Fix setup-bun reference for reusable workflows

[gentamura]

Summary

• replace local setup-bun references in reusable workflows with repository-qualified path
• pin the composite action to commit bc6b8ec to preserve stability

Testing

• not run (reusable workflow requires consumer repo with package.json)

Summary by CodeRabbit

• Chores
  • CI workflows (lint, test, typecheck, release) now use a pinned, remote setup tool for environment provisioning to improve reliability, security, and reproducibility.
  • Standardizes build environments to reduce flakiness and ensure consistent results across runs.
  • No changes to application behavior or user interface.

[coderabbitai]

Walkthrough

Replaces local ./.github/actions/setup-bun references with a remote, commit-pinned listee-dev/listee-ci/.github/actions/setup-bun@bc6b8ec0818a0e52fdfbe3571ffde0678d628e31 in four GitHub workflow files; no other steps or workflow logic were modified.

Changes

Cohort / File(s)	Summary
Workflows: setup-bun reference update .github/workflows/lint.yml, .github/workflows/release.yml, .github/workflows/test.yml, .github/workflows/typecheck.yml	Swapped uses: ./.github/actions/setup-bun → uses: listee-dev/listee-ci/.github/actions/setup-bun@bc6b8ec0818a0e52fdfbe3571ffde0678d628e31; no other edits

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

• chore: add pinact enforcement #2 — Updates/pins the shared setup-bun action in the central CI repo; directly related to switching this repo’s workflows to the remote, commit-pinned action.

Poem

I hop through YAML fields so bright,
Swapping paths by moonlit night—
From local burrow to pinned abode,
A single hash now marks the road.
Thump-thump! CI’s neatly spun—
Remote warren sets up Bun. 🐇✨

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check	✅ Passed	The title clearly summarizes the primary change, namely updating the setup-bun action reference in reusable workflows, is concise without extraneous details, and accurately describes the main fix implemented in the changeset.
Docstring Coverage	✅ Passed	No functions found in the changes. Docstring coverage check skipped.

✨ Finishing touches

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix-setup-bun-remote-uses

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 0c38706 and 8612daf.

📒 Files selected for processing (1)

• .github/workflows/test.yml (1 hunks)

🧰 Additional context used

📓 Path-based instructions (4)

.github/workflows/{lint,test,typecheck,release}.yml

📄 CodeRabbit inference engine (AGENTS.md)

Common reusable workflows must exist at .github/workflows/lint.yml, test.yml, typecheck.yml, and release.yml

Files:

• .github/workflows/test.yml

.github/**/*.yml

📄 CodeRabbit inference engine (AGENTS.md)

YAML files use 2-space indentation and filenames use kebab-case with .yml extension

Files:

• .github/workflows/test.yml

.github/workflows/*.yml

📄 CodeRabbit inference engine (AGENTS.md)

.github/workflows/*.yml: Workflow job IDs are lowercase and concise; step name fields are human-readable
Reference the internal composite action relatively as ./.github/actions/setup-bun so it works with both act and GitHub

Files:

• .github/workflows/test.yml

.github/{workflows,actions}/**/*.{yml,yaml}

📄 CodeRabbit inference engine (AGENTS.md)

External actions must use stable, versioned tags (e.g., actions/checkout@v5)

Files:

• .github/workflows/test.yml

🧠 Learnings (4)

📓 Common learnings

Learnt from: CR
PR: listee-dev/listee-ci#0
File: AGENTS.md:0-0
Timestamp: 2025-09-20T12:49:53.689Z
Learning: Applies to .github/workflows/*.yml : Reference the internal composite action relatively as ./.github/actions/setup-bun so it works with both act and GitHub

Learnt from: CR
PR: listee-dev/listee-ci#0
File: AGENTS.md:0-0
Timestamp: 2025-09-20T12:49:53.689Z
Learning: Applies to .github/actions/setup-bun/action.@(yml|yaml) : The composite action at .github/actions/setup-bun installs Bun and runs `bun install --frozen-lockfile`

Learnt from: CR
PR: listee-dev/listee-ci#0
File: AGENTS.md:0-0
Timestamp: 2025-09-20T12:49:53.689Z
Learning: Applies to .github/workflows/pinact.yml : Include and use pinact.yml workflow to enforce pinned action references

📚 Learning: 2025-09-20T12:49:53.689Z

Learnt from: CR
PR: listee-dev/listee-ci#0
File: AGENTS.md:0-0
Timestamp: 2025-09-20T12:49:53.689Z
Learning: Applies to .github/workflows/*.yml : Reference the internal composite action relatively as ./.github/actions/setup-bun so it works with both act and GitHub

Applied to files:

• .github/workflows/test.yml

📚 Learning: 2025-09-20T12:49:53.689Z

Learnt from: CR
PR: listee-dev/listee-ci#0
File: AGENTS.md:0-0
Timestamp: 2025-09-20T12:49:53.689Z
Learning: Applies to .github/workflows/pinact.yml : Include and use pinact.yml workflow to enforce pinned action references

Applied to files:

• .github/workflows/test.yml

📚 Learning: 2025-09-20T12:49:53.689Z

Learnt from: CR
PR: listee-dev/listee-ci#0
File: AGENTS.md:0-0
Timestamp: 2025-09-20T12:49:53.689Z
Learning: Applies to .github/actions/setup-bun/action.@(yml|yaml) : The composite action at .github/actions/setup-bun installs Bun and runs `bun install --frozen-lockfile`

Applied to files:

• .github/workflows/test.yml

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 4

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between bc6b8ec and 0c38706.

📒 Files selected for processing (4)

• .github/workflows/lint.yml (1 hunks)
• .github/workflows/release.yml (1 hunks)
• .github/workflows/test.yml (1 hunks)
• .github/workflows/typecheck.yml (1 hunks)

🧰 Additional context used

📓 Path-based instructions (5)

.github/workflows/{lint,test,typecheck,release}.yml

📄 CodeRabbit inference engine (AGENTS.md)

Common reusable workflows must exist at .github/workflows/lint.yml, test.yml, typecheck.yml, and release.yml

Files:

• .github/workflows/typecheck.yml
• .github/workflows/lint.yml
• .github/workflows/release.yml
• .github/workflows/test.yml

.github/**/*.yml

📄 CodeRabbit inference engine (AGENTS.md)

YAML files use 2-space indentation and filenames use kebab-case with .yml extension

Files:

• .github/workflows/typecheck.yml
• .github/workflows/lint.yml
• .github/workflows/release.yml
• .github/workflows/test.yml

.github/workflows/*.yml

📄 CodeRabbit inference engine (AGENTS.md)

.github/workflows/*.yml: Workflow job IDs are lowercase and concise; step name fields are human-readable
Reference the internal composite action relatively as ./.github/actions/setup-bun so it works with both act and GitHub

Files:

• .github/workflows/typecheck.yml
• .github/workflows/lint.yml
• .github/workflows/release.yml
• .github/workflows/test.yml

.github/{workflows,actions}/**/*.{yml,yaml}

📄 CodeRabbit inference engine (AGENTS.md)

External actions must use stable, versioned tags (e.g., actions/checkout@v5)

Files:

• .github/workflows/typecheck.yml
• .github/workflows/lint.yml
• .github/workflows/release.yml
• .github/workflows/test.yml

.github/workflows/release.yml

📄 CodeRabbit inference engine (AGENTS.md)

release.yml uses npm Trusted Publishing (OIDC); ensure target repo/environment is a Trusted Publisher and grants id-token permission

Files:

• .github/workflows/release.yml

🧠 Learnings (4)

📓 Common learnings

Learnt from: CR
PR: listee-dev/listee-ci#0
File: AGENTS.md:0-0
Timestamp: 2025-09-20T12:49:53.689Z
Learning: Applies to .github/workflows/*.yml : Reference the internal composite action relatively as ./.github/actions/setup-bun so it works with both act and GitHub

Learnt from: CR
PR: listee-dev/listee-ci#0
File: AGENTS.md:0-0
Timestamp: 2025-09-20T12:49:53.689Z
Learning: Applies to .github/workflows/pinact.yml : Include and use pinact.yml workflow to enforce pinned action references

Learnt from: CR
PR: listee-dev/listee-ci#0
File: AGENTS.md:0-0
Timestamp: 2025-09-20T12:49:53.689Z
Learning: Applies to .github/actions/setup-bun/action.@(yml|yaml) : The composite action at .github/actions/setup-bun installs Bun and runs `bun install --frozen-lockfile`

📚 Learning: 2025-09-20T12:49:53.689Z

Learnt from: CR
PR: listee-dev/listee-ci#0
File: AGENTS.md:0-0
Timestamp: 2025-09-20T12:49:53.689Z
Learning: Applies to .github/workflows/*.yml : Reference the internal composite action relatively as ./.github/actions/setup-bun so it works with both act and GitHub

Applied to files:

• .github/workflows/typecheck.yml
• .github/workflows/lint.yml
• .github/workflows/release.yml
• .github/workflows/test.yml

📚 Learning: 2025-09-20T12:49:53.689Z

Learnt from: CR
PR: listee-dev/listee-ci#0
File: AGENTS.md:0-0
Timestamp: 2025-09-20T12:49:53.689Z
Learning: Applies to .github/actions/setup-bun/action.@(yml|yaml) : The composite action at .github/actions/setup-bun installs Bun and runs `bun install --frozen-lockfile`

Applied to files:

• .github/workflows/typecheck.yml
• .github/workflows/lint.yml
• .github/workflows/release.yml
• .github/workflows/test.yml

📚 Learning: 2025-09-20T12:49:53.689Z

Learnt from: CR
PR: listee-dev/listee-ci#0
File: AGENTS.md:0-0
Timestamp: 2025-09-20T12:49:53.689Z
Learning: Applies to .github/workflows/pinact.yml : Include and use pinact.yml workflow to enforce pinned action references

Applied to files:

• .github/workflows/test.yml