From 0d9dba81c8a8ced9e8f0711d90479f057b64aae4 Mon Sep 17 00:00:00 2001 From: Sheraff Date: Tue, 12 May 2026 21:07:47 +0200 Subject: [PATCH 01/14] ci: add zizmor workflow --- .github/workflows/check-skills.yml | 23 +++++++++------- .../workflows/e2e-opportunistic-matrix.yml | 7 ++--- .github/workflows/notify-intent.yml | 8 ++++-- .github/workflows/pr.yml | 17 +++++++----- .github/workflows/release.yml | 20 ++++++++------ .github/workflows/validate-skills.yml | 9 +++++-- .github/workflows/zizmor.yml | 27 +++++++++++++++++++ 7 files changed, 80 insertions(+), 31 deletions(-) create mode 100644 .github/workflows/zizmor.yml diff --git a/.github/workflows/check-skills.yml b/.github/workflows/check-skills.yml index 267f8f79..7680616a 100644 --- a/.github/workflows/check-skills.yml +++ b/.github/workflows/check-skills.yml @@ -16,22 +16,24 @@ on: types: [published] workflow_dispatch: {} -permissions: - contents: write - pull-requests: write +permissions: {} jobs: check: name: Check for stale skills runs-on: ubuntu-latest + permissions: + contents: write + pull-requests: write steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: fetch-depth: 0 + persist-credentials: false - name: Setup Node - uses: actions/setup-node@v4 + uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 with: node-version: 20 @@ -108,15 +110,18 @@ jobs: if: steps.stale.outputs.has_stale == 'true' env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + PROMPT: ${{ steps.summary.outputs.prompt }} + RELEASE_VERSION: ${{ github.event.release.tag_name || 'manual' }} + SUMMARY: ${{ steps.summary.outputs.summary }} run: | - VERSION="${{ github.event.release.tag_name || 'manual' }}" + VERSION="$RELEASE_VERSION" BRANCH="skills/review-${VERSION}" git config user.name "github-actions[bot]" git config user.email "41898282+github-actions[bot]@users.noreply.github.com" git checkout -b "$BRANCH" git commit --allow-empty -m "chore: review stale skills for ${VERSION}" - git push origin "$BRANCH" + git push "https://x-access-token:${GH_TOKEN}@github.com/${GITHUB_REPOSITORY}.git" "$BRANCH" gh pr create \ --title "Review stale skills (${VERSION})" \ @@ -125,7 +130,7 @@ jobs: The following skills may need updates after the latest release: - ${{ steps.summary.outputs.summary }} + ${SUMMARY} --- @@ -134,7 +139,7 @@ jobs: Paste this into your coding agent (Claude Code, Cursor, etc.): ~~~ - ${{ steps.summary.outputs.prompt }} + ${PROMPT} ~~~ PREOF diff --git a/.github/workflows/e2e-opportunistic-matrix.yml b/.github/workflows/e2e-opportunistic-matrix.yml index 625aa927..ea3e6e02 100644 --- a/.github/workflows/e2e-opportunistic-matrix.yml +++ b/.github/workflows/e2e-opportunistic-matrix.yml @@ -34,11 +34,12 @@ jobs: - react-toolchain-deploy steps: - name: Checkout - uses: actions/checkout@v6.0.1 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 + persist-credentials: false - name: Setup Tools - uses: tanstack/config/.github/setup@main + uses: tanstack/config/.github/setup@e4b48f16568324f76f467aa4c2aac2f05db632c3 # main - name: Install Playwright Chrome run: pnpm --filter @tanstack/cli exec playwright install --with-deps chrome - name: Run Matrix Scenario @@ -47,7 +48,7 @@ jobs: run: pnpm nx run @tanstack/cli:test:e2e:matrix - name: Upload Playwright Report if: always() - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4 with: name: playwright-report-${{ matrix.scenario }} path: packages/cli/playwright-report diff --git a/.github/workflows/notify-intent.yml b/.github/workflows/notify-intent.yml index ce2d15c4..bca078d7 100644 --- a/.github/workflows/notify-intent.yml +++ b/.github/workflows/notify-intent.yml @@ -22,15 +22,19 @@ on: - 'docs/**' - 'src/**' +permissions: + contents: read + jobs: notify: name: Notify TanStack Intent runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: fetch-depth: 2 + persist-credentials: false - name: Collect changed files id: changes @@ -39,7 +43,7 @@ jobs: echo "files=$FILES" >> "$GITHUB_OUTPUT" - name: Dispatch to intent repo - uses: peter-evans/repository-dispatch@v3 + uses: peter-evans/repository-dispatch@ff45666b9427631e3450c54a1bcbee4d9ff4d7c0 # v3 with: token: ${{ secrets.INTENT_NOTIFY_TOKEN }} repository: TanStack/intent diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index 9017783c..af82fb3d 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -19,11 +19,12 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v6.0.1 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 + persist-credentials: false - name: Setup Tools - uses: tanstack/config/.github/setup@main + uses: tanstack/config/.github/setup@e4b48f16568324f76f467aa4c2aac2f05db632c3 # main - name: Build run: pnpm build - name: Test Unit @@ -33,11 +34,12 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v6.0.1 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 + persist-credentials: false - name: Check Provenance - uses: danielroe/provenance-action@v0.1.1 + uses: danielroe/provenance-action@41bcc969e579d9e29af08ba44fcbfdf95cee6e6c # v0.1.1 with: fail-on-downgrade: true test-e2e: @@ -45,13 +47,14 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v6.0.1 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 + persist-credentials: false - name: Setup Tools - uses: tanstack/config/.github/setup@main + uses: tanstack/config/.github/setup@e4b48f16568324f76f467aa4c2aac2f05db632c3 # main - name: Get base and head commits for `nx affected` - uses: nrwl/nx-set-shas@v4.4.0 + uses: nrwl/nx-set-shas@3e9ad7370203c1e93d109be57f3b72eb0eb511b1 # v4.4.0 with: main-branch-name: main - name: Install Playwright Chrome diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 810cf93f..0ab04979 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -12,24 +12,26 @@ env: NX_CLOUD_ACCESS_TOKEN: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} -permissions: - contents: write - id-token: write - pull-requests: read - statuses: read +permissions: {} jobs: release: name: Release if: ${{ github.repository_owner == 'TanStack' && !contains(github.event.head_commit.message, '[skip ci]') }} runs-on: ubuntu-latest + permissions: + contents: write + id-token: write + pull-requests: read + statuses: read steps: - name: Checkout - uses: actions/checkout@v6.0.1 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 + persist-credentials: false - name: Setup Tools - uses: tanstack/config/.github/setup@main + uses: tanstack/config/.github/setup@e4b48f16568324f76f467aa4c2aac2f05db632c3 # main - name: Build run: pnpm build - name: Test Unit @@ -60,4 +62,6 @@ jobs: - name: Publish Packages if: steps.release.outputs.has_changesets == 'true' && steps.changes.outputs.has_changes == 'true' - run: pnpm changeset publish --tag "${{ steps.release.outputs.npm_tag }}" + env: + NPM_TAG: ${{ steps.release.outputs.npm_tag }} + run: pnpm changeset publish --tag "$NPM_TAG" diff --git a/.github/workflows/validate-skills.yml b/.github/workflows/validate-skills.yml index 8f39716a..4c42b181 100644 --- a/.github/workflows/validate-skills.yml +++ b/.github/workflows/validate-skills.yml @@ -12,16 +12,21 @@ on: - 'skills/**' - '**/skills/**' +permissions: + contents: read + jobs: validate: name: Validate skill files runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 + with: + persist-credentials: false - name: Setup Node - uses: actions/setup-node@v4 + uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 with: node-version: 20 diff --git a/.github/workflows/zizmor.yml b/.github/workflows/zizmor.yml new file mode 100644 index 00000000..049ac745 --- /dev/null +++ b/.github/workflows/zizmor.yml @@ -0,0 +1,27 @@ +name: GitHub Actions Security Analysis + +on: + push: + branches: + - main + pull_request: + branches: + - '**' + +permissions: {} + +jobs: + zizmor: + name: zizmor + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + with: + persist-credentials: false + + - name: Run zizmor + uses: zizmorcore/zizmor-action@b1d7e1fb5de872772f31590499237e7cce841e8e # v0.5.3 + with: + advanced-security: false + annotations: true From 80d155f97c0bddeb8b11aa0668486413a04d7ae7 Mon Sep 17 00:00:00 2001 From: Sheraff Date: Wed, 13 May 2026 00:51:31 +0200 Subject: [PATCH 02/14] ci: clarify skill review PR creation --- .github/workflows/check-skills.yml | 36 +++++++++++++----------------- 1 file changed, 15 insertions(+), 21 deletions(-) diff --git a/.github/workflows/check-skills.yml b/.github/workflows/check-skills.yml index 7680616a..f4c892a6 100644 --- a/.github/workflows/check-skills.yml +++ b/.github/workflows/check-skills.yml @@ -30,7 +30,7 @@ jobs: uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: fetch-depth: 0 - persist-credentials: false + persist-credentials: true # review job pushes a generated branch - name: Setup Node uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 @@ -121,28 +121,22 @@ jobs: git config user.email "41898282+github-actions[bot]@users.noreply.github.com" git checkout -b "$BRANCH" git commit --allow-empty -m "chore: review stale skills for ${VERSION}" - git push "https://x-access-token:${GH_TOKEN}@github.com/${GITHUB_REPOSITORY}.git" "$BRANCH" + git push origin "$BRANCH" + + { + printf '%s\n\n' '## Stale Skills Detected' + printf '%s\n\n' 'The following skills may need updates after the latest release:' + printf '%s\n\n' "$SUMMARY" + printf '%s\n\n' '---' + printf '%s\n\n' '### Update Prompt' + printf '%s\n\n' 'Paste this into your coding agent (Claude Code, Cursor, etc.):' + printf '%s\n' '~~~' + printf '%s\n' "$PROMPT" + printf '%s\n' '~~~' + } > pr-body.md gh pr create \ --title "Review stale skills (${VERSION})" \ - --body "$(cat <<'PREOF' - ## Stale Skills Detected - - The following skills may need updates after the latest release: - - ${SUMMARY} - - --- - - ### Update Prompt - - Paste this into your coding agent (Claude Code, Cursor, etc.): - - ~~~ - ${PROMPT} - ~~~ - - PREOF - )" \ + --body-file pr-body.md \ --head "$BRANCH" \ --base main From 7736dc617430e6216bbf4b240b845dfdb7bcca77 Mon Sep 17 00:00:00 2001 From: Flo Date: Wed, 13 May 2026 12:01:30 +0200 Subject: [PATCH 03/14] Update .github/workflows/check-skills.yml --- .github/workflows/check-skills.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/check-skills.yml b/.github/workflows/check-skills.yml index f4c892a6..b43cf4d9 100644 --- a/.github/workflows/check-skills.yml +++ b/.github/workflows/check-skills.yml @@ -27,7 +27,7 @@ jobs: pull-requests: write steps: - name: Checkout - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 persist-credentials: true # review job pushes a generated branch From 8db20bbee0ebf4d0e3c2b8218e8335146c229066 Mon Sep 17 00:00:00 2001 From: Flo Date: Wed, 13 May 2026 12:01:37 +0200 Subject: [PATCH 04/14] Update .github/workflows/e2e-opportunistic-matrix.yml --- .github/workflows/e2e-opportunistic-matrix.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/e2e-opportunistic-matrix.yml b/.github/workflows/e2e-opportunistic-matrix.yml index ea3e6e02..23475873 100644 --- a/.github/workflows/e2e-opportunistic-matrix.yml +++ b/.github/workflows/e2e-opportunistic-matrix.yml @@ -34,7 +34,7 @@ jobs: - react-toolchain-deploy steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 persist-credentials: false From 279aa27b2271406d2a9326ac03eb50ccc2758ca7 Mon Sep 17 00:00:00 2001 From: Flo Date: Wed, 13 May 2026 12:01:44 +0200 Subject: [PATCH 05/14] Update .github/workflows/notify-intent.yml --- .github/workflows/notify-intent.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/notify-intent.yml b/.github/workflows/notify-intent.yml index bca078d7..7cf27d04 100644 --- a/.github/workflows/notify-intent.yml +++ b/.github/workflows/notify-intent.yml @@ -31,7 +31,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 2 persist-credentials: false From a2bee82ac08877f25a606ed86e6bb0f819b358e2 Mon Sep 17 00:00:00 2001 From: Flo Date: Wed, 13 May 2026 12:01:51 +0200 Subject: [PATCH 06/14] Update .github/workflows/pr.yml --- .github/workflows/pr.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index af82fb3d..23e669c4 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 persist-credentials: false From 2e135d1a1d9843234458716daf2aba185ba9bfa1 Mon Sep 17 00:00:00 2001 From: Flo Date: Wed, 13 May 2026 12:01:59 +0200 Subject: [PATCH 07/14] Update .github/workflows/pr.yml --- .github/workflows/pr.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index 23e669c4..9f3026c5 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -34,7 +34,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 persist-credentials: false From 2f1a851b4c5f5206963e35c61e0de44d8ef50fb9 Mon Sep 17 00:00:00 2001 From: Flo Date: Wed, 13 May 2026 12:02:07 +0200 Subject: [PATCH 08/14] Update .github/workflows/pr.yml --- .github/workflows/pr.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index 9f3026c5..ca506976 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -47,7 +47,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 persist-credentials: false From 2fb116226af15aa389e01f29fc5593b3d8dc3f8c Mon Sep 17 00:00:00 2001 From: Flo Date: Wed, 13 May 2026 12:02:14 +0200 Subject: [PATCH 09/14] Update .github/workflows/release.yml --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 0ab04979..13afe5fd 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -26,7 +26,7 @@ jobs: statuses: read steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 persist-credentials: false From 5e6ea2f9ffa2b25c7b17de03775b82dbf4a7335b Mon Sep 17 00:00:00 2001 From: Flo Date: Wed, 13 May 2026 12:02:20 +0200 Subject: [PATCH 10/14] Update .github/workflows/validate-skills.yml --- .github/workflows/validate-skills.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/validate-skills.yml b/.github/workflows/validate-skills.yml index 4c42b181..8e3806f2 100644 --- a/.github/workflows/validate-skills.yml +++ b/.github/workflows/validate-skills.yml @@ -21,7 +21,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false From 4625c0d35a89a9415d98a3db97cd2f62da4281b9 Mon Sep 17 00:00:00 2001 From: Flo Date: Wed, 13 May 2026 12:02:28 +0200 Subject: [PATCH 11/14] Update .github/workflows/validate-skills.yml --- .github/workflows/validate-skills.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/validate-skills.yml b/.github/workflows/validate-skills.yml index 8e3806f2..823a88ca 100644 --- a/.github/workflows/validate-skills.yml +++ b/.github/workflows/validate-skills.yml @@ -26,7 +26,7 @@ jobs: persist-credentials: false - name: Setup Node - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 + uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 with: node-version: 20 From 93cb40db48950216a36e71256a458318905017b1 Mon Sep 17 00:00:00 2001 From: Flo Date: Wed, 13 May 2026 12:02:35 +0200 Subject: [PATCH 12/14] Update .github/workflows/check-skills.yml --- .github/workflows/check-skills.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/check-skills.yml b/.github/workflows/check-skills.yml index b43cf4d9..13a017cc 100644 --- a/.github/workflows/check-skills.yml +++ b/.github/workflows/check-skills.yml @@ -33,7 +33,7 @@ jobs: persist-credentials: true # review job pushes a generated branch - name: Setup Node - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 + uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 with: node-version: 20 From d2a870a7f1766b2035e78b3a08c23b97f89d534a Mon Sep 17 00:00:00 2001 From: Flo Date: Wed, 13 May 2026 12:02:42 +0200 Subject: [PATCH 13/14] Update .github/workflows/notify-intent.yml --- .github/workflows/notify-intent.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/notify-intent.yml b/.github/workflows/notify-intent.yml index 7cf27d04..cdba272b 100644 --- a/.github/workflows/notify-intent.yml +++ b/.github/workflows/notify-intent.yml @@ -43,7 +43,7 @@ jobs: echo "files=$FILES" >> "$GITHUB_OUTPUT" - name: Dispatch to intent repo - uses: peter-evans/repository-dispatch@ff45666b9427631e3450c54a1bcbee4d9ff4d7c0 # v3 + uses: peter-evans/repository-dispatch@ff45666b9427631e3450c54a1bcbee4d9ff4d7c0 # v3.0.0 with: token: ${{ secrets.INTENT_NOTIFY_TOKEN }} repository: TanStack/intent From bf09f983aa9ad4c20b449ed5ee3353ecf6776dc1 Mon Sep 17 00:00:00 2001 From: Flo Date: Wed, 13 May 2026 12:02:49 +0200 Subject: [PATCH 14/14] Update .github/workflows/e2e-opportunistic-matrix.yml --- .github/workflows/e2e-opportunistic-matrix.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/e2e-opportunistic-matrix.yml b/.github/workflows/e2e-opportunistic-matrix.yml index 23475873..3d3fe8c7 100644 --- a/.github/workflows/e2e-opportunistic-matrix.yml +++ b/.github/workflows/e2e-opportunistic-matrix.yml @@ -48,7 +48,7 @@ jobs: run: pnpm nx run @tanstack/cli:test:e2e:matrix - name: Upload Playwright Report if: always() - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: playwright-report-${{ matrix.scenario }} path: packages/cli/playwright-report