Skip to content

chore: standardize repository config#165

Merged
afc163 merged 33 commits into
masterfrom
codex/standardize-rc-config
Jun 29, 2026
Merged

chore: standardize repository config#165
afc163 merged 33 commits into
masterfrom
codex/standardize-rc-config

Conversation

@afc163

@afc163 afc163 commented Jun 26, 2026
edited
Loading

Copy link
Copy Markdown
Member

Summary

Standardize this rc-component repository as part of the Ant Design rc-component maintenance sweep.

Tracking issue: ant-design/ant-design#58514

Scope

  • Redesign README.md and README.zh-CN.md with centered title, Ant Design ecosystem branding, aligned badges, scoped Bundlephobia badge, install command, Usage, Development, Release, and License sections.
  • Standardize package metadata, GitHub repo metadata, npm package name, package entry fields, types: "./es/index.d.ts", publishConfig, and release flow through @rc-component/np.
  • Align shared dependencies and scripts for React, testing-library, Jest/Vitest where existing, TypeScript, ESLint, Prettier, Less, dumi, father, Husky, lint-staged, and Dependabot.
  • Use the shared react-component/rc-test/.github/workflows/test-utoo.yml@main workflow, React Doctor, Codecov, CodeQL, updated GitHub Actions versions, and guarded Surge preview fallback.
  • Keep Vercel preview configuration compatible with docs-dist output and remove legacy now-build / Cloudflare Pages residue.
  • Keep API docs, demos, tests, TypeScript checks, funding metadata, and npm package files aligned with the repository standardization matrix.

Notes

  • No breaking runtime behavior is intended.
  • React peer dependency ranges are preserved when narrowing them would be a breaking change.
  • secrets: inherit is kept until react-component/rc-test#176 is merged, then it can be narrowed to explicit CODECOV_TOKEN forwarding.

@vercel

vercel Bot commented Jun 26, 2026
edited
Loading

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
switch Ready Ready Preview, Comment Jun 29, 2026 6:38am

@coderabbitai

coderabbitai Bot commented Jun 26, 2026
edited
Loading

Copy link
Copy Markdown

Warning

Review limit reached

@afc163, you've reached your PR review limit, so we couldn't start this review.

Next review available in: 57 minutes

Your organization has used up its prepaid credits, and credit purchases are no longer available. Enable usage-based reviews in Billing to keep reviews running — you're only billed for reviews past your plan's rate limits ($0.25/file).

How can I continue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based reviews.

How do review limits work?

CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan review availability.

For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, additional reviews become available more gradually as earlier reviews age out of the rolling window.

Please see our Fair Usage Limits Policy for further information, and refer to the rate limits docs for additional details.

Review details
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 3813258f-7f0d-4553-93b2-78142f8a6959

📥 Commits

Reviewing files that changed from the base of the PR and between 149568c and e17e09b.

📒 Files selected for processing (18)
  • .dumirc.ts
  • .eslintignore
  • .github/FUNDING.yml
  • .github/dependabot.yml
  • .github/workflows/main.yml
  • .github/workflows/react-component-ci.yml
  • .github/workflows/react-doctor.yml
  • .github/workflows/surge-preview.yml
  • .gitignore
  • .husky/pre-commit
  • .prettierignore
  • LICENSE
  • README.md
  • README.zh-CN.md
  • docs/index.md
  • package.json
  • tsconfig.json
  • vercel.json
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch codex/standardize-rc-config

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@github-actions

github-actions Bot commented Jun 26, 2026
edited
Loading

Copy link
Copy Markdown

❌ Deploy failed

PR preview ❌ Failed ❌ Failed
🔗 Preview https://react-component-switch-preview-pr-165.surge.sh (may be unavailable)
📝 Commite17e09b
🪵 LogsView logs
📋 Build log (last lines) 
npm warn exec The following package was not found and will be installed: surge@0.27.4

   Running as afc163@gmail.com (Student)

        project: ./docs-dist
         domain: react-component-switch-preview-pr-165.surge.sh
           size: 27 files, 1.5 MB

   Aborted - you do not have permission to publish to react-component-switch-preview-pr-165.surge.sh

🤖 Powered by surge-preview

@socket-security

socket-security Bot commented Jun 26, 2026
edited
Loading

Copy link
Copy Markdown

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action Severity Alert  (click "▶" to expand/collapse)
Warn Critical
Potential typosquat: npm slash2 as a typo of slash

Did you mean: slash2

From: ?npm/rc-test@7.1.3npm/slash2@2.0.0

ℹ Read more on: This package | This alert | What is a typosquat?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Use care when consuming similarly named packages and ensure that you did not intend to consume a different package. Malicious packages often publish using similar names as existing popular packages.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/slash2@2.0.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: npm css-tree is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: ?npm/@umijs/fabric@4.0.1npm/css-tree@3.2.1

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/css-tree@3.2.1. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: npm cssom is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: ?npm/rc-test@7.1.3npm/cssom@0.3.8

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/cssom@0.3.8. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: npm cssom is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: ?npm/rc-test@7.1.3npm/cssom@0.5.0

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/cssom@0.5.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: npm eslint-plugin-react is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: ?npm/@umijs/fabric@4.0.1npm/eslint-plugin-react@7.37.5

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/eslint-plugin-react@7.37.5. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: npm eslint-plugin-unicorn is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: package.jsonnpm/eslint-plugin-unicorn@56.0.1

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/eslint-plugin-unicorn@56.0.1. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

gemini-code-assist[bot]
gemini-code-assist Bot reviewed Jun 26, 2026
View reviewed changes

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request updates the project's configuration, documentation, and build scripts, including transitioning to dumi and rc-test, adding Vercel deployment configurations, and updating the README. Feedback is provided regarding the removal of strict type-checking in tsconfig.json which reduces type safety, and the removal of the prepare script in package.json which prevents automatic Husky git hooks installation.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

Comment thread tsconfig.json
Comment thread package.json
@codecov

codecov Bot commented Jun 26, 2026
edited
Loading

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 100.00%. Comparing base (552d320) to head (e17e09b).
⚠️ Report is 1 commits behind head on master.

Additional details and impacted files 
@@            Coverage Diff            @@
##            master      #165   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files            1         1           
  Lines           34        32    -2     
  Branches         9         8    -1     
=========================================
- Hits            34        32    -2

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@afc163 afc163 mentioned this pull request Jun 26, 2026
Closed
@vercel

vercel Bot commented Jun 26, 2026

Copy link
Copy Markdown

Deployment failed with the following error:

Resource is limited - try again in 24 hours (more than 100, code: "api-deployments-free-per-day").

Learn More: https://vercel.com/afc163s-projects?upgradeToPro=build-rate-limit

@socket-security

socket-security Bot commented Jun 27, 2026
edited
Loading

Copy link
Copy Markdown

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Addednpm/​husky@​9.1.71001006280100
Addednpm/​rc-test@​7.1.3751007490100
Addednpm/​@​types/​react-dom@​18.3.71001007685100
Updatednpm/​@​types/​react@​19.2.17 ⏵ 18.3.3110010079 +195100
Addednpm/​cross-env@​10.1.010010010082100
Addednpm/​@​umijs/​fabric@​4.0.1971008786100
Addednpm/​@​testing-library/​react@​15.0.710010010087100
Addednpm/​eslint-plugin-unicorn@​56.0.18810010095100
Addednpm/​typescript@​5.9.3100100909690
Addednpm/​lint-staged@​16.4.010010010097100

View full report

afc163 added 17 commits June 28, 2026 14:01
@afc163 afc163 merged commit 9ab8f18 into master Jun 29, 2026
15 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer
@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments
Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@afc163