelog_path }}", "utf8");
const release = await github.rest.repos.createRelease({
owner: context.repo.owner,
repo: context.repo.repo,
tag_name: `drizzle-kit@${version}`,
name: `drizzle-kit@${version}`,
body: changelog,
});
await github.rest.repos.uploadReleaseAsset({
owner: context.repo.owner,
repo: context.repo.repo,
release_id: release.data.id,
name: `${{ matrix.package }}-${version}-dist.tgz`,
data: fs.readFileSync(path.resolve("${{ matrix.package }}", "package.tgz")),
});
} catch (e) {
core.setFailed(e.message);
}
+67
View File
@@ -0,0 +1,67 @@
name: Release Router
on:
push:
branches-ignore:
- main
pull_request:
workflow_dispatch:
inputs:
publish_to_github:
description: 'Publish to GitHub Packages instead of npm'
type: boolean
default: false
packages:
description: 'Comma-separated list of packages to publish, or "all"'
type: string
default: 'all'
jobs:
switch:
runs-on: ubuntu-24.04
outputs:
target: ${{ steps.route.outputs.target }}
steps:
- name: Route release
id: route
shell: bash
run: |
HEAD_REPO="${{ github.event.pull_request.head.repo.full_name }}"
if [[ "$GITHUB_EVENT_NAME" == "workflow_dispatch" && "${GITHUB_REF##*/}" == "main" ]]; then
echo "target=latest" >> $GITHUB_OUTPUT
# only run on all pushes or pull requests from forks
elif [[ "$GITHUB_EVENT_NAME" == "push" ]] || [[ "$HEAD_REPO" != "$GITHUB_REPOSITORY" ]]; then
echo "target=feature" >> $GITHUB_OUTPUT
else
echo "target=skip" >> $GITHUB_OUTPUT
fi
run-feature:
needs: switch
if: needs.switch.outputs.target == 'feature'
uses: ./.github/workflows/release-feature-branch.yaml
secrets:
PLANETSCALE_CONNECTION_STRING: ${{ secrets.PLANETSCALE_CONNECTION_STRING }}
NEON_CONNECTION_STRING: ${{ secrets.NEON_CONNECTION_STRING }}
# NEON_HTTP_CONNECTION_STRING: ${{ secrets.NEON_CONNECTION_STRING }}
NETLIFY_DB_URL: ${{ secrets.NETLIFY_DB_URL }}
TIDB_CONNECTION_STRING: ${{ secrets.TIDB_CONNECTION_STRING }}
XATA_API_KEY: ${{ secrets.XATA_API_KEY }}
XATA_BRANCH: ${{ secrets.XATA_BRANCH }}
LIBSQL_REMOTE_URL: ${{ secrets.LIBSQL_REMOTE_URL }}
LIBSQL_REMOTE_TOKEN: ${{ secrets.LIBSQL_REMOTE_TOKEN }}
run-latest:
needs: switch
if: needs.switch.outputs.target == 'latest'
uses: ./.github/workflows/release-latest.yaml
secrets:
PLANETSCALE_CONNECTION_STRING: ${{ secrets.PLANETSCALE_CONNECTION_STRING }}
NEON_CONNECTION_STRING: ${{ secrets.NEON_CONNECTION_STRING }}
# NEON_HTTP_CONNECTION_STRING: ${{ secrets.NEON_CONNECTION_STRING }}
NETLIFY_DB_URL: ${{ secrets.NETLIFY_DB_URL }}
TIDB_CONNECTION_STRING: ${{ secrets.TIDB_CONNECTION_STRING }}
XATA_API_KEY: ${{ secrets.XATA_API_KEY }}
XATA_BRANCH: ${{ secrets.XATA_BRANCH }}
LIBSQL_REMOTE_URL: ${{ secrets.LIBSQL_REMOTE_URL }}
LIBSQL_REMOTE_TOKEN: ${{ secrets.LIBSQL_REMOTE_TOKEN }}
@@ -0,0 +1,37 @@
name: Unpublish release (feature branch)
on: delete
jobs:
unpublish-release:
if: github.event.ref_type == 'branch' && github.event.ref != 'refs/heads/main' && github.event.ref != 'refs/heads/beta'
strategy:
matrix:
package:
- drizzle-orm
- drizzle-kit
- drizzle-zod
- drizzle-typebox
- drizzle-valibot
- drizzle-arktype
- eslint-plugin-drizzle
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: '22'
registry-url: 'https://registry.npmjs.org'
- name: Unpublish
run: |
tag="${{ github.event.ref }}"
tag="${tag#refs/heads/}"
echo "Unpublishing ${{ matrix.package }}@$tag"
npm dist-tag rm ${{ matrix.package }} $tag
echo "npm: \`- ${{ matrix.package }}@$tag\`" >> $GITHUB_STEP_SUMMARY
working-directory: ${{ matrix.package }}
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_ACCESS_TOKEN }}