chore: standardize repository setup

[afc163]

Summary

Standardize this rc-component repository as part of the Ant Design rc-component maintenance sweep.

Tracking issue: ant-design/ant-design#58514

Scope

• Redesign README.md and README.zh-CN.md with centered title, Ant Design ecosystem branding, aligned badges, scoped Bundlephobia badge, install command, Usage, Development, Release, and License sections.
• Standardize package metadata, GitHub repo metadata, npm package name, package entry fields, types: "./es/index.d.ts", publishConfig, and release flow through @rc-component/np.
• Align shared dependencies and scripts for React, testing-library, Jest/Vitest where existing, TypeScript, ESLint, Prettier, Less, dumi, father, Husky, lint-staged, and Dependabot.
• Use the shared react-component/rc-test/.github/workflows/test-utoo.yml@main workflow, React Doctor, Codecov, CodeQL, updated GitHub Actions versions, and guarded Surge preview fallback.
• Keep Vercel preview configuration compatible with docs-dist output and remove legacy now-build / Cloudflare Pages residue.
• Keep API docs, demos, tests, TypeScript checks, funding metadata, and npm package files aligned with the repository standardization matrix.

Notes

• No breaking runtime behavior is intended.
• React peer dependency ranges are preserved when narrowing them would be a breaking change.
• secrets: inherit is kept until react-component/rc-test#176 is merged, then it can be narrowed to explicit CODECOV_TOKEN forwarding.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
collapse	Ready	Preview, Comment	Jun 28, 2026 4:34pm

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

Walkthrough

本 PR 更新了工作流与自动化、站点与构建配置，并重写中英文 README，同步调整脚本、依赖、资助信息和许可证。

Changes

CI/CD、部署与文档脚本更新

Layer / File(s)	Summary
工作流与自动化更新 .github/workflows/react-component-ci.yml, .github/workflows/react-doctor.yml, .github/workflows/site-deploy.yml, .github/workflows/surge-preview.yml, .github/dependabot.yml	更新 CI 可复用工作流引用；新增 react-doctor 工作流；site-deploy.yml 更新动作版本与发布目录；新增 surge-preview.yml，包含条件构建与 Surge 发布流程；调整 Dependabot 的更新频率与新增 GitHub Actions 更新源。
站点与构建配置 .dumirc.ts, .gitignore, .prettierignore, tsconfig.json, vercel.json	dumirc.ts 改为基于 GH_PAGES 决定路径；vercel.json 新增安装、构建与输出目录配置；tsconfig.json 调整 paths 数组写法；.gitignore 和 .prettierignore 增加生成产物与常见文件忽略项。
文档、脚本与仓库信息 README.md, README.zh-CN.md, package.json, .github/FUNDING.yml, LICENSE	重写英文 README 并新增中文 README；package.json 更新脚本和开发依赖版本；FUNDING.yml 添加资助入口；LICENSE 替换为 MIT 文本。

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

• react-component/collapse#351: 直接相关的 CI 变更，涉及同类可复用工作流引用的切换。
• react-component/collapse#356: 同样修改了 .dumirc.ts 中的站点路径判断逻辑，属于直接相关的部署配置变更。

Poem

🐇 我把工作流轻轻理顺，
预览与部署一起奔跑；
中英文档翻开新页，
小兔子蹦进构建的晴空；
配置静静落好位置，
这次更新真是刚刚好 🎉

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	标题简洁且与本次统一仓库配置、CI、部署和文档更新的主要变更一致。
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch codex/standardize-rc-config

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands.}

[github-actions]

✅ Preview is ready!

	✅ Ready
	🔗 Preview https://react-component-collapse-preview-pr-435.surge.sh
	📝 Commit	bb29af0
	⏱️ Build time	19.062s
	📦 Size	1.5 MB · 38 files
	🪵 Logs	View logs
	📱 Mobile

_{↩️ Previous: ⚡️ bb29af0 · react-component-collapse-preview-pr-435.surge.sh (open ↗) · 2026-06-28 16:35:42 UTC}

_{🤖 Powered by surge-preview}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 99.24%. Comparing base (781afd9) to head (bb29af0).

Additional details and impacted files

@@           Coverage Diff           @@
##           master     #435   +/-   ##
=======================================
  Coverage   99.24%   99.24%           
=======================================
  Files           5        5           
  Lines         132      132           
  Branches       47       47           
=======================================
  Hits          131      131           
  Misses          1        1           

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[gemini-code-assist]

Code Review

This pull request updates the repository's configuration files, including build scripts, Vercel deployment settings, and documentation. Key changes include updating the prettier script, adding a tsc script, and refining the production site detection logic in .dumirc.ts. Feedback highlights two main issues: first, the updated prettier script uses a wildcard . which causes lint-staged to format the entire repository on every commit; second, the logic for determining isProdSite in .dumirc.ts can break local production previews, and should instead rely on checking GITHUB_ACTIONS.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

[afc163]

AI review follow-up:

• Applied Gemini feedback by making lint-staged run Prettier directly instead of formatting the whole repository through npm run prettier.
• Applied Gemini feedback by making the production GitHub Pages base path depend on GitHub Actions and non-preview builds, while Vercel/Surge/local preview builds keep /.
• CodeRabbit was rate limited and did not provide additional actionable comments.

[vercel]

Deployment failed with the following error:

Resource is limited - try again in 24 hours (more than 100, code: "api-deployments-free-per-day").

Learn More: https://vercel.com/react-component?upgradeToPro=build-rate-limit

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	npm/​@​testing-library/​react@​15.0.7
	npm/​eslint-plugin-unicorn@​56.0.1

View full report

[socket-security]

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert  (click "▶" to expand/collapse)
Warn		Obfuscated code: npm eslint-plugin-unicorn is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: package.json → npm/eslint-plugin-unicorn@56.0.1 ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/eslint-plugin-unicorn@56.0.1. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@package.json`:
- Line 35: The docs deployment command is missing the GH_PAGES build flag, so
`docs:build` runs with the wrong public path when invoked through `docs:deploy`.
Update the `docs:deploy` script in `package.json` to set `GH_PAGES` for the `npm
run docs:build` step before publishing with `gh-pages`, so `.dumirc.ts` switches
`base/publicPath` to `/collapse/` during deployment.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 1be4d3a9-8e95-4c6b-aa85-bdb1cee51828

📥 Commits

Reviewing files that changed from the base of the PR and between 8e2215d and 394d4eb.

📒 Files selected for processing (8)

• .dumirc.ts
• .github/workflows/site-deploy.yml
• .github/workflows/surge-preview.yml
• README.md
• README.zh-CN.md
• package.json
• tsconfig.json
• vercel.json

✅ Files skipped from review due to trivial changes (3)

• tsconfig.json
• README.zh-CN.md
• README.md

🚧 Files skipped from review as they are similar to previous changes (3)

• vercel.json
• .dumirc.ts
• .github/workflows/surge-preview.yml

[coderabbitai]

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

.github/workflows/surge-preview.yml (1)

34-38: 🩺 Stability & Availability | 🟠 Major | ⚡ Quick win

让预览构建与 site-deploy.yml 保持同一安装链路。

这里直接跑 npm install，但 .github/workflows/site-deploy.yml 用的是固定 Node 20 + package-lock-only + npm ci。两边的运行时和依赖解析结果会漂移，导致 Surge 预览与实际站点部署不一致。

建议修改

+      - name: setup node
+        uses: actions/setup-node@v6
+        with:
+          node-version: 20
+
       - name: Build preview
         if: ${{ steps.surge-token.outputs.enabled == 'true' }}
         run: |
-          npm install
+          npm i --package-lock-only --ignore-scripts
+          npm ci
           npm run build

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/surge-preview.yml around lines 34 - 38, The Build preview
step in surge-preview should use the same Node and dependency installation flow
as site-deploy to avoid drift between preview and production. Update the
workflow around the Build preview job to match the fixed Node 20 setup and
switch the install step from npm install to the same lockfile-based npm ci chain
used by site-deploy, so the build uses identical dependency resolution before
running npm run build.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Outside diff comments:
In @.github/workflows/surge-preview.yml:
- Around line 34-38: The Build preview step in surge-preview should use the same
Node and dependency installation flow as site-deploy to avoid drift between
preview and production. Update the workflow around the Build preview job to
match the fixed Node 20 setup and switch the install step from npm install to
the same lockfile-based npm ci chain used by site-deploy, so the build uses
identical dependency resolution before running npm run build.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: e0547e0c-16be-4730-8753-ea362309fd04

📥 Commits

Reviewing files that changed from the base of the PR and between 907fd7b and bbc315e.

📒 Files selected for processing (3)

• .github/dependabot.yml
• .github/workflows/surge-preview.yml
• .prettierignore

✅ Files skipped from review due to trivial changes (1)

• .prettierignore