mirror of
https://github.com/Comfy-Org/ComfyUI_frontend.git
synced 2026-04-20 06:20:11 +00:00
Upgrades `pnpm/action-setup` from v4.2.0 to v4.4.0 across all 16 workflow files and the shared `setup-frontend` action. ## Why GitHub Actions will force Node.js 24 as the default starting June 2, 2026. The v4.2.0 pin ran on Node.js 20 and emitted deprecation warnings on every CI run. v4.4.0 was released specifically to address this, updating the action runtime to Node.js 24. - Fixes the warning: *"pnpm/action-setup@41ff72... Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026"* ┆Issue is synchronized with this [Notion page](https://www.notion.so/PR-10137-ci-upgrade-pnpm-action-setup-to-v4-4-0-Node-js-24-3266d73d36508176b157fcd1d33f2274) by [Unito](https://www.unito.io)
120 lines
4.2 KiB
YAML
120 lines
4.2 KiB
YAML
name: 'CI: OSS Assets Validation'
|
|
|
|
on:
|
|
pull_request:
|
|
branches-ignore: [wip/*, draft/*, temp/*]
|
|
push:
|
|
branches: [main, dev*]
|
|
|
|
concurrency:
|
|
group: ${{ github.workflow }}-${{ github.ref }}
|
|
cancel-in-progress: true
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
validate-fonts:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
|
|
|
- name: Install pnpm
|
|
uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v4.4.0
|
|
with:
|
|
version: 10
|
|
|
|
- name: Use Node.js
|
|
uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
|
|
with:
|
|
node-version-file: '.nvmrc'
|
|
cache: 'pnpm'
|
|
|
|
- name: Install dependencies
|
|
run: pnpm install --frozen-lockfile
|
|
|
|
- name: Build project
|
|
run: pnpm build
|
|
env:
|
|
DISTRIBUTION: localhost
|
|
|
|
- name: Check for proprietary fonts in dist
|
|
run: |
|
|
set -euo pipefail
|
|
echo '🔍 Checking dist for proprietary ABCROM fonts...'
|
|
|
|
if [ ! -d "dist" ] || [ -z "$(ls -A dist)" ]; then
|
|
echo '❌ ERROR: dist/ directory missing or empty!'
|
|
exit 1
|
|
fi
|
|
|
|
# Check for ABCROM font files
|
|
if find dist/ -type f -iname '*abcrom*' \
|
|
\( -name '*.woff' -o -name '*.woff2' -o -name '*.ttf' -o -name '*.otf' \) \
|
|
-print -quit | grep -q .; then
|
|
echo ''
|
|
echo '❌ ERROR: Found proprietary ABCROM font files in dist!'
|
|
echo ''
|
|
find dist/ -type f -iname '*abcrom*' \
|
|
\( -name '*.woff' -o -name '*.woff2' -o -name '*.ttf' -o -name '*.otf' \)
|
|
echo ''
|
|
echo 'ABCROM fonts are proprietary and should not ship to OSS builds.'
|
|
echo ''
|
|
echo 'To fix this:'
|
|
echo '1. Use conditional font loading based on isCloud'
|
|
echo '2. Ensure fonts are dynamically imported, not bundled'
|
|
echo '3. Check vite config for font handling'
|
|
exit 1
|
|
fi
|
|
|
|
echo '✅ No proprietary fonts found in dist'
|
|
|
|
validate-licenses:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
|
|
|
- name: Install pnpm
|
|
uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v4.4.0
|
|
with:
|
|
version: 10
|
|
|
|
- name: Use Node.js
|
|
uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
|
|
with:
|
|
node-version-file: '.nvmrc'
|
|
cache: 'pnpm'
|
|
|
|
- name: Install dependencies
|
|
run: pnpm install --frozen-lockfile
|
|
|
|
- name: Validate production dependency licenses
|
|
run: |
|
|
set -euo pipefail
|
|
echo '🔍 Checking production dependency licenses...'
|
|
|
|
# Use license-checker-rseidelsohn (actively maintained fork, handles monorepos)
|
|
# Exclude internal @comfyorg packages from license check
|
|
# Run in if condition to capture exit code
|
|
if npx license-checker-rseidelsohn@4 \
|
|
--production \
|
|
--summary \
|
|
--excludePackages '@comfyorg/comfyui-frontend;@comfyorg/design-system;@comfyorg/registry-types;@comfyorg/shared-frontend-utils;@comfyorg/tailwind-utils;@comfyorg/comfyui-electron-types' \
|
|
--clarificationsFile .github/license-clarifications.json \
|
|
--onlyAllow 'MIT;MIT*;Apache-2.0;BSD-2-Clause;BSD-3-Clause;ISC;0BSD;BlueOak-1.0.0;Python-2.0;CC0-1.0;Unlicense;(MIT OR Apache-2.0);(MIT OR GPL-3.0);(Apache-2.0 OR MIT);(MPL-2.0 OR Apache-2.0);CC-BY-4.0;CC-BY-3.0;GPL-3.0-only'; then
|
|
echo ''
|
|
echo '✅ All production dependency licenses are approved!'
|
|
else
|
|
echo ''
|
|
echo '❌ ERROR: Found dependencies with non-approved licenses!'
|
|
echo ''
|
|
echo 'To fix this:'
|
|
echo '1. Check the license of the problematic package'
|
|
echo '2. Find an alternative package with an approved license'
|
|
echo '3. If the license is safe and OSI-approved, add it to the --onlyAllow list'
|
|
echo ''
|
|
echo 'For more info on OSI-approved licenses:'
|
|
echo 'https://opensource.org/licenses'
|
|
exit 1
|
|
fi
|