Bring Faye up to speed with latest version of Casper#3
Open
vip3rousmango wants to merge 517 commits into
Open
Conversation
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.23 to 4.18.1. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.23...4.18.1) --- updated-dependencies: - dependency-name: lodash dependency-version: 4.18.1 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
Added a `test.yml` workflow that runs `yarn test:ci` (gscan validation) on every pull request, giving us automated theme checks before changes are merged. The workflow was adapted from the Zap repo, which uses pnpm, so the toolchain setup was switched to yarn to match this repo's `yarn.lock` — using `actions/setup-node` with `cache: yarn` and `yarn install --frozen-lockfile` for reproducible installs.
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Introduced `.github/workflows/deploy-theme.yml` so pushes to `main` automatically run `yarn test:ci` and, on success, deploy the built theme via `TryGhost/action-deploy-theme`. This removes the manual upload step from the release process, ensuring the live theme always reflects the latest tested code on `main`. Credentials are read from the `GHOST_ADMIN_API_URL` and `GHOST_ADMIN_API_KEY` repository secrets, and all action references are pinned to commit SHAs with `persist-credentials: false` to keep the pipeline secure.
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
The Deploy Theme workflow failed on every push to `main` with `ValidationError: Please rename your zip, it's not allowed to override the default theme.` The action derives the theme name from `package.json`, which is `casper` — a name Ghost reserves for its built-in default theme and refuses to let an upload overwrite. Added a `theme-name: Casper-Main` input to the `TryGhost/action-deploy-theme` step so the theme deploys under a distinct name, keeping it separate from the currently active `Casper-Master` theme on the target site.
…me`" This reverts commit b0c8ab9. Reverting, as I'm not sure how the deployment process is. Checking first.
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Standardises Casper on pnpm to match the other TryGhost theme repos (Edition, Zap, Ease-Help, Source-ActivityPub). A single lockfile plus a pinned `packageManager` version means CI and contributors resolve the exact same dependency tree, instead of yarn-vs-pnpm drift. Per-repo decisions: - pnpm-workspace.yaml `allowBuilds`: `pnpm install` flagged only `dtrace-provider` as an un-triaged native build script. It's an optional dtrace binding for bunyan (a gscan dependency) and isn't needed to build, zip, or gscan the theme, so it's classified `false`. - pnpm-workspace.yaml `minimumReleaseAgeExclude`: pnpm 11.5 ships a default supply-chain policy that rejects packages published within the last 24h, enforced in CI via `--frozen-lockfile`. `@tryghost/theme-translations` is a first-party Ghost dependency we pin exactly, so it's excluded from the age gate — otherwise every translations bump breaks CI for a day. - CI now rebuilds before gscan. `pretest`/`pretest:ci` run `pnpm zip` (build + zip) so gscan checks freshly-built output rather than whatever `assets/built/*` happened to be committed. Added a `build` script to match the convention. - test.yml runs the stricter `pnpm test:ci`: this repo has no deploy workflow, so the PR run is the only gate and must catch fatal Ghost compatibility issues. - Kept the `ship` release flow (Casper still ships releases this way), but split the version bump out of it: `yarn version` is interactive, whereas `pnpm version` requires an explicit bump and — surprisingly — exits 0 on a missing argument, which would let a naive `pnpm version && git push` push tags without bumping. So the maintainer now runs `pnpm version <patch|minor|major>` first (which commits + tags), then `pnpm ship` guards a clean tree and pushes the tag. `preship` runs `pnpm test`; `postship` still drafts the GitHub release via `gulp release`. - gulpfile zip glob: dropped the yarn-specific ignores (`!yarn-error.log`, `!yarn.lock`) for `!pnpm-debug.log` and `!pnpm-lock.yaml`, and pointed the release-versioning note at pnpm's docs. The hardened workflow conventions (pinned action digests, `permissions: contents: read`, `persist-credentials: false`, pnpm store cache, `--frozen-lockfile`) are unchanged from the shared template.
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
The pnpm/action-setup digest ac6db6d3c1f721f886538a378a2d73e85697340a no longer exists upstream — GitHub returns HTTP 422 for it — so any workflow job using it fails to resolve the action. Replaced it with 0e279bb959325dab635dd2c09392533439d90093, the verified digest behind the current v6/v6.0.8 tag. pnpm-workspace.yaml only carries development tooling (pnpm 11 build-script approvals) and does not belong in the installable theme zip, so it is now excluded alongside pnpm-lock.yaml in the gulp zip task. Found via review of TryGhost/Themes#529.
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Added a stable `All tests pass` gate for the repository test workflow and introduced concise `AGENTS.md` guidance with a `CLAUDE.md` symlink so agents can run the right commands and avoid committing generated or local-only files.
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
The broad theme zip task could include the agent guidance files added to the theme root. Added explicit exclusions for AGENTS.md and CLAUDE.md so generated theme archives stay limited to runtime theme content.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
19 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.