From 3d8f14ea3339b36508c3e07a4aa484f5640cd96c Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 21 Nov 2024 09:14:43 -0800
Subject: [PATCH 1/3] chore: bump @npmcli/template-oss from 4.7.1 to 4.23.4
(#278)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Bumps [@npmcli/template-oss](https://github.com/npm/template-oss) from
4.7.1 to 4.23.4.
Release notes
Sourced from @npmcli/template-oss's
releases.
v4.23.4
4.23.4
(2024-10-02)
Dependencies
Chores
v4.23.3
4.23.3
(2024-08-26)
Bug Fixes
v4.23.2
4.23.2
(2024-08-13)
Bug Fixes
v4.23.1
4.23.1
(2024-07-17)
Bug Fixes
v4.23.0
4.23.0
(2024-06-27)
Features
Bug Fixes
... (truncated)
Changelog
Sourced from @npmcli/template-oss's
changelog.
4.23.4
(2024-10-02)
Dependencies
Chores
4.23.3
(2024-08-26)
Bug Fixes
4.23.2
(2024-08-13)
Bug Fixes
4.23.1
(2024-07-17)
Bug Fixes
4.23.0
(2024-06-27)
Features
Bug Fixes
Dependencies
... (truncated)
Commits
Maintainer changes
This version was pushed to npm by npm-cli-ops, a new
releaser for @npmcli/template-oss since your current
version.
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
---------
Signed-off-by: dependabot[bot]
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Gar
---
.commitlintrc.js | 4 +-
.eslintrc.js | 3 +
.github/actions/create-check/action.yml | 52 +++
.github/actions/install-latest-npm/action.yml | 58 +++
.github/dependabot.yml | 36 ++
.github/settings.yml | 57 ++-
.github/workflows/audit.yml | 22 +-
.github/workflows/ci-release.yml | 180 ++++------
.github/workflows/ci.yml | 118 +++----
.github/workflows/codeql-analysis.yml | 10 +-
.github/workflows/post-dependabot.yml | 26 +-
.github/workflows/pull-request.yml | 24 +-
.github/workflows/release-integration.yml | 63 ++++
.github/workflows/release.yml | 333 +++++++++---------
.gitignore | 7 +-
CONTRIBUTING.md | 50 +++
SECURITY.md | 12 +-
package.json | 13 +-
release-please-config.json | 5 +-
19 files changed, 662 insertions(+), 411 deletions(-)
create mode 100644 .github/actions/create-check/action.yml
create mode 100644 .github/actions/install-latest-npm/action.yml
create mode 100644 .github/workflows/release-integration.yml
create mode 100644 CONTRIBUTING.md
diff --git a/.commitlintrc.js b/.commitlintrc.js
index 5b0b1a52..b706e527 100644
--- a/.commitlintrc.js
+++ b/.commitlintrc.js
@@ -5,6 +5,8 @@ module.exports = {
rules: {
'type-enum': [2, 'always', ['feat', 'fix', 'docs', 'deps', 'chore']],
'header-max-length': [2, 'always', 80],
- 'subject-case': [0, 'always', ['lower-case', 'sentence-case', 'start-case']],
+ 'subject-case': [0],
+ 'body-max-line-length': [0],
+ 'footer-max-line-length': [0],
},
}
diff --git a/.eslintrc.js b/.eslintrc.js
index 5db9f815..f21d26ec 100644
--- a/.eslintrc.js
+++ b/.eslintrc.js
@@ -10,6 +10,9 @@ const localConfigs = readdir(__dirname)
module.exports = {
root: true,
+ ignorePatterns: [
+ 'tap-testdir*/',
+ ],
extends: [
'@npmcli',
...localConfigs,
diff --git a/.github/actions/create-check/action.yml b/.github/actions/create-check/action.yml
new file mode 100644
index 00000000..d1220c90
--- /dev/null
+++ b/.github/actions/create-check/action.yml
@@ -0,0 +1,52 @@
+# This file is automatically added by @npmcli/template-oss. Do not edit.
+
+name: 'Create Check'
+inputs:
+ name:
+ required: true
+ token:
+ required: true
+ sha:
+ required: true
+ check-name:
+ default: ''
+outputs:
+ check-id:
+ value: ${{ steps.create-check.outputs.check_id }}
+runs:
+ using: "composite"
+ steps:
+ - name: Get Workflow Job
+ uses: actions/github-script@v7
+ id: workflow
+ env:
+ JOB_NAME: "${{ inputs.name }}"
+ SHA: "${{ inputs.sha }}"
+ with:
+ result-encoding: string
+ script: |
+ const { repo: { owner, repo}, runId, serverUrl } = context
+ const { JOB_NAME, SHA } = process.env
+
+ const job = await github.rest.actions.listJobsForWorkflowRun({
+ owner,
+ repo,
+ run_id: runId,
+ per_page: 100
+ }).then(r => r.data.jobs.find(j => j.name.endsWith(JOB_NAME)))
+
+ return [
+ `This check is assosciated with ${serverUrl}/${owner}/${repo}/commit/${SHA}.`,
+ 'Run logs:',
+ job?.html_url || `could not be found for a job ending with: "${JOB_NAME}"`,
+ ].join(' ')
+ - name: Create Check
+ uses: LouisBrunner/checks-action@v1.6.0
+ id: create-check
+ with:
+ token: ${{ inputs.token }}
+ sha: ${{ inputs.sha }}
+ status: in_progress
+ name: ${{ inputs.check-name || inputs.name }}
+ output: |
+ {"summary":"${{ steps.workflow.outputs.result }}"}
diff --git a/.github/actions/install-latest-npm/action.yml b/.github/actions/install-latest-npm/action.yml
new file mode 100644
index 00000000..580603dd
--- /dev/null
+++ b/.github/actions/install-latest-npm/action.yml
@@ -0,0 +1,58 @@
+# This file is automatically added by @npmcli/template-oss. Do not edit.
+
+name: 'Install Latest npm'
+description: 'Install the latest version of npm compatible with the Node version'
+inputs:
+ node:
+ description: 'Current Node version'
+ required: true
+runs:
+ using: "composite"
+ steps:
+ # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows
+ - name: Update Windows npm
+ if: |
+ runner.os == 'Windows' && (
+ startsWith(inputs.node, 'v10.') ||
+ startsWith(inputs.node, 'v12.') ||
+ startsWith(inputs.node, 'v14.')
+ )
+ shell: cmd
+ run: |
+ curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz
+ tar xf npm-7.5.4.tgz
+ cd package
+ node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz
+ cd ..
+ rmdir /s /q package
+ - name: Install Latest npm
+ shell: bash
+ env:
+ NODE_VERSION: ${{ inputs.node }}
+ working-directory: ${{ runner.temp }}
+ run: |
+ MATCH=""
+ SPECS=("latest" "next-10" "next-9" "next-8" "next-7" "next-6")
+
+ echo "node@$NODE_VERSION"
+
+ for SPEC in ${SPECS[@]}; do
+ ENGINES=$(npm view npm@$SPEC --json | jq -r '.engines.node')
+ echo "Checking if node@$NODE_VERSION satisfies npm@$SPEC ($ENGINES)"
+
+ if npx semver -r "$ENGINES" "$NODE_VERSION" > /dev/null; then
+ MATCH=$SPEC
+ echo "Found compatible version: npm@$MATCH"
+ break
+ fi
+ done
+
+ if [ -z $MATCH ]; then
+ echo "Could not find a compatible version of npm for node@$NODE_VERSION"
+ exit 1
+ fi
+
+ npm i --prefer-online --no-fund --no-audit -g npm@$MATCH
+ - name: npm Version
+ shell: bash
+ run: npm -v
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 8da2a452..d735ccf2 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -7,6 +7,7 @@ updates:
directory: /
schedule:
interval: daily
+ target-branch: "main"
allow:
- dependency-type: direct
versioning-strategy: increase-if-necessary
@@ -15,3 +16,38 @@ updates:
prefix-development: chore
labels:
- "Dependencies"
+ open-pull-requests-limit: 10
+ - package-ecosystem: npm
+ directory: /
+ schedule:
+ interval: daily
+ target-branch: "release/v5"
+ allow:
+ - dependency-type: direct
+ dependency-name: "@npmcli/template-oss"
+ versioning-strategy: increase-if-necessary
+ commit-message:
+ prefix: deps
+ prefix-development: chore
+ labels:
+ - "Dependencies"
+ - "Backport"
+ - "release/v5"
+ open-pull-requests-limit: 10
+ - package-ecosystem: npm
+ directory: /
+ schedule:
+ interval: daily
+ target-branch: "release/v6"
+ allow:
+ - dependency-type: direct
+ dependency-name: "@npmcli/template-oss"
+ versioning-strategy: increase-if-necessary
+ commit-message:
+ prefix: deps
+ prefix-development: chore
+ labels:
+ - "Dependencies"
+ - "Backport"
+ - "release/v6"
+ open-pull-requests-limit: 10
diff --git a/.github/settings.yml b/.github/settings.yml
index 1019e26f..206b6eeb 100644
--- a/.github/settings.yml
+++ b/.github/settings.yml
@@ -1,2 +1,55 @@
----
-_extends: '.github:npm-cli/settings.yml'
+# This file is automatically added by @npmcli/template-oss. Do not edit.
+
+repository:
+ allow_merge_commit: false
+ allow_rebase_merge: true
+ allow_squash_merge: true
+ squash_merge_commit_title: PR_TITLE
+ squash_merge_commit_message: PR_BODY
+ delete_branch_on_merge: true
+ enable_automated_security_fixes: true
+ enable_vulnerability_alerts: true
+
+branches:
+ - name: main
+ protection:
+ required_status_checks: null
+ enforce_admins: true
+ block_creations: true
+ required_pull_request_reviews:
+ required_approving_review_count: 1
+ require_code_owner_reviews: true
+ require_last_push_approval: true
+ dismiss_stale_reviews: true
+ restrictions:
+ apps: []
+ users: []
+ teams: [ "cli-team" ]
+ - name: release/v5
+ protection:
+ required_status_checks: null
+ enforce_admins: true
+ block_creations: true
+ required_pull_request_reviews:
+ required_approving_review_count: 1
+ require_code_owner_reviews: true
+ require_last_push_approval: true
+ dismiss_stale_reviews: true
+ restrictions:
+ apps: []
+ users: []
+ teams: [ "cli-team" ]
+ - name: release/v6
+ protection:
+ required_status_checks: null
+ enforce_admins: true
+ block_creations: true
+ required_pull_request_reviews:
+ required_approving_review_count: 1
+ require_code_owner_reviews: true
+ require_last_push_approval: true
+ dismiss_stale_reviews: true
+ restrictions:
+ apps: []
+ users: []
+ teams: [ "cli-team" ]
diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml
index 60bb334b..a3ae7257 100644
--- a/.github/workflows/audit.yml
+++ b/.github/workflows/audit.yml
@@ -18,20 +18,24 @@ jobs:
shell: bash
steps:
- name: Checkout
- uses: actions/checkout@v3
+ uses: actions/checkout@v4
- name: Setup Git User
run: |
git config --global user.email "npm-cli+bot@github.com"
git config --global user.name "npm CLI robot"
- name: Setup Node
- uses: actions/setup-node@v3
+ uses: actions/setup-node@v4
+ id: node
with:
- node-version: 18.x
- - name: Install npm@latest
- run: npm i --prefer-online --no-fund --no-audit -g npm@latest
- - name: npm Version
- run: npm -v
+ node-version: 22.x
+ check-latest: contains('22.x', '.x')
+ - name: Install Latest npm
+ uses: ./.github/actions/install-latest-npm
+ with:
+ node: ${{ steps.node.outputs.node-version }}
- name: Install Dependencies
run: npm i --ignore-scripts --no-audit --no-fund --package-lock
- - name: Run Audit
- run: npm audit
+ - name: Run Production Audit
+ run: npm audit --omit=dev
+ - name: Run Full Audit
+ run: npm audit --audit-level=none
diff --git a/.github/workflows/ci-release.yml b/.github/workflows/ci-release.yml
index 6e80aa69..d8d761f2 100644
--- a/.github/workflows/ci-release.yml
+++ b/.github/workflows/ci-release.yml
@@ -27,65 +27,32 @@ jobs:
run:
shell: bash
steps:
- - name: Get Workflow Job
- uses: actions/github-script@v6
- if: inputs.check-sha
- id: check-output
- env:
- JOB_NAME: "Lint All"
- MATRIX_NAME: ""
- with:
- script: |
- const { owner, repo } = context.repo
-
- const { data } = await github.rest.actions.listJobsForWorkflowRun({
- owner,
- repo,
- run_id: context.runId,
- per_page: 100
- })
-
- const jobName = process.env.JOB_NAME + process.env.MATRIX_NAME
- const job = data.jobs.find(j => j.name.endsWith(jobName))
- const jobUrl = job?.html_url
-
- const shaUrl = `${context.serverUrl}/${owner}/${repo}/commit/${{ inputs.check-sha }}`
-
- let summary = `This check is assosciated with ${shaUrl}\n\n`
-
- if (jobUrl) {
- summary += `For run logs, click here: ${jobUrl}`
- } else {
- summary += `Run logs could not be found for a job with name: "${jobName}"`
- }
-
- return { summary }
- - name: Create Check
- uses: LouisBrunner/checks-action@v1.3.1
- id: check
- if: inputs.check-sha
- with:
- token: ${{ secrets.GITHUB_TOKEN }}
- status: in_progress
- name: Lint All
- sha: ${{ inputs.check-sha }}
- output: ${{ steps.check-output.outputs.result }}
- name: Checkout
- uses: actions/checkout@v3
+ uses: actions/checkout@v4
with:
ref: ${{ inputs.ref }}
- name: Setup Git User
run: |
git config --global user.email "npm-cli+bot@github.com"
git config --global user.name "npm CLI robot"
+ - name: Create Check
+ id: create-check
+ if: ${{ inputs.check-sha }}
+ uses: ./.github/actions/create-check
+ with:
+ name: "Lint All"
+ token: ${{ secrets.GITHUB_TOKEN }}
+ sha: ${{ inputs.check-sha }}
- name: Setup Node
- uses: actions/setup-node@v3
+ uses: actions/setup-node@v4
+ id: node
+ with:
+ node-version: 22.x
+ check-latest: contains('22.x', '.x')
+ - name: Install Latest npm
+ uses: ./.github/actions/install-latest-npm
with:
- node-version: 18.x
- - name: Install npm@latest
- run: npm i --prefer-online --no-fund --no-audit -g npm@latest
- - name: npm Version
- run: npm -v
+ node: ${{ steps.node.outputs.node-version }}
- name: Install Dependencies
run: npm i --ignore-scripts --no-audit --no-fund
- name: Lint
@@ -93,12 +60,12 @@ jobs:
- name: Post Lint
run: npm run postlint --ignore-scripts
- name: Conclude Check
- uses: LouisBrunner/checks-action@v1.3.1
- if: steps.check.outputs.check_id && always()
+ uses: LouisBrunner/checks-action@v1.6.0
+ if: steps.create-check.outputs.check-id && always()
with:
token: ${{ secrets.GITHUB_TOKEN }}
conclusion: ${{ job.status }}
- check_id: ${{ steps.check.outputs.check_id }}
+ check_id: ${{ steps.create-check.outputs.check-id }}
test-all:
name: Test All - ${{ matrix.platform.name }} - ${{ matrix.node-version }}
@@ -113,6 +80,9 @@ jobs:
- name: macOS
os: macos-latest
shell: bash
+ - name: macOS
+ os: macos-13
+ shell: bash
- name: Windows
os: windows-latest
shell: cmd
@@ -123,84 +93,56 @@ jobs:
- 16.x
- 18.0.0
- 18.x
+ - 20.x
+ - 22.x
+ exclude:
+ - platform: { name: macOS, os: macos-latest, shell: bash }
+ node-version: 14.17.0
+ - platform: { name: macOS, os: macos-latest, shell: bash }
+ node-version: 14.x
+ - platform: { name: macOS, os: macos-13, shell: bash }
+ node-version: 16.13.0
+ - platform: { name: macOS, os: macos-13, shell: bash }
+ node-version: 16.x
+ - platform: { name: macOS, os: macos-13, shell: bash }
+ node-version: 18.0.0
+ - platform: { name: macOS, os: macos-13, shell: bash }
+ node-version: 18.x
+ - platform: { name: macOS, os: macos-13, shell: bash }
+ node-version: 20.x
+ - platform: { name: macOS, os: macos-13, shell: bash }
+ node-version: 22.x
runs-on: ${{ matrix.platform.os }}
defaults:
run:
shell: ${{ matrix.platform.shell }}
steps:
- - name: Get Workflow Job
- uses: actions/github-script@v6
- if: inputs.check-sha
- id: check-output
- env:
- JOB_NAME: "Test All"
- MATRIX_NAME: " - ${{ matrix.platform.name }} - ${{ matrix.node-version }}"
- with:
- script: |
- const { owner, repo } = context.repo
-
- const { data } = await github.rest.actions.listJobsForWorkflowRun({
- owner,
- repo,
- run_id: context.runId,
- per_page: 100
- })
-
- const jobName = process.env.JOB_NAME + process.env.MATRIX_NAME
- const job = data.jobs.find(j => j.name.endsWith(jobName))
- const jobUrl = job?.html_url
-
- const shaUrl = `${context.serverUrl}/${owner}/${repo}/commit/${{ inputs.check-sha }}`
-
- let summary = `This check is assosciated with ${shaUrl}\n\n`
-
- if (jobUrl) {
- summary += `For run logs, click here: ${jobUrl}`
- } else {
- summary += `Run logs could not be found for a job with name: "${jobName}"`
- }
-
- return { summary }
- - name: Create Check
- uses: LouisBrunner/checks-action@v1.3.1
- id: check
- if: inputs.check-sha
- with:
- token: ${{ secrets.GITHUB_TOKEN }}
- status: in_progress
- name: Test All - ${{ matrix.platform.name }} - ${{ matrix.node-version }}
- sha: ${{ inputs.check-sha }}
- output: ${{ steps.check-output.outputs.result }}
- name: Checkout
- uses: actions/checkout@v3
+ uses: actions/checkout@v4
with:
ref: ${{ inputs.ref }}
- name: Setup Git User
run: |
git config --global user.email "npm-cli+bot@github.com"
git config --global user.name "npm CLI robot"
+ - name: Create Check
+ id: create-check
+ if: ${{ inputs.check-sha }}
+ uses: ./.github/actions/create-check
+ with:
+ name: "Test All - ${{ matrix.platform.name }} - ${{ matrix.node-version }}"
+ token: ${{ secrets.GITHUB_TOKEN }}
+ sha: ${{ inputs.check-sha }}
- name: Setup Node
- uses: actions/setup-node@v3
+ uses: actions/setup-node@v4
+ id: node
with:
node-version: ${{ matrix.node-version }}
- - name: Update Windows npm
- # node 12 and 14 ship with npm@6, which is known to fail when updating itself in windows
- if: matrix.platform.os == 'windows-latest' && (startsWith(matrix.node-version, '12.') || startsWith(matrix.node-version, '14.'))
- run: |
- curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz
- tar xf npm-7.5.4.tgz
- cd package
- node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz
- cd ..
- rmdir /s /q package
- - name: Install npm@7
- if: startsWith(matrix.node-version, '10.')
- run: npm i --prefer-online --no-fund --no-audit -g npm@7
- - name: Install npm@latest
- if: ${{ !startsWith(matrix.node-version, '10.') }}
- run: npm i --prefer-online --no-fund --no-audit -g npm@latest
- - name: npm Version
- run: npm -v
+ check-latest: contains(matrix.node-version, '.x')
+ - name: Install Latest npm
+ uses: ./.github/actions/install-latest-npm
+ with:
+ node: ${{ steps.node.outputs.node-version }}
- name: Install Dependencies
run: npm i --ignore-scripts --no-audit --no-fund
- name: Add Problem Matcher
@@ -208,9 +150,9 @@ jobs:
- name: Test
run: npm test --ignore-scripts
- name: Conclude Check
- uses: LouisBrunner/checks-action@v1.3.1
- if: steps.check.outputs.check_id && always()
+ uses: LouisBrunner/checks-action@v1.6.0
+ if: steps.create-check.outputs.check-id && always()
with:
token: ${{ secrets.GITHUB_TOKEN }}
conclusion: ${{ job.status }}
- check_id: ${{ steps.check.outputs.check_id }}
+ check_id: ${{ steps.create-check.outputs.check-id }}
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index a6c934ae..3760663d 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -8,62 +8,12 @@ on:
push:
branches:
- main
- - latest
+ - release/v*
schedule:
# "At 09:00 UTC (02:00 PT) on Monday" https://crontab.guru/#0_9_*_*_1
- cron: "0 9 * * 1"
jobs:
- engines:
- name: Engines - ${{ matrix.platform.name }} - ${{ matrix.node-version }}
- if: github.repository_owner == 'npm'
- strategy:
- fail-fast: false
- matrix:
- platform:
- - name: Linux
- os: ubuntu-latest
- shell: bash
- node-version:
- - 14.17.0
- - 16.13.0
- - 18.0.0
- runs-on: ${{ matrix.platform.os }}
- defaults:
- run:
- shell: ${{ matrix.platform.shell }}
- steps:
- - name: Checkout
- uses: actions/checkout@v3
- - name: Setup Git User
- run: |
- git config --global user.email "npm-cli+bot@github.com"
- git config --global user.name "npm CLI robot"
- - name: Setup Node
- uses: actions/setup-node@v3
- with:
- node-version: ${{ matrix.node-version }}
- - name: Update Windows npm
- # node 12 and 14 ship with npm@6, which is known to fail when updating itself in windows
- if: matrix.platform.os == 'windows-latest' && (startsWith(matrix.node-version, '12.') || startsWith(matrix.node-version, '14.'))
- run: |
- curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz
- tar xf npm-7.5.4.tgz
- cd package
- node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz
- cd ..
- rmdir /s /q package
- - name: Install npm@7
- if: startsWith(matrix.node-version, '10.')
- run: npm i --prefer-online --no-fund --no-audit -g npm@7
- - name: Install npm@latest
- if: ${{ !startsWith(matrix.node-version, '10.') }}
- run: npm i --prefer-online --no-fund --no-audit -g npm@latest
- - name: npm Version
- run: npm -v
- - name: Install Dependencies
- run: npm i --ignore-scripts --no-audit --no-fund --engines-strict
-
lint:
name: Lint
if: github.repository_owner == 'npm'
@@ -73,19 +23,21 @@ jobs:
shell: bash
steps:
- name: Checkout
- uses: actions/checkout@v3
+ uses: actions/checkout@v4
- name: Setup Git User
run: |
git config --global user.email "npm-cli+bot@github.com"
git config --global user.name "npm CLI robot"
- name: Setup Node
- uses: actions/setup-node@v3
+ uses: actions/setup-node@v4
+ id: node
+ with:
+ node-version: 22.x
+ check-latest: contains('22.x', '.x')
+ - name: Install Latest npm
+ uses: ./.github/actions/install-latest-npm
with:
- node-version: 18.x
- - name: Install npm@latest
- run: npm i --prefer-online --no-fund --no-audit -g npm@latest
- - name: npm Version
- run: npm -v
+ node: ${{ steps.node.outputs.node-version }}
- name: Install Dependencies
run: npm i --ignore-scripts --no-audit --no-fund
- name: Lint
@@ -106,6 +58,9 @@ jobs:
- name: macOS
os: macos-latest
shell: bash
+ - name: macOS
+ os: macos-13
+ shell: bash
- name: Windows
os: windows-latest
shell: cmd
@@ -116,39 +71,46 @@ jobs:
- 16.x
- 18.0.0
- 18.x
+ - 20.x
+ - 22.x
+ exclude:
+ - platform: { name: macOS, os: macos-latest, shell: bash }
+ node-version: 14.17.0
+ - platform: { name: macOS, os: macos-latest, shell: bash }
+ node-version: 14.x
+ - platform: { name: macOS, os: macos-13, shell: bash }
+ node-version: 16.13.0
+ - platform: { name: macOS, os: macos-13, shell: bash }
+ node-version: 16.x
+ - platform: { name: macOS, os: macos-13, shell: bash }
+ node-version: 18.0.0
+ - platform: { name: macOS, os: macos-13, shell: bash }
+ node-version: 18.x
+ - platform: { name: macOS, os: macos-13, shell: bash }
+ node-version: 20.x
+ - platform: { name: macOS, os: macos-13, shell: bash }
+ node-version: 22.x
runs-on: ${{ matrix.platform.os }}
defaults:
run:
shell: ${{ matrix.platform.shell }}
steps:
- name: Checkout
- uses: actions/checkout@v3
+ uses: actions/checkout@v4
- name: Setup Git User
run: |
git config --global user.email "npm-cli+bot@github.com"
git config --global user.name "npm CLI robot"
- name: Setup Node
- uses: actions/setup-node@v3
+ uses: actions/setup-node@v4
+ id: node
with:
node-version: ${{ matrix.node-version }}
- - name: Update Windows npm
- # node 12 and 14 ship with npm@6, which is known to fail when updating itself in windows
- if: matrix.platform.os == 'windows-latest' && (startsWith(matrix.node-version, '12.') || startsWith(matrix.node-version, '14.'))
- run: |
- curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz
- tar xf npm-7.5.4.tgz
- cd package
- node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz
- cd ..
- rmdir /s /q package
- - name: Install npm@7
- if: startsWith(matrix.node-version, '10.')
- run: npm i --prefer-online --no-fund --no-audit -g npm@7
- - name: Install npm@latest
- if: ${{ !startsWith(matrix.node-version, '10.') }}
- run: npm i --prefer-online --no-fund --no-audit -g npm@latest
- - name: npm Version
- run: npm -v
+ check-latest: contains(matrix.node-version, '.x')
+ - name: Install Latest npm
+ uses: ./.github/actions/install-latest-npm
+ with:
+ node: ${{ steps.node.outputs.node-version }}
- name: Install Dependencies
run: npm i --ignore-scripts --no-audit --no-fund
- name: Add Problem Matcher
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 66b9498a..f8b17025 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -6,11 +6,11 @@ on:
push:
branches:
- main
- - latest
+ - release/v*
pull_request:
branches:
- main
- - latest
+ - release/v*
schedule:
# "At 10:00 UTC (03:00 PT) on Monday" https://crontab.guru/#0_10_*_*_1
- cron: "0 10 * * 1"
@@ -25,14 +25,14 @@ jobs:
security-events: write
steps:
- name: Checkout
- uses: actions/checkout@v3
+ uses: actions/checkout@v4
- name: Setup Git User
run: |
git config --global user.email "npm-cli+bot@github.com"
git config --global user.name "npm CLI robot"
- name: Initialize CodeQL
- uses: github/codeql-action/init@v2
+ uses: github/codeql-action/init@v3
with:
languages: javascript
- name: Perform CodeQL Analysis
- uses: github/codeql-action/analyze@v2
+ uses: github/codeql-action/analyze@v3
diff --git a/.github/workflows/post-dependabot.yml b/.github/workflows/post-dependabot.yml
index 19902bdc..1ea8693c 100644
--- a/.github/workflows/post-dependabot.yml
+++ b/.github/workflows/post-dependabot.yml
@@ -17,7 +17,7 @@ jobs:
shell: bash
steps:
- name: Checkout
- uses: actions/checkout@v3
+ uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.ref }}
- name: Setup Git User
@@ -25,13 +25,15 @@ jobs:
git config --global user.email "npm-cli+bot@github.com"
git config --global user.name "npm CLI robot"
- name: Setup Node
- uses: actions/setup-node@v3
+ uses: actions/setup-node@v4
+ id: node
with:
- node-version: 18.x
- - name: Install npm@latest
- run: npm i --prefer-online --no-fund --no-audit -g npm@latest
- - name: npm Version
- run: npm -v
+ node-version: 22.x
+ check-latest: contains('22.x', '.x')
+ - name: Install Latest npm
+ uses: ./.github/actions/install-latest-npm
+ with:
+ node: ${{ steps.node.outputs.node-version }}
- name: Install Dependencies
run: npm i --ignore-scripts --no-audit --no-fund
- name: Fetch Dependabot Metadata
@@ -47,12 +49,12 @@ jobs:
id: flags
run: |
dependabot_dir="${{ steps.metadata.outputs.directory }}"
- if [[ "$dependabot_dir" == "/" ]]; then
- echo "::set-output name=workspace::-iwr"
+ if [[ "$dependabot_dir" == "/" || "$dependabot_dir" == "/main" ]]; then
+ echo "workspace=-iwr" >> $GITHUB_OUTPUT
else
# strip leading slash from directory so it works as a
# a path to the workspace flag
- echo "::set-output name=workspace::-w ${dependabot_dir#/}"
+ echo "workspace=-w ${dependabot_dir#/}" >> $GITHUB_OUTPUT
fi
- name: Apply Changes
@@ -61,7 +63,7 @@ jobs:
run: |
npm run template-oss-apply ${{ steps.flags.outputs.workspace }}
if [[ `git status --porcelain` ]]; then
- echo "::set-output name=changes::true"
+ echo "changes=true" >> $GITHUB_OUTPUT
fi
# This only sets the conventional commit prefix. This workflow can't reliably determine
# what the breaking change is though. If a BREAKING CHANGE message is required then
@@ -71,7 +73,7 @@ jobs:
else
prefix='chore'
fi
- echo "::set-output name=message::$prefix: postinstall for dependabot template-oss PR"
+ echo "message=$prefix: postinstall for dependabot template-oss PR" >> $GITHUB_OUTPUT
# This step will fail if template-oss has made any workflow updates. It is impossible
# for a workflow to update other workflows. In the case it does fail, we continue
diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml
index 1a1d1ee8..7dbdfd41 100644
--- a/.github/workflows/pull-request.yml
+++ b/.github/workflows/pull-request.yml
@@ -20,7 +20,7 @@ jobs:
shell: bash
steps:
- name: Checkout
- uses: actions/checkout@v3
+ uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Setup Git User
@@ -28,21 +28,23 @@ jobs:
git config --global user.email "npm-cli+bot@github.com"
git config --global user.name "npm CLI robot"
- name: Setup Node
- uses: actions/setup-node@v3
+ uses: actions/setup-node@v4
+ id: node
with:
- node-version: 18.x
- - name: Install npm@latest
- run: npm i --prefer-online --no-fund --no-audit -g npm@latest
- - name: npm Version
- run: npm -v
+ node-version: 22.x
+ check-latest: contains('22.x', '.x')
+ - name: Install Latest npm
+ uses: ./.github/actions/install-latest-npm
+ with:
+ node: ${{ steps.node.outputs.node-version }}
- name: Install Dependencies
run: npm i --ignore-scripts --no-audit --no-fund
- name: Run Commitlint on Commits
id: commit
continue-on-error: true
- run: |
- npx --offline commitlint -V --from origin/${{ github.base_ref }} --to ${{ github.event.pull_request.head.sha }}
+ run: npx --offline commitlint -V --from 'origin/${{ github.base_ref }}' --to ${{ github.event.pull_request.head.sha }}
- name: Run Commitlint on PR Title
if: steps.commit.outcome == 'failure'
- run: |
- echo ${{ github.event.pull_request.title }} | npx --offline commitlint -V
+ env:
+ PR_TITLE: ${{ github.event.pull_request.title }}
+ run: echo "$PR_TITLE" | npx --offline commitlint -V
diff --git a/.github/workflows/release-integration.yml b/.github/workflows/release-integration.yml
new file mode 100644
index 00000000..bcec6860
--- /dev/null
+++ b/.github/workflows/release-integration.yml
@@ -0,0 +1,63 @@
+# This file is automatically added by @npmcli/template-oss. Do not edit.
+
+name: Release Integration
+
+on:
+ workflow_dispatch:
+ inputs:
+ releases:
+ required: true
+ type: string
+ description: 'A json array of releases. Required fields: publish: tagName, publishTag. publish check: pkgName, version'
+ workflow_call:
+ inputs:
+ releases:
+ required: true
+ type: string
+ description: 'A json array of releases. Required fields: publish: tagName, publishTag. publish check: pkgName, version'
+
+jobs:
+ publish:
+ name: Check Publish
+ runs-on: ubuntu-latest
+ defaults:
+ run:
+ shell: bash
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v4
+ - name: Setup Git User
+ run: |
+ git config --global user.email "npm-cli+bot@github.com"
+ git config --global user.name "npm CLI robot"
+ - name: Setup Node
+ uses: actions/setup-node@v4
+ id: node
+ with:
+ node-version: 22.x
+ check-latest: contains('22.x', '.x')
+ - name: Install Latest npm
+ uses: ./.github/actions/install-latest-npm
+ with:
+ node: ${{ steps.node.outputs.node-version }}
+ - name: Install Dependencies
+ run: npm i --ignore-scripts --no-audit --no-fund
+ - name: Check If Published
+ env:
+ RELEASES: ${{ inputs.releases }}
+ run: |
+ EXIT_CODE=0
+
+ for release in $(echo $RELEASES | jq -r '.[] | @base64'); do
+ SPEC="$(echo "$release" | base64 --decode | jq -r .pkgName)@$(echo "$release" | base64 --decode | jq -r .version)"
+ npm view "$SPEC" --json
+ STATUS=$?
+ if [[ "$STATUS" -eq 1 ]]; then
+ EXIT_CODE=$STATUS
+ echo "$SPEC ERROR"
+ else
+ echo "$SPEC OK"
+ fi
+ done
+
+ exit $EXIT_CODE
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 15d37cb6..80060b69 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -3,11 +3,9 @@
name: Release
on:
- workflow_dispatch:
push:
branches:
- main
- - latest
- release/v*
permissions:
@@ -19,12 +17,12 @@ jobs:
release:
outputs:
pr: ${{ steps.release.outputs.pr }}
- releases: ${{ steps.release.outputs.releases }}
- release-flags: ${{ steps.release.outputs.release-flags }}
- branch: ${{ steps.release.outputs.pr-branch }}
+ pr-branch: ${{ steps.release.outputs.pr-branch }}
pr-number: ${{ steps.release.outputs.pr-number }}
- comment-id: ${{ steps.pr-comment.outputs.result }}
- check-id: ${{ steps.check.outputs.check_id }}
+ pr-sha: ${{ steps.release.outputs.pr-sha }}
+ releases: ${{ steps.release.outputs.releases }}
+ comment-id: ${{ steps.create-comment.outputs.comment-id || steps.update-comment.outputs.comment-id }}
+ check-id: ${{ steps.create-check.outputs.check-id }}
name: Release
if: github.repository_owner == 'npm'
runs-on: ubuntu-latest
@@ -33,109 +31,75 @@ jobs:
shell: bash
steps:
- name: Checkout
- uses: actions/checkout@v3
+ uses: actions/checkout@v4
- name: Setup Git User
run: |
git config --global user.email "npm-cli+bot@github.com"
git config --global user.name "npm CLI robot"
- name: Setup Node
- uses: actions/setup-node@v3
+ uses: actions/setup-node@v4
+ id: node
+ with:
+ node-version: 22.x
+ check-latest: contains('22.x', '.x')
+ - name: Install Latest npm
+ uses: ./.github/actions/install-latest-npm
with:
- node-version: 18.x
- - name: Install npm@latest
- run: npm i --prefer-online --no-fund --no-audit -g npm@latest
- - name: npm Version
- run: npm -v
+ node: ${{ steps.node.outputs.node-version }}
- name: Install Dependencies
run: npm i --ignore-scripts --no-audit --no-fund
- name: Release Please
id: release
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- run: |
- npx --offline template-oss-release-please ${{ github.ref_name }} ${{ github.event_name }}
- - name: Post Pull Request Comment
+ run: npx --offline template-oss-release-please --branch="${{ github.ref_name }}" --backport="" --defaultTag="latest"
+ - name: Create Release Manager Comment Text
if: steps.release.outputs.pr-number
- uses: actions/github-script@v6
- id: pr-comment
- env:
- PR_NUMBER: ${{ steps.release.outputs.pr-number }}
- REF_NAME: ${{ github.ref_name }}
+ uses: actions/github-script@v7
+ id: comment-text
with:
+ result-encoding: string
script: |
- const { REF_NAME, PR_NUMBER } = process.env
- const repo = { owner: context.repo.owner, repo: context.repo.repo }
- const issue = { ...repo, issue_number: PR_NUMBER }
-
- const { data: workflow } = await github.rest.actions.getWorkflowRun({ ...repo, run_id: context.runId })
-
- let body = '## Release Manager\n\n'
-
- const comments = await github.paginate(github.rest.issues.listComments, issue)
- let commentId = comments?.find(c => c.user.login === 'github-actions[bot]' && c.body.startsWith(body))?.id
-
- body += `Release workflow run: ${workflow.html_url}\n\n#### Force CI to Rerun for This Release\n\n`
- body += `This PR will be updated and CI will run for every non-\`chore:\` commit that is pushed to \`main\`. `
- body += `To force CI to rerun, run this command:\n\n`
- body += `\`\`\`\ngh workflow run release.yml -r ${REF_NAME}\n\`\`\``
-
- if (commentId) {
- await github.rest.issues.updateComment({ ...repo, comment_id: commentId, body })
- } else {
- const { data: comment } = await github.rest.issues.createComment({ ...issue, body })
- commentId = comment?.id
- }
-
- return commentId
- - name: Get Workflow Job
- uses: actions/github-script@v6
- if: steps.release.outputs.pr-sha
- id: check-output
- env:
- JOB_NAME: "Release"
- MATRIX_NAME: ""
+ const { runId, repo: { owner, repo } } = context
+ const { data: workflow } = await github.rest.actions.getWorkflowRun({ owner, repo, run_id: runId })
+ return['## Release Manager', `Release workflow run: ${workflow.html_url}`].join('\n\n')
+ - name: Find Release Manager Comment
+ uses: peter-evans/find-comment@v2
+ if: steps.release.outputs.pr-number
+ id: found-comment
with:
- script: |
- const { owner, repo } = context.repo
-
- const { data } = await github.rest.actions.listJobsForWorkflowRun({
- owner,
- repo,
- run_id: context.runId,
- per_page: 100
- })
-
- const jobName = process.env.JOB_NAME + process.env.MATRIX_NAME
- const job = data.jobs.find(j => j.name.endsWith(jobName))
- const jobUrl = job?.html_url
-
- const shaUrl = `${context.serverUrl}/${owner}/${repo}/commit/${{ steps.release.outputs.pr-sha }}`
-
- let summary = `This check is assosciated with ${shaUrl}\n\n`
-
- if (jobUrl) {
- summary += `For run logs, click here: ${jobUrl}`
- } else {
- summary += `Run logs could not be found for a job with name: "${jobName}"`
- }
-
- return { summary }
+ issue-number: ${{ steps.release.outputs.pr-number }}
+ comment-author: 'github-actions[bot]'
+ body-includes: '## Release Manager'
+ - name: Create Release Manager Comment
+ id: create-comment
+ if: steps.release.outputs.pr-number && !steps.found-comment.outputs.comment-id
+ uses: peter-evans/create-or-update-comment@v3
+ with:
+ issue-number: ${{ steps.release.outputs.pr-number }}
+ body: ${{ steps.comment-text.outputs.result }}
+ - name: Update Release Manager Comment
+ id: update-comment
+ if: steps.release.outputs.pr-number && steps.found-comment.outputs.comment-id
+ uses: peter-evans/create-or-update-comment@v3
+ with:
+ comment-id: ${{ steps.found-comment.outputs.comment-id }}
+ body: ${{ steps.comment-text.outputs.result }}
+ edit-mode: 'replace'
- name: Create Check
- uses: LouisBrunner/checks-action@v1.3.1
- id: check
+ id: create-check
+ uses: ./.github/actions/create-check
if: steps.release.outputs.pr-sha
with:
+ name: "Release"
token: ${{ secrets.GITHUB_TOKEN }}
- status: in_progress
- name: Release
sha: ${{ steps.release.outputs.pr-sha }}
- output: ${{ steps.check-output.outputs.result }}
update:
needs: release
outputs:
sha: ${{ steps.commit.outputs.sha }}
- check-id: ${{ steps.check.outputs.check_id }}
+ check-id: ${{ steps.create-check.outputs.check-id }}
name: Update - Release
if: github.repository_owner == 'npm' && needs.release.outputs.pr
runs-on: ubuntu-latest
@@ -144,32 +108,41 @@ jobs:
shell: bash
steps:
- name: Checkout
- uses: actions/checkout@v3
+ uses: actions/checkout@v4
with:
fetch-depth: 0
- ref: ${{ needs.release.outputs.branch }}
+ ref: ${{ needs.release.outputs.pr-branch }}
- name: Setup Git User
run: |
git config --global user.email "npm-cli+bot@github.com"
git config --global user.name "npm CLI robot"
- name: Setup Node
- uses: actions/setup-node@v3
+ uses: actions/setup-node@v4
+ id: node
+ with:
+ node-version: 22.x
+ check-latest: contains('22.x', '.x')
+ - name: Install Latest npm
+ uses: ./.github/actions/install-latest-npm
with:
- node-version: 18.x
- - name: Install npm@latest
- run: npm i --prefer-online --no-fund --no-audit -g npm@latest
- - name: npm Version
- run: npm -v
+ node: ${{ steps.node.outputs.node-version }}
- name: Install Dependencies
run: npm i --ignore-scripts --no-audit --no-fund
+ - name: Create Release Manager Checklist Text
+ id: comment-text
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ run: npm exec --offline -- template-oss-release-manager --pr="${{ needs.release.outputs.pr-number }}" --backport="" --defaultTag="latest"
+ - name: Append Release Manager Comment
+ uses: peter-evans/create-or-update-comment@v3
+ with:
+ comment-id: ${{ needs.release.outputs.comment-id }}
+ body: ${{ steps.comment-text.outputs.result }}
+ edit-mode: 'append'
- name: Run Post Pull Request Actions
env:
- RELEASE_PR_NUMBER: ${{ needs.release.outputs.pr-number }}
- RELEASE_COMMENT_ID: ${{ needs.release.outputs.comment-id }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- run: |
- npm exec --offline -- template-oss-release-manager
- npm run rp-pull-request --ignore-scripts --if-present
+ run: npm run rp-pull-request --ignore-scripts --if-present -- --pr="${{ needs.release.outputs.pr-number }}" --commentId="${{ needs.release.outputs.comment-id }}"
- name: Commit
id: commit
env:
@@ -177,53 +150,17 @@ jobs:
run: |
git commit --all --amend --no-edit || true
git push --force-with-lease
- echo "::set-output name=sha::$(git rev-parse HEAD)"
- - name: Get Workflow Job
- uses: actions/github-script@v6
- if: steps.commit.outputs.sha
- id: check-output
- env:
- JOB_NAME: "Update - Release"
- MATRIX_NAME: ""
- with:
- script: |
- const { owner, repo } = context.repo
-
- const { data } = await github.rest.actions.listJobsForWorkflowRun({
- owner,
- repo,
- run_id: context.runId,
- per_page: 100
- })
-
- const jobName = process.env.JOB_NAME + process.env.MATRIX_NAME
- const job = data.jobs.find(j => j.name.endsWith(jobName))
- const jobUrl = job?.html_url
-
- const shaUrl = `${context.serverUrl}/${owner}/${repo}/commit/${{ steps.commit.outputs.sha }}`
-
- let summary = `This check is assosciated with ${shaUrl}\n\n`
-
- if (jobUrl) {
- summary += `For run logs, click here: ${jobUrl}`
- } else {
- summary += `Run logs could not be found for a job with name: "${jobName}"`
- }
-
- return { summary }
+ echo "sha=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT
- name: Create Check
- uses: LouisBrunner/checks-action@v1.3.1
- id: check
- if: steps.commit.outputs.sha
+ id: create-check
+ uses: ./.github/actions/create-check
with:
+ name: "Update - Release"
+ check-name: "Release"
token: ${{ secrets.GITHUB_TOKEN }}
- status: in_progress
- name: Release
sha: ${{ steps.commit.outputs.sha }}
- output: ${{ steps.check-output.outputs.result }}
- name: Conclude Check
- uses: LouisBrunner/checks-action@v1.3.1
- if: needs.release.outputs.check-id && always()
+ uses: LouisBrunner/checks-action@v1.6.0
with:
token: ${{ secrets.GITHUB_TOKEN }}
conclusion: ${{ job.status }}
@@ -235,7 +172,7 @@ jobs:
if: needs.release.outputs.pr
uses: ./.github/workflows/ci-release.yml
with:
- ref: ${{ needs.release.outputs.branch }}
+ ref: ${{ needs.release.outputs.pr-branch }}
check-sha: ${{ needs.update.outputs.sha }}
post-ci:
@@ -247,8 +184,8 @@ jobs:
run:
shell: bash
steps:
- - name: Get Needs Result
- id: needs-result
+ - name: Get CI Conclusion
+ id: conclusion
run: |
result=""
if [[ "${{ contains(needs.*.result, 'failure') }}" == "true" ]]; then
@@ -258,17 +195,18 @@ jobs:
else
result="success"
fi
- echo "::set-output name=result::$result"
+ echo "result=$result" >> $GITHUB_OUTPUT
- name: Conclude Check
- uses: LouisBrunner/checks-action@v1.3.1
- if: needs.update.outputs.check-id && always()
+ uses: LouisBrunner/checks-action@v1.6.0
with:
token: ${{ secrets.GITHUB_TOKEN }}
- conclusion: ${{ steps.needs-result.outputs.result }}
+ conclusion: ${{ steps.conclusion.outputs.result }}
check_id: ${{ needs.update.outputs.check-id }}
post-release:
needs: release
+ outputs:
+ comment-id: ${{ steps.create-comment.outputs.comment-id }}
name: Post Release - Release
if: github.repository_owner == 'npm' && needs.release.outputs.releases
runs-on: ubuntu-latest
@@ -276,24 +214,91 @@ jobs:
run:
shell: bash
steps:
- - name: Checkout
- uses: actions/checkout@v3
- - name: Setup Git User
- run: |
- git config --global user.email "npm-cli+bot@github.com"
- git config --global user.name "npm CLI robot"
- - name: Setup Node
- uses: actions/setup-node@v3
- with:
- node-version: 18.x
- - name: Install npm@latest
- run: npm i --prefer-online --no-fund --no-audit -g npm@latest
- - name: npm Version
- run: npm -v
- - name: Install Dependencies
- run: npm i --ignore-scripts --no-audit --no-fund
- - name: Run Post Release Actions
+ - name: Create Release PR Comment Text
+ id: comment-text
+ uses: actions/github-script@v7
env:
RELEASES: ${{ needs.release.outputs.releases }}
+ with:
+ result-encoding: string
+ script: |
+ const releases = JSON.parse(process.env.RELEASES)
+ const { runId, repo: { owner, repo } } = context
+ const issue_number = releases[0].prNumber
+ const runUrl = `https://github.com/${owner}/${repo}/actions/runs/${runId}`
+
+ return [
+ '## Release Workflow\n',
+ ...releases.map(r => `- \`${r.pkgName}@${r.version}\` ${r.url}`),
+ `- Workflow run: :arrows_counterclockwise: ${runUrl}`,
+ ].join('\n')
+ - name: Create Release PR Comment
+ id: create-comment
+ uses: peter-evans/create-or-update-comment@v3
+ with:
+ issue-number: ${{ fromJSON(needs.release.outputs.releases)[0].prNumber }}
+ body: ${{ steps.comment-text.outputs.result }}
+
+ release-integration:
+ needs: release
+ name: Release Integration
+ if: needs.release.outputs.releases
+ uses: ./.github/workflows/release-integration.yml
+ with:
+ releases: ${{ needs.release.outputs.releases }}
+
+ post-release-integration:
+ needs: [ release, release-integration, post-release ]
+ name: Post Release Integration - Release
+ if: github.repository_owner == 'npm' && needs.release.outputs.releases && always()
+ runs-on: ubuntu-latest
+ defaults:
+ run:
+ shell: bash
+ steps:
+ - name: Get Post Release Conclusion
+ id: conclusion
run: |
- npm run rp-release --ignore-scripts --if-present ${{ join(fromJSON(needs.release.outputs.release-flags), ' ') }}
+ if [[ "${{ contains(needs.*.result, 'failure') }}" == "true" ]]; then
+ result="x"
+ elif [[ "${{ contains(needs.*.result, 'cancelled') }}" == "true" ]]; then
+ result="heavy_multiplication_x"
+ else
+ result="white_check_mark"
+ fi
+ echo "result=$result" >> $GITHUB_OUTPUT
+ - name: Find Release PR Comment
+ uses: peter-evans/find-comment@v2
+ id: found-comment
+ with:
+ issue-number: ${{ fromJSON(needs.release.outputs.releases)[0].prNumber }}
+ comment-author: 'github-actions[bot]'
+ body-includes: '## Release Workflow'
+ - name: Create Release PR Comment Text
+ id: comment-text
+ if: steps.found-comment.outputs.comment-id
+ uses: actions/github-script@v7
+ env:
+ RESULT: ${{ steps.conclusion.outputs.result }}
+ BODY: ${{ steps.found-comment.outputs.comment-body }}
+ with:
+ result-encoding: string
+ script: |
+ const { RESULT, BODY } = process.env
+ const body = [BODY.replace(/(Workflow run: :)[a-z_]+(:)/, `$1${RESULT}$2`)]
+ if (RESULT !== 'white_check_mark') {
+ body.push(':rotating_light::rotating_light::rotating_light:')
+ body.push([
+ '@npm/cli-team: The post-release workflow failed for this release.',
+ 'Manual steps may need to be taken after examining the workflow output.'
+ ].join(' '))
+ body.push(':rotating_light::rotating_light::rotating_light:')
+ }
+ return body.join('\n\n').trim()
+ - name: Update Release PR Comment
+ if: steps.comment-text.outputs.result
+ uses: peter-evans/create-or-update-comment@v3
+ with:
+ comment-id: ${{ steps.found-comment.outputs.comment-id }}
+ body: ${{ steps.comment-text.outputs.result }}
+ edit-mode: 'replace'
diff --git a/.gitignore b/.gitignore
index 0ec3c847..2bab6d1d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -3,18 +3,21 @@
# ignore everything in the root
/*
-# keep these
!**/.gitignore
!/.commitlintrc.js
!/.eslintrc.js
!/.eslintrc.local.*
+!/.git-blame-ignore-revs
!/.github/
!/.gitignore
!/.npmrc
+!/.prettierignore
+!/.prettierrc.js
!/.release-please-manifest.json
!/bin/
!/CHANGELOG*
!/CODE_OF_CONDUCT.md
+!/CONTRIBUTING.md
!/docs/
!/lib/
!/LICENSE*
@@ -26,3 +29,5 @@
!/SECURITY.md
!/tap-snapshots/
!/test/
+!/tsconfig.json
+tap-testdir*/
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
new file mode 100644
index 00000000..69e88788
--- /dev/null
+++ b/CONTRIBUTING.md
@@ -0,0 +1,50 @@
+
+
+# Contributing
+
+## Code of Conduct
+
+All interactions in the **npm** organization on GitHub are considered to be covered by our standard [Code of Conduct](https://docs.npmjs.com/policies/conduct).
+
+## Reporting Bugs
+
+Before submitting a new bug report please search for an existing or similar report.
+
+Use one of our existing issue templates if you believe you've come across a unique problem.
+
+Duplicate issues, or issues that don't use one of our templates may get closed without a response.
+
+## Pull Request Conventions
+
+### Commits
+
+We use [Conventional Commits](https://www.conventionalcommits.org/en/v1.0.0/).
+
+When opening a pull request please be sure that either the pull request title, or each commit in the pull request, has one of the following prefixes:
+
+ - `feat`: For when introducing a new feature. The result will be a new semver minor version of the package when it is next published.
+ - `fix`: For bug fixes. The result will be a new semver patch version of the package when it is next published.
+ - `docs`: For documentation updates. The result will be a new semver patch version of the package when it is next published.
+ - `chore`: For changes that do not affect the published module. Often these are changes to tests. The result will be *no* change to the version of the package when it is next published (as the commit does not affect the published version).
+
+### Test Coverage
+
+Pull requests made against this repo will run `npm test` automatically. Please make sure tests pass locally before submitting a PR.
+
+Every new feature or bug fix should come with a corresponding test or tests that validate the solutions. Testing also reports on code coverage and will fail if code coverage drops.
+
+### Linting
+
+Linting is also done automatically once tests pass. `npm run lintfix` will fix most linting errors automatically.
+
+Please make sure linting passes before submitting a PR.
+
+## What _not_ to contribute?
+
+### Dependencies
+
+It should be noted that our team does not accept third-party dependency updates/PRs. If you submit a PR trying to update our dependencies we will close it with or without a reference to these contribution guidelines.
+
+### Tools/Automation
+
+Our core team is responsible for the maintenance of the tooling/automation in this project and we ask contributors to not make changes to these when contributing (e.g. `.github/*`, `.eslintrc.json`, `.licensee.json`). Most of those files also have a header at the top to remind folks they are automatically generated. Pull requests that alter these will not be accepted.
diff --git a/SECURITY.md b/SECURITY.md
index a93106d0..4fe06a2a 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -1,3 +1,13 @@
-Please send vulnerability reports through [hackerone](https://hackerone.com/github).
+GitHub takes the security of our software products and services seriously, including the open source code repositories managed through our GitHub organizations, such as [GitHub](https://github.com/GitHub).
+
+If you believe you have found a security vulnerability in this GitHub-owned open source repository, you can report it to us in one of two ways.
+
+If the vulnerability you have found is *not* [in scope for the GitHub Bug Bounty Program](https://bounty.github.com/#scope) or if you do not wish to be considered for a bounty reward, please report the issue to us directly through [opensource-security@github.com](mailto:opensource-security@github.com).
+
+If the vulnerability you have found is [in scope for the GitHub Bug Bounty Program](https://bounty.github.com/#scope) and you would like for your finding to be considered for a bounty reward, please submit the vulnerability to us through [HackerOne](https://hackerone.com/github) in order to be eligible to receive a bounty award.
+
+**Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests.**
+
+Thanks for helping make GitHub safe for everyone.
diff --git a/package.json b/package.json
index 61225994..70b91616 100644
--- a/package.json
+++ b/package.json
@@ -5,7 +5,7 @@
"main": "./lib/index.js",
"repository": {
"type": "git",
- "url": "https://github.com/npm/hosted-git-info.git"
+ "url": "git+https://github.com/npm/hosted-git-info.git"
},
"keywords": [
"git",
@@ -24,17 +24,18 @@
"snap": "tap",
"test": "tap",
"test:coverage": "tap --coverage-report=html",
- "lint": "eslint \"**/*.js\"",
+ "lint": "npm run eslint",
"postlint": "template-oss-check",
- "lintfix": "npm run lint -- --fix",
- "template-oss-apply": "template-oss-apply --force"
+ "lintfix": "npm run eslint -- --fix",
+ "template-oss-apply": "template-oss-apply --force",
+ "eslint": "eslint \"**/*.{js,cjs,ts,mjs,jsx,tsx}\""
},
"dependencies": {
"lru-cache": "^7.5.1"
},
"devDependencies": {
"@npmcli/eslint-config": "^4.0.0",
- "@npmcli/template-oss": "4.7.1",
+ "@npmcli/template-oss": "4.23.4",
"tap": "^16.0.1"
},
"files": [
@@ -54,6 +55,6 @@
},
"templateOSS": {
"//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.",
- "version": "4.7.1"
+ "version": "4.23.4"
}
}
diff --git a/release-please-config.json b/release-please-config.json
index 73d1e353..a1676b9c 100644
--- a/release-please-config.json
+++ b/release-please-config.json
@@ -1,5 +1,4 @@
{
- "exclude-packages-from-root": true,
"group-pull-request-title-pattern": "chore: release ${version}",
"pull-request-title-pattern": "chore: release${component} ${version}",
"changelog-sections": [
@@ -25,6 +24,7 @@
},
{
"type": "chore",
+ "section": "Chores",
"hidden": true
}
],
@@ -32,5 +32,6 @@
".": {
"package-name": ""
}
- }
+ },
+ "prerelease-type": "pre"
}
From 09061c0d8304a27aa356ab91421321b34a4f0bc1 Mon Sep 17 00:00:00 2001
From: Gar
Date: Thu, 21 Nov 2024 09:27:36 -0800
Subject: [PATCH 2/3] fix: break up greedy host fragment parsing regex (#276)
It's easier to reason about each step this way, and also not susceptible
to redos.
---
lib/hosts.js | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/lib/hosts.js b/lib/hosts.js
index 013712b7..d610993e 100644
--- a/lib/hosts.js
+++ b/lib/hosts.js
@@ -4,7 +4,11 @@
const maybeJoin = (...args) => args.every(arg => arg) ? args.join('') : ''
const maybeEncode = (arg) => arg ? encodeURIComponent(arg) : ''
-const formatHashFragment = (f) => f.toLowerCase().replace(/^\W+|\/|\W+$/g, '').replace(/\W+/g, '-')
+const formatHashFragment = (f) => f.toLowerCase()
+ .replace(/^\W+/g, '') // strip leading non-characters
+ .replace(/\W+$/g, '') // strip trailing non-characters
+ .replace(/\//g, '') // strip all slashes
+ .replace(/\W+/g, '-') // replace remaining non-characters with '-'
const defaults = {
sshtemplate: ({ domain, user, project, committish }) =>
From e5a8bca5bbdaf4f6b6642bd2adb5441449bca7a0 Mon Sep 17 00:00:00 2001
From: "github-actions[bot]"
<41898282+github-actions[bot]@users.noreply.github.com>
Date: Thu, 21 Nov 2024 09:46:47 -0800
Subject: [PATCH 3/3] chore: release 6.1.2 (#279)
:robot: I have created a release *beep* *boop*
---
##
[6.1.2](https://github.com/npm/hosted-git-info/compare/v6.1.1...v6.1.2)
(2024-11-21)
### Bug Fixes
*
[`09061c0`](https://github.com/npm/hosted-git-info/commit/09061c0d8304a27aa356ab91421321b34a4f0bc1)
[#276](https://github.com/npm/hosted-git-info/pull/276) break up greedy
host fragment parsing regex (#276) (@wraithgar)
### Chores
*
[`3d8f14e`](https://github.com/npm/hosted-git-info/commit/3d8f14ea3339b36508c3e07a4aa484f5640cd96c)
[#278](https://github.com/npm/hosted-git-info/pull/278) bump
@npmcli/template-oss from 4.7.1 to 4.23.4 (#278) (@dependabot[bot],
@wraithgar)
---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
---
.release-please-manifest.json | 2 +-
CHANGELOG.md | 6 ++++++
package.json | 2 +-
3 files changed, 8 insertions(+), 2 deletions(-)
diff --git a/.release-please-manifest.json b/.release-please-manifest.json
index 0f6aa44e..5e404df8 100644
--- a/.release-please-manifest.json
+++ b/.release-please-manifest.json
@@ -1,3 +1,3 @@
{
- ".": "6.1.1"
+ ".": "6.1.2"
}
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 0081c965..91acbdbf 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,11 @@
# Changelog
+## [6.1.2](https://github.com/npm/hosted-git-info/compare/v6.1.1...v6.1.2) (2024-11-21)
+### Bug Fixes
+* [`09061c0`](https://github.com/npm/hosted-git-info/commit/09061c0d8304a27aa356ab91421321b34a4f0bc1) [#276](https://github.com/npm/hosted-git-info/pull/276) break up greedy host fragment parsing regex (#276) (@wraithgar)
+### Chores
+* [`3d8f14e`](https://github.com/npm/hosted-git-info/commit/3d8f14ea3339b36508c3e07a4aa484f5640cd96c) [#278](https://github.com/npm/hosted-git-info/pull/278) bump @npmcli/template-oss from 4.7.1 to 4.23.4 (#278) (@dependabot[bot], @wraithgar)
+
## [6.1.1](https://github.com/npm/hosted-git-info/compare/v6.1.0...v6.1.1) (2022-10-27)
### Bug Fixes
diff --git a/package.json b/package.json
index 70b91616..c6958e92 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
{
"name": "hosted-git-info",
- "version": "6.1.1",
+ "version": "6.1.2",
"description": "Provides metadata and conversions from repository urls for GitHub, Bitbucket and GitLab",
"main": "./lib/index.js",
"repository": {