From 39028e316068b1dd8a8cfbff14b9e2a131dd8aa5 Mon Sep 17 00:00:00 2001
From: 简律纯 <i@jyunko.cn>
Date: Fri, 16 Jan 2026 09:44:48 +0800
Subject: fix(security): Potential fix for code scanning alert no. 2: Workflow
 does not contain permissions

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
 .github/workflows/test.yml | 3 +++
 1 file changed, 3 insertions(+)

(limited to '.github/workflows/test.yml')

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index 8ca056e..5440cd8 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -10,6 +10,9 @@ on:
     branches: ["main"]
   workflow_dispatch:
 
+permissions:
+  contents: read
+
 env:
   CARGO_TERM_COLOR: always
 
-- 
cgit v1.2.3-70-g09d2


From c3a0bef0767aec88fdd619199bed4bad6b57057c Mon Sep 17 00:00:00 2001
From: HsiangNianian <i@jyunko.cn>
Date: Fri, 16 Jan 2026 14:55:17 +0800
Subject: feat: enhance CI workflow by adding Node.js, pnpm, and Tauri CLI
 installation

Updated the GitHub Actions workflow to include steps for installing Node.js and pnpm, as well as the Tauri CLI. Added commands to install frontend dependencies and build the application for different operating systems, ensuring a more robust and comprehensive CI process.
---
 .github/workflows/test.yml | 58 +++++++++++++++++++++++++++++++++++++++++++---
 1 file changed, 55 insertions(+), 3 deletions(-)

(limited to '.github/workflows/test.yml')

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index 5440cd8..ebf0b91 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -65,6 +65,23 @@ jobs:
       - name: Install Rust
         uses: dtolnay/rust-toolchain@stable
 
+      - name: Install Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: 20
+
+      - name: Install pnpm
+        uses: pnpm/action-setup@v2
+        with:
+          version: 8
+
+      - name: Install Frontend Dependencies
+        working-directory: ./ui
+        run: pnpm install
+
+      - name: Install Tauri CLI
+        run: cargo install tauri-cli
+
       - name: Rust Cache
         uses: swatinem/rust-cache@v2
         with:
@@ -74,6 +91,41 @@ jobs:
         working-directory: ./src-tauri
         run: cargo test --verbose
 
-      - name: Build (Dev)
-        working-directory: ./src-tauri
-        run: cargo build --verbose
+      - name: Build App (Debug)
+        run: cargo tauri build --debug
+
+      - name: Get Short SHA
+        id: slug
+        run: echo "sha8=$(echo ${GITHUB_SHA} | cut -c1-8)" >> $GITHUB_OUTPUT
+
+      - name: Upload Artifact (Linux)
+        if: runner.os == 'Linux'
+        uses: actions/upload-artifact@v4
+        with:
+          name: dropout-linux-${{ matrix.wayland && 'arch' || 'ubuntu' }}-${{ steps.slug.outputs.sha8 }}
+          path: |
+            src-tauri/target/debug/bundle/appimage/*.AppImage
+            src-tauri/target/debug/bundle/deb/*.deb
+            src-tauri/target/debug/dropout
+          retention-days: 5
+
+      - name: Upload Artifact (Windows)
+        if: runner.os == 'Windows'
+        uses: actions/upload-artifact@v4
+        with:
+          name: dropout-windows-${{ steps.slug.outputs.sha8 }}
+          path: |
+            src-tauri/target/debug/bundle/msi/*.msi
+            src-tauri/target/debug/bundle/nsis/*.exe
+            src-tauri/target/debug/dropout.exe
+          retention-days: 5
+
+      - name: Upload Artifact (macOS)
+        if: runner.os == 'macOS'
+        uses: actions/upload-artifact@v4
+        with:
+          name: dropout-macos-${{ steps.slug.outputs.sha8 }}
+          path: |
+            src-tauri/target/debug/bundle/dmg/*.dmg
+            src-tauri/target/debug/bundle/macos/DropOut.app
+          retention-days: 5
-- 
cgit v1.2.3-70-g09d2


From 066ffc6ecf27a531dbab76195230dae671ed3a0f Mon Sep 17 00:00:00 2001
From: HsiangNianian <i@jyunko.cn>
Date: Fri, 16 Jan 2026 14:55:44 +0800
Subject: chore: update Node.js and pnpm versions in CI workflow

Modified the GitHub Actions workflow to upgrade Node.js from version 20 to 22 and pnpm from version 8 to 9, ensuring compatibility with the latest features and improvements.
---
 .github/workflows/test.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to '.github/workflows/test.yml')

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index ebf0b91..1f7f055 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -68,12 +68,12 @@ jobs:
       - name: Install Node.js
         uses: actions/setup-node@v4
         with:
-          node-version: 20
+          node-version: 22
 
       - name: Install pnpm
         uses: pnpm/action-setup@v2
         with:
-          version: 8
+          version: 9
 
       - name: Install Frontend Dependencies
         working-directory: ./ui
-- 
cgit v1.2.3-70-g09d2


From 252618d3a5ab102498b7ee6d84e0c4afd3a0193c Mon Sep 17 00:00:00 2001
From: HsiangNianian <i@jyunko.cn>
Date: Fri, 16 Jan 2026 15:00:22 +0800
Subject: chore: update CI workflow to improve dependency installation

Modified the GitHub Actions workflow to ensure the 'apt-get update' command does not fail and added 'libfuse2' to the list of installed dependencies for Ubuntu, enhancing the reliability of the CI process.
---
 .github/workflows/test.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to '.github/workflows/test.yml')

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index 1f7f055..2d0453f 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -45,8 +45,8 @@ jobs:
       - name: Install Dependencies (Ubuntu)
         if: runner.os == 'Linux' && !matrix.wayland
         run: |
-          sudo apt-get update
-          sudo apt-get install -y libwebkit2gtk-4.1-dev build-essential curl wget file libssl-dev libgtk-3-dev libayatana-appindicator3-dev librsvg2-dev
+          sudo apt-get update || true
+          sudo apt-get install -y libwebkit2gtk-4.1-dev build-essential curl wget file libssl-dev libgtk-3-dev libayatana-appindicator3-dev librsvg2-dev libfuse2
 
       - name: Install Dependencies (Arch Linux)
         if: matrix.wayland
-- 
cgit v1.2.3-70-g09d2


From ddf10db485ea125df92d87955f110f46c0c1e7a0 Mon Sep 17 00:00:00 2001
From: HsiangNianian <i@jyunko.cn>
Date: Fri, 16 Jan 2026 15:03:19 +0800
Subject: chore: refine CI workflow to conditionally execute steps based on
 event type

Updated the GitHub Actions workflow to conditionally run installation and build steps only when triggered by a 'workflow_dispatch' event. This change optimizes the workflow by separating build processes for push/PR events and manual triggers, enhancing clarity and efficiency in CI operations.
---
 .github/workflows/test.yml | 17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

(limited to '.github/workflows/test.yml')

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index 2d0453f..8bf6d2f 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -66,20 +66,24 @@ jobs:
         uses: dtolnay/rust-toolchain@stable
 
       - name: Install Node.js
+        if: github.event_name == 'workflow_dispatch'
         uses: actions/setup-node@v4
         with:
           node-version: 22
 
       - name: Install pnpm
+        if: github.event_name == 'workflow_dispatch'
         uses: pnpm/action-setup@v2
         with:
           version: 9
 
       - name: Install Frontend Dependencies
+        if: github.event_name == 'workflow_dispatch'
         working-directory: ./ui
         run: pnpm install
 
       - name: Install Tauri CLI
+        if: github.event_name == 'workflow_dispatch'
         run: cargo install tauri-cli
 
       - name: Rust Cache
@@ -91,15 +95,22 @@ jobs:
         working-directory: ./src-tauri
         run: cargo test --verbose
 
+      - name: Build Rust Only (Push/PR)
+        if: github.event_name != 'workflow_dispatch'
+        working-directory: ./src-tauri
+        run: cargo build --verbose
+
       - name: Build App (Debug)
+        if: github.event_name == 'workflow_dispatch'
         run: cargo tauri build --debug
 
       - name: Get Short SHA
+        if: github.event_name == 'workflow_dispatch'
         id: slug
         run: echo "sha8=$(echo ${GITHUB_SHA} | cut -c1-8)" >> $GITHUB_OUTPUT
 
       - name: Upload Artifact (Linux)
-        if: runner.os == 'Linux'
+        if: runner.os == 'Linux' && github.event_name == 'workflow_dispatch'
         uses: actions/upload-artifact@v4
         with:
           name: dropout-linux-${{ matrix.wayland && 'arch' || 'ubuntu' }}-${{ steps.slug.outputs.sha8 }}
@@ -110,7 +121,7 @@ jobs:
           retention-days: 5
 
       - name: Upload Artifact (Windows)
-        if: runner.os == 'Windows'
+        if: runner.os == 'Windows' && github.event_name == 'workflow_dispatch'
         uses: actions/upload-artifact@v4
         with:
           name: dropout-windows-${{ steps.slug.outputs.sha8 }}
@@ -121,7 +132,7 @@ jobs:
           retention-days: 5
 
       - name: Upload Artifact (macOS)
-        if: runner.os == 'macOS'
+        if: runner.os == 'macOS' && github.event_name == 'workflow_dispatch'
         uses: actions/upload-artifact@v4
         with:
           name: dropout-macos-${{ steps.slug.outputs.sha8 }}
-- 
cgit v1.2.3-70-g09d2