* [deps]: Update actions/upload-artifact action to v4.6.2
* Bumping to 5.0.0. to keep all usages in sync
All other upload-artifacts actions were also bumped to 5.0.0 with https://github.com/bitwarden/clients/pull/17305
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* swap to repository dispatch
Introduces GitHub Actions workflow that detects TypeScript breaking changes when SDK artifacts are updated. Workflow is triggered via repository_dispatch from SDK repository and runs npm test:types with newly built SDK artifacts.
The workflow downloads SDK build artifacts, installs them locally, and executes the existing TypeScript type checking process. Exit codes determine success/failure for SDK repository monitoring via gh run watch.
Addresses issue where breaking changes in SDK are discovered only when clients attempt SDK version updates, rather than during SDK development.
* review: claude fixes
* [BRE-1302] Update runner to macos-15 for build-browser workflow on build-safari job
* [BRE-1302] Remove macos-13 and 14, add macos-15 to os matrix for build-cli
* [BRE-1302] Update macos runner to 15 and add python setup step before setuptools install
* [BRE-1302] Update macos runner to 15 for 2 additional jobs and add python setup step
* adding arm64 snap, flatpak and tar variant to releases now for future flatpak consumption
* adding arm64 snap, flatpak and tar build process
---------
Co-authored-by: fredrmb <69513590+fredrmb@users.noreply.github.com>
* ci: add SDK breaking change detection workflow
Introduces GitHub Actions workflow that detects TypeScript breaking changes when SDK artifacts are updated. Workflow is triggered via repository_dispatch from SDK repository and runs npm test:types with newly built SDK artifacts.
The workflow downloads SDK build artifacts, installs them locally, and executes the existing TypeScript type checking process. Exit codes determine success/failure for SDK repository monitoring via gh run watch.
Addresses issue where breaking changes in SDK are discovered only when clients attempt SDK version updates, rather than during SDK development.
* review: add input validation for client payload fields
Add validation step early in the workflow to check for required
client_payload fields and prevent failures from malformed payloads.
This improvement was requested during code review to provide better
error handling and debugging information when the SDK workflow sends
incomplete data.
Validates SOURCE_REPO, SDK_VERSION, ARTIFACTS_RUN_ID, and ARTIFACT_NAME
before proceeding with artifact download and type checking.
* review: update action versions to match repository standards
Update GitHub Actions to consistent versions used across the clients
repository for better security and compatibility. This change was
requested during code review to align with existing patterns.
- actions/checkout: v4.2.2 → v5.0.0 with specific SHA hash
- actions/setup-node: v4.2.0 → v5.0.0 with specific SHA hash
- actions/create-github-app-token: v2.1.1 → v2.0.3 with specific SHA hash
Uses specific SHA hashes for all actions following repository security standards.
* review: add timeout to type checking command for faster failure detection
Wrap npm run test:types with 10-minute timeout to provide faster feedback
when type checking hangs and more predictable workflow behavior. This
improvement was requested during code review to prevent workflows from
running until the 15-minute job timeout.
Provides clearer indication when type checking itself fails versus other
workflow issues, improving debugging experience for developers.
* review: use CLIENT_LABEL environment variable in logging and output
Add CLIENT_LABEL to log messages and GitHub Step Summary output for
better traceability and debugging. This change
was requested during
code review to make use of the defined CLIENT_LABEL environment
variable that was previously unused.
Improves workflow output clarity by showing which client type
(typescript, mobile, etc.) is being processed.
* review: add retry logic for npm ci command to handle network issues
Implement shell-based retry logic (3 attempts with 5-second delays) for
npm ci command to handle temporary network issues without adding external
dependencies. This improvement was requested during code review to make
the workflow more resilient to transient failures.
Continues with existing npm install approach while adding robustness
for dependency installation in GitHub Actions environment.
* review: improve shell script variable quoting for better practices
Update shell script to use proper variable quoting syntax throughout
(${VARIABLE} instead of $VARIABLE) for better shell scripting practices
and consistency. This change was requested during code review to follow
shell scripting best practices.
While this won't cause problems in practice, it prevents potential
word splitting issues and improves code maintainability.
* review: add back logging out of Azure
* review: adjust logic of retries for npm ci
* review: quote some strings
* review: add error catching around npm i
* review: remove unnecessary cleanup step
* review: use npm link and bitwarden/gh-actions/download-artifacts
* review: add underscores to job level env vars
* 🎨 fix artipacked zizmor issue and improved actionlint formatting
---------
Co-authored-by: Matt Andreko <mandreko@bitwarden.com>
* feat: add commercial sdk as optional dependency
* feat: add alias to CLI
* feat: add alias to browser
* feat: add alias to web
* fix: revert optional - we cant omit optional dependencies or the builds break
* feat: remove commercial package from browser build
* feat: remove commercial package from cli build
* feat: remove commercial package from web build
* chore: add commercial sdk to renovate
* fix: windows cli workflow
* fix: accidental change
* feat: add lint for version string
* undo weird merge changes
