ci: add release workflow (#428)

.github/workflows/commitlint.yml

@@ -12,7 +12,7 @@ jobs:
 
     strategy:
       matrix:
-        node-version: [23.x]
+        node-version: [24.x]
 
     steps:
       - uses: actions/checkout@v4
@@ -35,8 +35,8 @@ jobs:
 
       - name: Validate current commit (last commit) with commitlint
         if: github.event_name == 'push'
-        run: npx commitlint --last --verbose
+        run: yarn dlx commitlint --last --verbose
 
       - name: Validate PR commits with commitlint
         if: github.event_name == 'pull_request'
-        run: npx commitlint --from ${{ github.event.pull_request.base.sha }} --to ${{ github.event.pull_request.head.sha }} --verbose
+        run: yarn dlx commitlint --from ${{ github.event.pull_request.base.sha }} --to ${{ github.event.pull_request.head.sha }} --verbose

.github/workflows/dependency-review.yml

@@ -1,10 +1,4 @@
-# Dependency Review Action
+name: Dependency Review
-#
-# This Action will scan dependency manifest files that change as part of a Pull Request, surfacing known-vulnerable versions of the packages declared or updated in the PR. Once installed, if the workflow run is marked as required, PRs introducing known-vulnerable packages will be blocked from merging.
-#
-# Source repository: https://github.com/actions/dependency-review-action
-# Public documentation: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement
-name: 'Dependency Review'
 on: [pull_request]
 
 permissions:
@@ -14,7 +8,7 @@ jobs:
   dependency-review:
     runs-on: ubuntu-latest
     steps:
-      - name: 'Checkout Repository'
+      - name: Checkout Repository
         uses: actions/checkout@v4
-      - name: 'Dependency Review'
+      - name: Dependency Review
         uses: actions/dependency-review-action@v4

.github/workflows/eslint.yml

@@ -16,6 +16,9 @@ jobs:
       contents: read
       security-events: write
       actions: read
+    strategy:
+      matrix:
+        node-version: [24.x]
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
@@ -23,11 +26,17 @@ jobs:
       - name: Configure Corepack
         run: corepack enable
 
+      - name: Use Node.js ${{ matrix.node-version }}
+        uses: actions/setup-node@v4
+        with:
+          node-version: ${{ matrix.node-version }}
+          cache: yarn
+
       - name: Install Dependencies
         run: yarn install
 
       - name: Run ESLint
-        run: npx eslint ./src
+        run: yarn dlx eslint ./src
           --config eslint.config.mjs
           --format @microsoft/eslint-formatter-sarif
           --output-file eslint-results.sarif

.github/workflows/npm-build-and-compile.yml

@@ -1,4 +1,4 @@
-name: NodeJS Build and Compile
+name: NodeJS Build
 
 permissions:
   contents: read
@@ -15,7 +15,7 @@ jobs:
 
     strategy:
       matrix:
-        node-version: [23.x]
+        node-version: [24.x]
 
     steps:
       - uses: actions/checkout@v4

.github/workflows/release.yml

@@ -0,0 +1,36 @@
+name: Generate Changelog
+
+permissions:
+  contents: write
+
+on:
+  push:
+    tags:
+      - 'v*.*.*'
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+
+    strategy:
+      matrix:
+        node-version: [24.x]
+
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Configure Corepack
+        run: corepack enable
+
+      - name: Use Node.js ${{ matrix.node-version }}
+        uses: actions/setup-node@v4
+        with:
+          node-version: ${{ matrix.node-version }}
+          cache: yarn
+
+      - name: Generate Changelog
+        run: yarn dlx changelogithub
+        env:
+          GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}

package.json

@@ -50,5 +50,5 @@
     "typescript": "^5.8.3",
     "typescript-transform-paths": "^3.5.5"
   },
-  "packageManager": "yarn@4.9.1"
+  "packageManager": "yarn@4.9.2"
 }