chore(ci): skip expensive jobs on non-source changes

.github/workflows/checks.yml

@@ -12,31 +12,64 @@ concurrency:
   cancel-in-progress: true
 
 jobs:
+  changes:
+    name: Detect changed paths
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      pull-requests: read
+    outputs:
+      src: ${{ steps.filter.outputs.src }}
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - id: filter
+        uses: dorny/paths-filter@v3
+        with:
+          filters: |
+            src:
+              - 'src/**'
+              - 'test/**'
+              - 'package.json'
+              - 'pnpm-lock.yaml'
+              - 'tsconfig*.json'
+              - 'biome.json'
+              - '.knip.json'
+              - 'Dockerfile*'
+              - 'docker-compose*.yml'
+              - '.nvmrc'
+              - '.github/workflows/checks.yml'
+
   commit-lint:
     name: Lint commits
     runs-on: ubuntu-latest
+    if: github.event_name == 'pull_request' || github.event_name == 'workflow_dispatch'
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           fetch-depth: 0
       - uses: pnpm/action-setup@v4
-      - uses: actions/setup-node@v3
+      - uses: actions/setup-node@v4
         with:
           node-version-file: .nvmrc
           cache: pnpm
       - name: Install package dependencies
         run: pnpm install --frozen-lockfile
       - name: Run commitlint
         uses: wagoid/commitlint-github-action@v5
+
   lint:
     name: Lint code
     runs-on: ubuntu-latest
+    needs: changes
+    if: needs.changes.outputs.src == 'true'
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       - uses: pnpm/action-setup@v4
-      - uses: actions/setup-node@v3
+      - uses: actions/setup-node@v4
         with:
           node-version-file: .nvmrc
           cache: pnpm
@@ -46,14 +79,17 @@ jobs:
         run: pnpm run lint
       - name: Run Knip
         run: pnpm run check:deps
+
   build-check:
     name: Build check
     runs-on: ubuntu-latest
+    needs: changes
+    if: needs.changes.outputs.src == 'true'
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       - uses: pnpm/action-setup@v4
-      - uses: actions/setup-node@v3
+      - uses: actions/setup-node@v4
         with:
           node-version-file: .nvmrc
           cache: pnpm
@@ -65,18 +101,23 @@ jobs:
         run: pnpm run build
       - name: Verify built CLI entrypoint
         run: pnpm run verify:cli:build
+
   test-units-and-cover:
     name: Unit Tests And Coverage
     runs-on: ubuntu-latest
     needs:
-      - commit-lint
+      - changes
       - lint
       - build-check
+    if: |
+      needs.changes.outputs.src == 'true' &&
+      needs.lint.result == 'success' &&
+      needs.build-check.result == 'success'
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       - uses: pnpm/action-setup@v4
-      - uses: actions/setup-node@v3
+      - uses: actions/setup-node@v4
         with:
           node-version-file: .nvmrc
           cache: pnpm
@@ -96,25 +137,30 @@ jobs:
           name: unit-coverage-lcov
           path: .coverage/unit/lcov.info
       - name: Coveralls
-        uses: coverallsapp/github-action@master
+        uses: coverallsapp/github-action@v2.3.6
         if: ${{ always() }}
         with:
           path-to-lcov: ./.coverage/unit/lcov.info
           flag-name: Unit
           github-token: ${{ secrets.GITHUB_TOKEN }}
           parallel: true
+
   test-integrations-and-cover:
     name: Integration Tests and Coverage
     runs-on: ubuntu-latest
     needs:
-      - commit-lint
+      - changes
       - lint
       - build-check
+    if: |
+      needs.changes.outputs.src == 'true' &&
+      needs.lint.result == 'success' &&
+      needs.build-check.result == 'success'
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       - uses: pnpm/action-setup@v4
-      - uses: actions/setup-node@v3
+      - uses: actions/setup-node@v4
         with:
           node-version-file: .nvmrc
       - name: Run integration tests
@@ -129,7 +175,7 @@ jobs:
       - name: Run coverage for integration tests
         run: pnpm run docker:cover:integration
       - name: Coveralls
-        uses: coverallsapp/github-action@master
+        uses: coverallsapp/github-action@v2.3.6
         if: ${{ always() }}
         with:
           path-to-lcov: .coverage/integration/lcov.info
@@ -142,28 +188,36 @@ jobs:
         with:
           name: integration-coverage-lcov
           path: .coverage/integration/lcov.info
+
   post-tests:
     name: Post Tests
-    needs: [test-units-and-cover, test-integrations-and-cover]
     runs-on: ubuntu-latest
+    needs:
+      - changes
+      - test-units-and-cover
+      - test-integrations-and-cover
     if: ${{ always() }}
     steps:
-    - name: Coveralls Finished
-      uses: coverallsapp/github-action@master
-      with:
-        github-token: ${{ secrets.GITHUB_TOKEN }}
-        parallel-finished: true
+      - name: Coveralls Finished
+        uses: coverallsapp/github-action@v2.3.6
+        if: |
+          needs.test-units-and-cover.result != 'skipped' ||
+          needs.test-integrations-and-cover.result != 'skipped'
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          parallel-finished: true
+
   changeset-check:
     name: Changeset Required
     runs-on: ubuntu-latest
     if: github.event_name == 'pull_request' && github.head_ref != 'changeset-release/main'
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           fetch-depth: 0
       - uses: pnpm/action-setup@v4
-      - uses: actions/setup-node@v3
+      - uses: actions/setup-node@v4
         with:
           node-version-file: .nvmrc
           cache: pnpm