Skip to content

chore: tooling updates#125

Draft
GabrielCousin wants to merge 20 commits intomainfrom
gabrielcousin/-/tooling-updates
Draft

chore: tooling updates#125
GabrielCousin wants to merge 20 commits intomainfrom
gabrielcousin/-/tooling-updates

Conversation

@GabrielCousin
Copy link
Copy Markdown
Contributor

@GabrielCousin GabrielCousin commented Apr 3, 2026

Summary

A batch of developer tooling and CI modernisation tasks:

  • Package manager: Switch from Yarn to npm; add .npmrc; commit package-lock.json
  • Node.js: Pin Node 22 via .mise.toml; declare engines.node >= 20 in package.json
  • ESLint: Migrate from .eslintrc.json to ESLint v9 flat config (eslint.config.mjs) + typescript-eslint v8; enforce no-explicit-any
  • TypeScript: Replace remaining any types with proper types across src/
  • Test infrastructure: Migrate from legacy runTest.ts/suite/index.ts to @vscode/test-cli (.vscode-test.mjs); replace simple-mock with sinon; upgrade Mocha to v11
  • CI: Migrate to jdx/mise-action@v2; remove xvfb-run-macos.sh shim; drop global vsce install in favour of npx; add @vscode/vsce as devDependency
  • Dependabot: Add monthly schedule with cooldown grouping
  • GitHub templates: Add feature-request issue template; remove stale duplicate bug-report template
  • Misc: Lowercase .MD.md doc extensions; ignore .worktrees/ in .gitignore; update ggshield pre-commit pin to v1.49.0

Test plan

  • npm install succeeds from a clean checkout
  • npm run lint passes with no errors
  • npm run compile (or equivalent build) succeeds
  • CI workflow passes (build + test jobs green)
  • Extension tests pass via @vscode/test-cli runner

@GabrielCousin
chore: delete stale duplicate bug_report issue template
34fd965 
Refs: FRNT-1206
@GabrielCousin
chore: fix docs file extensions to lowercase .md
7f40cf1 
Refs: FRNT-1208
@GabrielCousin
chore: add feature request GitHub issue template
30a9e65 
Refs: FRNT-1217
@GabrielCousin
chore: update ggshield pre-commit pin to v1.49.0
427b0fc 
Aligns the pre-commit hook version with the ggshield version bundled
by the extension.

Refs: FRNT-1205
@GabrielCousin
chore: pin Node 22 via .mise.toml; declare engines.node >= 20
6b3a9f3 
Refs: FRNT-1203
@GabrielCousin
chore: switch from yarn to npm; add .npmrc
dc7fbc9 
- Replace yarn.lock with package-lock.json
- Add .npmrc: engine-strict=true, min-release-age=3 (supply-chain protection)
- Bump @types/node from pinned 20.2.5 to ^22 (FRNT-1204)
- Update package.json scripts to use npm run

Refs: FRNT-1204
@GabrielCousin
chore: add Dependabot config with monthly schedule and cooldown
5bdb7eb 
- npm and github-actions ecosystems, monthly schedule
- 3-day cooldown on all updates (supply-chain protection)
- Groups: typescript-eslint, vscode

Refs: FRNT-1207
@GabrielCousin
chore: migrate CI to jdx/mise-action@v2 and npm
3dec434 
- Replace actions/setup-node@v4 (hardcoded versions) with mise-action@v2
  so CI picks up the Node version from .mise.toml
- Switch yarn → npm ci for installs
- Update vsce install to @vscode/vsce (current package name)
- Remove XQuartz install step (handled in next commit with test-cli)

Refs: FRNT-1209
@GabrielCousin
chore: migrate tests to @vscode/test-cli
7c7f95e 
- Add @vscode/test-cli; configure via .vscode-test.mjs
- Update test script to use vscode-test binary
- Add compile-tests and check scripts; update pretest
- Delete manual boilerplate: runTest.ts, suite/index.ts
- Delete scripts/xvfb-run-macos.sh (display handled by test-cli)
- Remove glob and @types/glob devDeps
- Update .vscode/launch.json to use testConfiguration
- Exclude package-lock.json from codespell (integrity hashes)

Refs: FRNT-1211
@GabrielCousin
chore: replace simple-mock with sinon in test suite
9251be2 
simple-mock has been unmaintained since 2018. All 4 affected test files
migrated to sinon: stub/restore API is equivalent, property names
(called, callCount, lastCall.args) are identical.

Refs: FRNT-1212
@GabrielCousin
chore: upgrade mocha to v11 and add @vscode/vsce as devDependency
cc48682 
mocha ^10 → ^11 to attempt resolving serialize-javascript/diff audit
vulnerabilities. Production deps are clean (npm audit --omit=dev: 0 vulns).
Remaining 4 vulns are dev-only in mocha 11.7.5's own transitive deps
(serialize-javascript ≤7.0.4, diff 6.x) — upstream has not released a fix yet.

Add @vscode/vsce as an explicit devDependency so the CI no longer needs a
separate global install step.
@GabrielCousin
chore(ci): remove vsce global install, use npx
ecce2f9 
@vscode/vsce is now a devDependency, so npm ci makes the binary available.
Drop the separate global install step and invoke via npx instead.
@GabrielCousin
chore: ignore .worktrees directory in git
bb4cea9
@GabrielCousin
chore: migrate ESLint to v9 flat config + typescript-eslint v8
b3b55ca 
Replace .eslintrc.json with eslint.config.mjs using recommendedTypeChecked preset.
Promote critical rules from warn → error; add no-floating-promises and
only-throw-error. Fix all resulting violations across source and test files.

- fixes FRNT-1214
@GabrielCousin
chore: replace any types with proper types and enforce no-explicit-any
c3b90f5 
Replace all explicit any annotations with types imported from existing
packages (vscode, sinon, child_process) or TypeScript built-ins (unknown,
inline object types, typeof console.log). Enable @typescript-eslint/no-explicit-any
as an error in ESLint to prevent regressions.
@GabrielCousin
chore: update tests following switch to sinon
b6e0130
@GabrielCousin GabrielCousin force-pushed the gabrielcousin/-/tooling-updates branch from e9a501b to b6e0130 Compare April 3, 2026 12:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@GabrielCousin