ci: update GitHub workflows and Code Coverage settings

[cheton]

PR Type

enhancement, configuration changes

---

Description

• Updated Node.js version to 20 across multiple GitHub workflows.
• Removed matrix strategy for Node.js version in some workflows.
• Added a daily cron schedule to the ci-branch.yml workflow.
• Configured fetch-depth for checkout steps to access the latest tag release.
• Removed the daily cron schedule from the update-yarn-lock-file.yml workflow.

---

Changes walkthrough 📝

	Relevant files
Enhancement	algolia-search-indexing.yml Update Node.js version and checkout configuration                .github/workflows/algolia-search-indexing.yml Removed matrix strategy for Node.js version. Updated Node.js version to 20. Added fetch-depth configuration for checkout. +21/-20  update-yarn-lock-file.yml Update Node.js version and remove cron schedule                    .github/workflows/update-yarn-lock-file.yml Removed matrix strategy for Node.js version. Updated Node.js version to 20. Removed daily cron schedule. +17/-21
Configuration changes	ci-branch.yml Add cron schedule and update Node.js version                          .github/workflows/ci-branch.yml Added a daily cron schedule. Updated Node.js version to 20. +4/-1      ci-pr.yml Update Node.js version in CI for PRs                                          .github/workflows/ci-pr.yml Updated Node.js version to 20. +2/-2      ci-publish.yml Update Node.js version in CI for publishing                            .github/workflows/ci-publish.yml Updated Node.js version to 20. +1/-1      ci-tag.yml Update Node.js version in CI for tagging                                  .github/workflows/ci-tag.yml Updated Node.js version to 20. +1/-1

---

💡 PR-Agent usage: Comment /help "your question" on any pull request to receive relevant information

[codesandbox]

Review or Edit in CodeSandbox

Open the branch in Web Editor • VS Code • Insiders

Open Preview

[changeset-bot]

⚠️ No Changeset found

Latest commit: a1a7940

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[codiumai-pr-agent-free]

PR Reviewer Guide 🔍

(Review updated until commit dde95b6)

Here are some key observations to aid the review process:

⏱️ Estimated effort to review: 2 🔵🔵⚪⚪⚪

🧪 No relevant tests

🔒 Security concerns Sensitive information exposure: The Algolia application ID '7V00GBK8V8' is hardcoded in the algolia-search-indexing.yml workflow file. While application IDs are typically considered public, it's generally better practice to store all API-related values in secrets to prevent any potential security issues.

⚡ Recommended focus areas for review Sensitive Information The Algolia application ID is hardcoded in the workflow file. Consider moving it to GitHub secrets. Configuration Change Added daily cron schedule which could increase CI usage and costs. Verify this is intended.

[codesandbox-ci]

This pull request is automatically built and testable in CodeSandbox.

To see build info of the built libraries, click here or the icon next to each commit SHA.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 78.44%. Comparing base (d797c22) to head (a1a7940).
Report is 1 commits behind head on v2.

Additional details and impacted files

@@            Coverage Diff             @@
##               v2     #955      +/-   ##
==========================================
- Coverage   78.45%   78.44%   -0.02%     
==========================================
  Files         406      406              
  Lines        6693     6693              
==========================================
- Hits         5251     5250       -1     
- Misses       1442     1443       +1     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[trendmicro-frontend-bot]

Tonic UI Demo

On 2024-12-06 14:13:00 +0000, PR #955 (a1a7940) was successfully deployed. You can view it at the following link:
https://trendmicro-frontend.github.io/tonic-ui-demo/react/pr-955/

[cheton]

/ask Generate a codecov.yml for the project

[codiumai-pr-agent-free]

Ask❓

Generate a codecov.yml for the project

Answer:

To generate a codecov.yml file for the project, you can create a configuration file that specifies how Codecov should handle the coverage reports. Below is an example of a basic codecov.yml configuration:

# codecov.yml

# Specify the default settings for Codecov
coverage:
  precision: 2
  round: down
  range: "70...100"

# Define the behavior for different statuses
status:
  project:
    default:
      target: auto
      threshold: 1%
      base: auto
  patch:
    default:
      target: auto
      threshold: 1%
      base: auto

# Define how to handle different types of files
ignore:
  - "tests/*"
  - "examples/*"

# Specify any custom flags for different parts of the codebase
flags:
  frontend:
    paths:
      - "src/frontend"
  backend:
    paths:
      - "src/backend"

# Define any custom notifications
comment:
  layout: "reach, diff, flags, files"
  behavior: default

# Specify any additional settings
parsers:
  gcov:
    branch_detection:
      conditional: yes
      loop: yes
      method: no
      macro: no

# Define any custom YAML settings
yaml:
  branch: master

Explanation:

• Coverage Settings: The coverage section defines how precise the coverage percentage should be and the acceptable range.
• Status: The status section configures thresholds for project and patch coverage, ensuring that coverage does not drop below a certain percentage.
• Ignore: The ignore section lists directories or files that should be excluded from coverage reports.
• Flags: The flags section allows you to specify different parts of the codebase with custom flags, which can be useful for tracking coverage in specific areas.
• Comment: The comment section configures how Codecov comments on pull requests, including the layout and behavior.
• Parsers: The parsers section can be used to configure how Codecov parses coverage reports from different tools.
• YAML Settings: The yaml section can include additional settings, such as specifying the default branch.

This configuration is a starting point and can be customized further based on the specific needs and structure of your project.

[cheton]

/review

[codiumai-pr-agent-free]

Persistent review updated to latest commit dde95b6

[cheton]

/improve

[codiumai-pr-agent-free]

PR Code Suggestions ✨

Latest suggestions up to e7f94a0

Category	Suggestion	Score
Possible issue	Add validation for environment variables to prevent undefined behavior The Codecov token should be validated before being used as an environment variable to prevent potential undefined behavior. Add a check to ensure the token is a non-empty string. packages/react-icons/rollup.config.mjs [32-36] codecovRollupPlugin({ - enableBundleAnalysis: process.env.CODECOV_TOKEN !== undefined, + enableBundleAnalysis: process.env.CODECOV_TOKEN && process.env.CODECOV_TOKEN.length > 0, bundleName: pkg.name + '/' + pkg.main, - uploadToken: process.env.CODECOV_TOKEN, + uploadToken: process.env.CODECOV_TOKEN || '', }), Apply this suggestion Suggestion importance[1-10]: 7 Why: The suggestion improves code robustness by adding proper validation of the CODECOV_TOKEN environment variable and providing a fallback value, which helps prevent potential runtime errors.	7

---

Previous suggestions

Suggestions up to commit 004c6cf

Category	Suggestion	Score
General	Set execution time limits for CI jobs to prevent workflow hangs and resource waste Add a timeout-minutes parameter to the job to prevent potential hanging in case of indexing issues with Algolia. .github/workflows/algolia-search-indexing.yml [14-15] jobs: build: runs-on: ubuntu-latest + timeout-minutes: 30 Suggestion importance[1-10]: 7 Why: Adding a timeout limit is an important safety measure to prevent hung jobs from consuming resources indefinitely, especially for external service interactions like Algolia indexing.	7
	Schedule automated workflows during off-peak hours to optimize resource availability and execution reliability Consider using a more specific cron schedule that avoids peak hours. Running at midnight UTC might coincide with high-load periods. A random hour (e.g., 3 AM UTC) would be better for resource availability. .github/workflows/ci-branch.yml [7-9] schedule: - # run daily - - cron: '0 0 * * *' + # run daily at 3:15 AM UTC + - cron: '15 3 * * *' Suggestion importance[1-10]: 5 Why: The suggestion to move the cron job to a less busy time is valid for optimizing resource availability, though it's not a critical change as the current schedule is functional.	5