From 1ad063202bf25d51f926a7a30e9265c49266a8ef Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 14 Oct 2022 20:43:13 +0000 Subject: [PATCH 01/33] chore: bump @npmcli/eslint-config from 3.1.0 to 4.0.0 Bumps [@npmcli/eslint-config](https://github.com/npm/eslint-config) from 3.1.0 to 4.0.0. - [Release notes](https://github.com/npm/eslint-config/releases) - [Changelog](https://github.com/npm/eslint-config/blob/main/CHANGELOG.md) - [Commits](https://github.com/npm/eslint-config/compare/v3.1.0...v4.0.0) --- updated-dependencies: - dependency-name: "@npmcli/eslint-config" dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index c496ecb..0d846da 100644 --- a/package.json +++ b/package.json @@ -27,7 +27,7 @@ "author": "GitHub Inc.", "license": "MIT", "devDependencies": { - "@npmcli/eslint-config": "^3.1.0", + "@npmcli/eslint-config": "^4.0.0", "@npmcli/template-oss": "4.5.1", "tap": "^16.3.0" }, From 5656cacc6a6c4fb85af72e53ec9c8cfadd2eb396 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 18 Oct 2022 20:49:46 +0000 Subject: [PATCH 02/33] chore: bump @npmcli/template-oss from 4.5.1 to 4.6.2 Bumps [@npmcli/template-oss](https://github.com/npm/template-oss) from 4.5.1 to 4.6.2. - [Release notes](https://github.com/npm/template-oss/releases) - [Changelog](https://github.com/npm/template-oss/blob/main/CHANGELOG.md) - [Commits](https://github.com/npm/template-oss/compare/v4.5.1...v4.6.2) --- updated-dependencies: - dependency-name: @npmcli/template-oss dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 0d846da..01c61ef 100644 --- a/package.json +++ b/package.json @@ -28,7 +28,7 @@ "license": "MIT", "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.5.1", + "@npmcli/template-oss": "4.6.2", "tap": "^16.3.0" }, "tap": { From 6fdb7a1dcd074207e9280d5619a820f2e88fd659 Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Tue, 18 Oct 2022 23:22:08 -0700 Subject: [PATCH 03/33] chore: postinstall for dependabot template-oss PR --- .github/workflows/ci-release.yml | 80 +++++++++++++++++++---- .github/workflows/post-dependabot.yml | 4 +- .github/workflows/release.yml | 93 ++++++++++++++++++++++----- package.json | 2 +- 4 files changed, 149 insertions(+), 30 deletions(-) diff --git a/.github/workflows/ci-release.yml b/.github/workflows/ci-release.yml index 9cc6b28..6dad88c 100644 --- a/.github/workflows/ci-release.yml +++ b/.github/workflows/ci-release.yml @@ -21,6 +21,39 @@ jobs: run: shell: bash steps: + - name: Get Workflow Job + uses: actions/github-script@v6 + + id: check-output + env: + JOB_NAME: "Lint All" + MATRIX_NAME: "" + with: + script: | + const { owner, repo } = context.repo + + const { data } = await github.rest.actions.listJobsForWorkflowRun({ + owner, + repo, + run_id: context.runId, + per_page: 100 + }) + + const jobName = process.env.JOB_NAME + process.env.MATRIX_NAME + const job = data.jobs.find(j => j.name.endsWith(jobName)) + const jobUrl = job?.html_url + + const shaUrl = `${context.serverUrl}/${owner}/${repo}/commit/${{ inputs.check-sha }}` + + let summary = `This check is assosciated with ${shaUrl}\n\n` + + if (jobUrl) { + summary += `For run logs, click here: ${jobUrl}` + } else { + summary += `Run logs could not be found for a job with name: "${jobName}"` + } + + return { summary } - name: Create Check uses: LouisBrunner/checks-action@v1.3.1 id: check @@ -30,12 +63,7 @@ jobs: status: in_progress name: Lint All sha: ${{ inputs.check-sha }} - # XXX: this does not work when using the default GITHUB_TOKEN. - # Instead we post the main job url to the PR as a comment which - # will link to all the other checks. To work around this we would - # need to create a GitHub that would create on-demand tokens. - # https://github.com/LouisBrunner/checks-action/issues/18 - # details_url: + output: ${{ steps.check-output.outputs.result }} - name: Checkout uses: actions/checkout@v3 with: @@ -94,6 +122,39 @@ jobs: run: shell: ${{ matrix.platform.shell }} steps: + - name: Get Workflow Job + uses: actions/github-script@v6 + + id: check-output + env: + JOB_NAME: "Test All" + MATRIX_NAME: " - ${{ matrix.platform.name }} - ${{ matrix.node-version }}" + with: + script: | + const { owner, repo } = context.repo + + const { data } = await github.rest.actions.listJobsForWorkflowRun({ + owner, + repo, + run_id: context.runId, + per_page: 100 + }) + + const jobName = process.env.JOB_NAME + process.env.MATRIX_NAME + const job = data.jobs.find(j => j.name.endsWith(jobName)) + const jobUrl = job?.html_url + + const shaUrl = `${context.serverUrl}/${owner}/${repo}/commit/${{ inputs.check-sha }}` + + let summary = `This check is assosciated with ${shaUrl}\n\n` + + if (jobUrl) { + summary += `For run logs, click here: ${jobUrl}` + } else { + summary += `Run logs could not be found for a job with name: "${jobName}"` + } + + return { summary } - name: Create Check uses: LouisBrunner/checks-action@v1.3.1 id: check @@ -103,12 +164,7 @@ jobs: status: in_progress name: Test All - ${{ matrix.platform.name }} - ${{ matrix.node-version }} sha: ${{ inputs.check-sha }} - # XXX: this does not work when using the default GITHUB_TOKEN. - # Instead we post the main job url to the PR as a comment which - # will link to all the other checks. To work around this we would - # need to create a GitHub that would create on-demand tokens. - # https://github.com/LouisBrunner/checks-action/issues/18 - # details_url: + output: ${{ steps.check-output.outputs.result }} - name: Checkout uses: actions/checkout@v3 with: diff --git a/.github/workflows/post-dependabot.yml b/.github/workflows/post-dependabot.yml index 88ac403..4393859 100644 --- a/.github/workflows/post-dependabot.yml +++ b/.github/workflows/post-dependabot.yml @@ -66,7 +66,7 @@ jobs: # This only sets the conventional commit prefix. This workflow can't reliably determine # what the breaking change is though. If a BREAKING CHANGE message is required then # this PR check will fail and the commit will be amended with stafftools - if [[ "${{ steps.dependabot-metadata.outputs.update-type }}" == "version-update:semver-major" ]]; then + if [[ "${{ steps.metadata.outputs.update-type }}" == "version-update:semver-major" ]]; then prefix='feat!' else prefix='chore!' @@ -90,7 +90,7 @@ jobs: # and attempt to commit and push again. This is helpful because we will have a commit # with the correct prefix that we can then --amend with @npmcli/stafftools later. - name: Push All Changes Except Workflows - if: steps.apply.outputs.changes && steps.push-all.outcome == 'failure' + if: steps.apply.outputs.changes && steps.push.outcome == 'failure' env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 1ed3865..2f7dee0 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -3,6 +3,7 @@ name: Release on: + workflow_dispatch: push: branches: - main @@ -51,17 +52,19 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | - npx --offline template-oss-release-please ${{ github.ref_name }} + npx --offline template-oss-release-please ${{ github.ref_name }} ${{ github.event_name }} - name: Post Pull Request Comment if: steps.release.outputs.pr-number uses: actions/github-script@v6 id: pr-comment env: PR_NUMBER: ${{ steps.release.outputs.pr-number }} + REF_NAME: ${{ github.ref_name }} with: script: | + const { REF_NAME, PR_NUMBER } = process.env const repo = { owner: context.repo.owner, repo: context.repo.repo } - const issue = { ...repo, issue_number: process.env.PR_NUMBER } + const issue = { ...repo, issue_number: PR_NUMBER } const { data: workflow } = await github.rest.actions.getWorkflowRun({ ...repo, run_id: context.runId }) @@ -70,7 +73,11 @@ jobs: const comments = await github.paginate(github.rest.issues.listComments, issue) let commentId = comments?.find(c => c.user.login === 'github-actions[bot]' && c.body.startsWith(body))?.id - body += `- Release workflow run: ${workflow.html_url}` + body += `Release workflow run: ${workflow.html_url}\n\n#### Force CI to Rerun for This Release\n\n` + body += `This PR will be updated and CI will run for every non-\`chore:\` commit that is pushed to \`main\`. ` + body += `To force CI to rerun, run this command:\n\n` + body += `\`\`\`\ngh workflow run release.yml -r ${REF_NAME}\n\`\`\`` + if (commentId) { await github.rest.issues.updateComment({ ...repo, comment_id: commentId, body }) } else { @@ -79,6 +86,39 @@ jobs: } return commentId + - name: Get Workflow Job + uses: actions/github-script@v6 + if: steps.release.outputs.pr-number + id: check-output + env: + JOB_NAME: "Release" + MATRIX_NAME: "" + with: + script: | + const { owner, repo } = context.repo + + const { data } = await github.rest.actions.listJobsForWorkflowRun({ + owner, + repo, + run_id: context.runId, + per_page: 100 + }) + + const jobName = process.env.JOB_NAME + process.env.MATRIX_NAME + const job = data.jobs.find(j => j.name.endsWith(jobName)) + const jobUrl = job?.html_url + + const shaUrl = `${context.serverUrl}/${owner}/${repo}/commit/${{ steps.release.outputs.pr-sha }}` + + let summary = `This check is assosciated with ${shaUrl}\n\n` + + if (jobUrl) { + summary += `For run logs, click here: ${jobUrl}` + } else { + summary += `Run logs could not be found for a job with name: "${jobName}"` + } + + return { summary } - name: Create Check uses: LouisBrunner/checks-action@v1.3.1 id: check @@ -88,12 +128,7 @@ jobs: status: in_progress name: Release sha: ${{ steps.release.outputs.pr-sha }} - # XXX: this does not work when using the default GITHUB_TOKEN. - # Instead we post the main job url to the PR as a comment which - # will link to all the other checks. To work around this we would - # need to create a GitHub that would create on-demand tokens. - # https://github.com/LouisBrunner/checks-action/issues/18 - # details_url: + output: ${{ steps.check-output.outputs.result }} update: needs: release @@ -142,6 +177,39 @@ jobs: git commit --all --amend --no-edit || true git push --force-with-lease echo "::set-output name=sha::$(git rev-parse HEAD)" + - name: Get Workflow Job + uses: actions/github-script@v6 + + id: check-output + env: + JOB_NAME: "Update - Release" + MATRIX_NAME: "" + with: + script: | + const { owner, repo } = context.repo + + const { data } = await github.rest.actions.listJobsForWorkflowRun({ + owner, + repo, + run_id: context.runId, + per_page: 100 + }) + + const jobName = process.env.JOB_NAME + process.env.MATRIX_NAME + const job = data.jobs.find(j => j.name.endsWith(jobName)) + const jobUrl = job?.html_url + + const shaUrl = `${context.serverUrl}/${owner}/${repo}/commit/${{ steps.commit.outputs.sha }}` + + let summary = `This check is assosciated with ${shaUrl}\n\n` + + if (jobUrl) { + summary += `For run logs, click here: ${jobUrl}` + } else { + summary += `Run logs could not be found for a job with name: "${jobName}"` + } + + return { summary } - name: Create Check uses: LouisBrunner/checks-action@v1.3.1 id: check @@ -151,12 +219,7 @@ jobs: status: in_progress name: Release sha: ${{ steps.commit.outputs.sha }} - # XXX: this does not work when using the default GITHUB_TOKEN. - # Instead we post the main job url to the PR as a comment which - # will link to all the other checks. To work around this we would - # need to create a GitHub that would create on-demand tokens. - # https://github.com/LouisBrunner/checks-action/issues/18 - # details_url: + output: ${{ steps.check-output.outputs.result }} - name: Conclude Check uses: LouisBrunner/checks-action@v1.3.1 if: always() diff --git a/package.json b/package.json index 01c61ef..0b83c36 100644 --- a/package.json +++ b/package.json @@ -43,6 +43,6 @@ }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.5.1" + "version": "4.6.2" } } From 82361beeb2823f7d54501dd4d723835cbf4e6cc0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 25 Oct 2022 21:06:28 +0000 Subject: [PATCH 04/33] chore: bump @npmcli/template-oss from 4.6.2 to 4.8.0 Bumps [@npmcli/template-oss](https://github.com/npm/template-oss) from 4.6.2 to 4.8.0. - [Release notes](https://github.com/npm/template-oss/releases) - [Changelog](https://github.com/npm/template-oss/blob/main/CHANGELOG.md) - [Commits](https://github.com/npm/template-oss/compare/v4.6.2...v4.8.0) --- updated-dependencies: - dependency-name: @npmcli/template-oss dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 0b83c36..a5ff629 100644 --- a/package.json +++ b/package.json @@ -28,7 +28,7 @@ "license": "MIT", "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.6.2", + "@npmcli/template-oss": "4.8.0", "tap": "^16.3.0" }, "tap": { From 45a57f796f7ffacd8b3dfe030fba8db3da7a632c Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Thu, 27 Oct 2022 22:10:32 -0700 Subject: [PATCH 05/33] chore: postinstall for dependabot template-oss PR --- .github/workflows/audit.yml | 6 ++-- .github/workflows/ci-release.yml | 18 ++++++---- .github/workflows/ci.yml | 50 --------------------------- .github/workflows/post-dependabot.yml | 2 +- .github/workflows/release.yml | 13 +++---- package.json | 2 +- 6 files changed, 25 insertions(+), 66 deletions(-) diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index 60bb334..62892f9 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -33,5 +33,7 @@ jobs: run: npm -v - name: Install Dependencies run: npm i --ignore-scripts --no-audit --no-fund --package-lock - - name: Run Audit - run: npm audit + - name: Run Production Audit + run: npm audit --omit=dev + - name: Run Full Audit + run: npm audit --audit-level=none diff --git a/.github/workflows/ci-release.yml b/.github/workflows/ci-release.yml index 6dad88c..6e80aa6 100644 --- a/.github/workflows/ci-release.yml +++ b/.github/workflows/ci-release.yml @@ -3,6 +3,12 @@ name: CI - Release on: + workflow_dispatch: + inputs: + ref: + required: true + type: string + default: main workflow_call: inputs: ref: @@ -23,7 +29,7 @@ jobs: steps: - name: Get Workflow Job uses: actions/github-script@v6 - + if: inputs.check-sha id: check-output env: JOB_NAME: "Lint All" @@ -57,7 +63,7 @@ jobs: - name: Create Check uses: LouisBrunner/checks-action@v1.3.1 id: check - + if: inputs.check-sha with: token: ${{ secrets.GITHUB_TOKEN }} status: in_progress @@ -88,7 +94,7 @@ jobs: run: npm run postlint --ignore-scripts - name: Conclude Check uses: LouisBrunner/checks-action@v1.3.1 - if: always() + if: steps.check.outputs.check_id && always() with: token: ${{ secrets.GITHUB_TOKEN }} conclusion: ${{ job.status }} @@ -124,7 +130,7 @@ jobs: steps: - name: Get Workflow Job uses: actions/github-script@v6 - + if: inputs.check-sha id: check-output env: JOB_NAME: "Test All" @@ -158,7 +164,7 @@ jobs: - name: Create Check uses: LouisBrunner/checks-action@v1.3.1 id: check - + if: inputs.check-sha with: token: ${{ secrets.GITHUB_TOKEN }} status: in_progress @@ -203,7 +209,7 @@ jobs: run: npm test --ignore-scripts - name: Conclude Check uses: LouisBrunner/checks-action@v1.3.1 - if: always() + if: steps.check.outputs.check_id && always() with: token: ${{ secrets.GITHUB_TOKEN }} conclusion: ${{ job.status }} diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index a6c934a..9cc149d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -14,56 +14,6 @@ on: - cron: "0 9 * * 1" jobs: - engines: - name: Engines - ${{ matrix.platform.name }} - ${{ matrix.node-version }} - if: github.repository_owner == 'npm' - strategy: - fail-fast: false - matrix: - platform: - - name: Linux - os: ubuntu-latest - shell: bash - node-version: - - 14.17.0 - - 16.13.0 - - 18.0.0 - runs-on: ${{ matrix.platform.os }} - defaults: - run: - shell: ${{ matrix.platform.shell }} - steps: - - name: Checkout - uses: actions/checkout@v3 - - name: Setup Git User - run: | - git config --global user.email "npm-cli+bot@github.com" - git config --global user.name "npm CLI robot" - - name: Setup Node - uses: actions/setup-node@v3 - with: - node-version: ${{ matrix.node-version }} - - name: Update Windows npm - # node 12 and 14 ship with npm@6, which is known to fail when updating itself in windows - if: matrix.platform.os == 'windows-latest' && (startsWith(matrix.node-version, '12.') || startsWith(matrix.node-version, '14.')) - run: | - curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz - tar xf npm-7.5.4.tgz - cd package - node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz - cd .. - rmdir /s /q package - - name: Install npm@7 - if: startsWith(matrix.node-version, '10.') - run: npm i --prefer-online --no-fund --no-audit -g npm@7 - - name: Install npm@latest - if: ${{ !startsWith(matrix.node-version, '10.') }} - run: npm i --prefer-online --no-fund --no-audit -g npm@latest - - name: npm Version - run: npm -v - - name: Install Dependencies - run: npm i --ignore-scripts --no-audit --no-fund --engines-strict - lint: name: Lint if: github.repository_owner == 'npm' diff --git a/.github/workflows/post-dependabot.yml b/.github/workflows/post-dependabot.yml index 4393859..19902bd 100644 --- a/.github/workflows/post-dependabot.yml +++ b/.github/workflows/post-dependabot.yml @@ -69,7 +69,7 @@ jobs: if [[ "${{ steps.metadata.outputs.update-type }}" == "version-update:semver-major" ]]; then prefix='feat!' else - prefix='chore!' + prefix='chore' fi echo "::set-output name=message::$prefix: postinstall for dependabot template-oss PR" diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 2f7dee0..15d37cb 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -8,6 +8,7 @@ on: branches: - main - latest + - release/v* permissions: contents: write @@ -88,7 +89,7 @@ jobs: return commentId - name: Get Workflow Job uses: actions/github-script@v6 - if: steps.release.outputs.pr-number + if: steps.release.outputs.pr-sha id: check-output env: JOB_NAME: "Release" @@ -122,7 +123,7 @@ jobs: - name: Create Check uses: LouisBrunner/checks-action@v1.3.1 id: check - if: steps.release.outputs.pr-number + if: steps.release.outputs.pr-sha with: token: ${{ secrets.GITHUB_TOKEN }} status: in_progress @@ -179,7 +180,7 @@ jobs: echo "::set-output name=sha::$(git rev-parse HEAD)" - name: Get Workflow Job uses: actions/github-script@v6 - + if: steps.commit.outputs.sha id: check-output env: JOB_NAME: "Update - Release" @@ -213,7 +214,7 @@ jobs: - name: Create Check uses: LouisBrunner/checks-action@v1.3.1 id: check - + if: steps.commit.outputs.sha with: token: ${{ secrets.GITHUB_TOKEN }} status: in_progress @@ -222,7 +223,7 @@ jobs: output: ${{ steps.check-output.outputs.result }} - name: Conclude Check uses: LouisBrunner/checks-action@v1.3.1 - if: always() + if: needs.release.outputs.check-id && always() with: token: ${{ secrets.GITHUB_TOKEN }} conclusion: ${{ job.status }} @@ -260,7 +261,7 @@ jobs: echo "::set-output name=result::$result" - name: Conclude Check uses: LouisBrunner/checks-action@v1.3.1 - if: always() + if: needs.update.outputs.check-id && always() with: token: ${{ secrets.GITHUB_TOKEN }} conclusion: ${{ steps.needs-result.outputs.result }} diff --git a/package.json b/package.json index a5ff629..a4f4776 100644 --- a/package.json +++ b/package.json @@ -43,6 +43,6 @@ }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.6.2" + "version": "4.8.0" } } From 4431a3ed18ceae1896c5ed480340aab4b15b720b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 9 Nov 2022 20:13:13 +0000 Subject: [PATCH 06/33] chore: bump @npmcli/template-oss from 4.8.0 to 4.10.0 Bumps [@npmcli/template-oss](https://github.com/npm/template-oss) from 4.8.0 to 4.10.0. - [Release notes](https://github.com/npm/template-oss/releases) - [Changelog](https://github.com/npm/template-oss/blob/main/CHANGELOG.md) - [Commits](https://github.com/npm/template-oss/compare/v4.8.0...v4.10.0) --- updated-dependencies: - dependency-name: @npmcli/template-oss dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index a4f4776..ab2a063 100644 --- a/package.json +++ b/package.json @@ -28,7 +28,7 @@ "license": "MIT", "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.8.0", + "@npmcli/template-oss": "4.10.0", "tap": "^16.3.0" }, "tap": { From ba8b2cfac70932766f85dc47c99f79683d5f04d5 Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Sat, 12 Nov 2022 14:29:24 -0700 Subject: [PATCH 07/33] chore: postinstall for dependabot template-oss PR --- .github/workflows/release.yml | 6 +++--- SECURITY.md | 13 ++++++++++++- package.json | 2 +- 3 files changed, 16 insertions(+), 5 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 15d37cb..264cf3d 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -74,9 +74,9 @@ jobs: const comments = await github.paginate(github.rest.issues.listComments, issue) let commentId = comments?.find(c => c.user.login === 'github-actions[bot]' && c.body.startsWith(body))?.id - body += `Release workflow run: ${workflow.html_url}\n\n#### Force CI to Rerun for This Release\n\n` + body += `Release workflow run: ${workflow.html_url}\n\n#### Force CI to Update This Release\n\n` body += `This PR will be updated and CI will run for every non-\`chore:\` commit that is pushed to \`main\`. ` - body += `To force CI to rerun, run this command:\n\n` + body += `To force CI to update this PR, run this command:\n\n` body += `\`\`\`\ngh workflow run release.yml -r ${REF_NAME}\n\`\`\`` if (commentId) { @@ -168,7 +168,7 @@ jobs: RELEASE_COMMENT_ID: ${{ needs.release.outputs.comment-id }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | - npm exec --offline -- template-oss-release-manager + npm exec --offline -- template-oss-release-manager --lockfile=false npm run rp-pull-request --ignore-scripts --if-present - name: Commit id: commit diff --git a/SECURITY.md b/SECURITY.md index a93106d..4e7c26c 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -1,3 +1,14 @@ -Please send vulnerability reports through [hackerone](https://hackerone.com/github). +GitHub takes the security of our software products and services seriously, including the open source code repositories managed through our GitHub organizations, such as [GitHub](https://github.com/GitHub). + +If you believe you have found a security vulnerability in this GitHub-owned open source repository, you can report it to us in one of two ways. + +If the vulnerability you have found is *not* [in scope for the GitHub Bug Bounty Program](https://bounty.github.com/#scope) or if you do not wish to be considered for a bounty reward, please report the issue to us directly using [private vulnerability reporting](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability). + +If the vulnerability you have found is [in scope for the GitHub Bug Bounty Program](https://bounty.github.com/#scope) and you would like for your finding to be considered for a bounty reward, please submit the vulnerability to us through [HackerOne](https://hackerone.com/github) in order to be eligible to receive a bounty award. + +**Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests.** + +Thanks for helping make GitHub safe for everyone. + diff --git a/package.json b/package.json index ab2a063..3394b8c 100644 --- a/package.json +++ b/package.json @@ -43,6 +43,6 @@ }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.8.0" + "version": "4.10.0" } } From edbf852f02ccb2c9a38adf3611571141ffb9a33d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 7 Dec 2022 20:26:55 +0000 Subject: [PATCH 08/33] chore: bump @npmcli/template-oss from 4.10.0 to 4.11.0 Bumps [@npmcli/template-oss](https://github.com/npm/template-oss) from 4.10.0 to 4.11.0. - [Release notes](https://github.com/npm/template-oss/releases) - [Changelog](https://github.com/npm/template-oss/blob/main/CHANGELOG.md) - [Commits](https://github.com/npm/template-oss/compare/v4.10.0...v4.11.0) --- updated-dependencies: - dependency-name: @npmcli/template-oss dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 3394b8c..86fd535 100644 --- a/package.json +++ b/package.json @@ -28,7 +28,7 @@ "license": "MIT", "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.10.0", + "@npmcli/template-oss": "4.11.0", "tap": "^16.3.0" }, "tap": { From d291dc51a1b4a6126721efd89fc426c596c924f0 Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Sat, 10 Dec 2022 12:30:15 -0700 Subject: [PATCH 09/33] chore: postinstall for dependabot template-oss PR --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 86fd535..545ea3c 100644 --- a/package.json +++ b/package.json @@ -43,6 +43,6 @@ }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.10.0" + "version": "4.11.0" } } From 4e83f569026c975e70ce97e0798a4efd8e225aec Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 25 Jan 2023 20:12:44 +0000 Subject: [PATCH 10/33] chore: bump @npmcli/template-oss from 4.11.0 to 4.11.3 Bumps [@npmcli/template-oss](https://github.com/npm/template-oss) from 4.11.0 to 4.11.3. - [Release notes](https://github.com/npm/template-oss/releases) - [Changelog](https://github.com/npm/template-oss/blob/main/CHANGELOG.md) - [Commits](https://github.com/npm/template-oss/compare/v4.11.0...v4.11.3) --- updated-dependencies: - dependency-name: @npmcli/template-oss dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 545ea3c..65100e9 100644 --- a/package.json +++ b/package.json @@ -28,7 +28,7 @@ "license": "MIT", "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.11.0", + "@npmcli/template-oss": "4.11.3", "tap": "^16.3.0" }, "tap": { From b25d4e5ff0920a9f673aaa49cba2326d3b7baf95 Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Wed, 25 Jan 2023 13:55:12 -0700 Subject: [PATCH 11/33] chore: postinstall for dependabot template-oss PR --- .github/workflows/pull-request.yml | 4 +- .github/workflows/release.yml | 148 ++++++++++++++++++++++++----- package.json | 2 +- 3 files changed, 129 insertions(+), 25 deletions(-) diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml index 1a1d1ee..99877da 100644 --- a/.github/workflows/pull-request.yml +++ b/.github/workflows/pull-request.yml @@ -41,8 +41,8 @@ jobs: id: commit continue-on-error: true run: | - npx --offline commitlint -V --from origin/${{ github.base_ref }} --to ${{ github.event.pull_request.head.sha }} + npx --offline commitlint -V --from 'origin/${{ github.base_ref }}' --to ${{ github.event.pull_request.head.sha }} - name: Run Commitlint on PR Title if: steps.commit.outcome == 'failure' run: | - echo ${{ github.event.pull_request.title }} | npx --offline commitlint -V + echo '${{ github.event.pull_request.title }}' | npx --offline commitlint -V diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 264cf3d..f6daab5 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -19,8 +19,8 @@ jobs: release: outputs: pr: ${{ steps.release.outputs.pr }} + release: ${{ steps.release.outputs.release }} releases: ${{ steps.release.outputs.releases }} - release-flags: ${{ steps.release.outputs.release-flags }} branch: ${{ steps.release.outputs.pr-branch }} pr-number: ${{ steps.release.outputs.pr-number }} comment-id: ${{ steps.pr-comment.outputs.result }} @@ -63,26 +63,25 @@ jobs: REF_NAME: ${{ github.ref_name }} with: script: | - const { REF_NAME, PR_NUMBER } = process.env - const repo = { owner: context.repo.owner, repo: context.repo.repo } - const issue = { ...repo, issue_number: PR_NUMBER } + const { REF_NAME, PR_NUMBER: issue_number } = process.env + const { runId, repo: { owner, repo } } = context - const { data: workflow } = await github.rest.actions.getWorkflowRun({ ...repo, run_id: context.runId }) + const { data: workflow } = await github.rest.actions.getWorkflowRun({ owner, repo, run_id: runId }) let body = '## Release Manager\n\n' - const comments = await github.paginate(github.rest.issues.listComments, issue) - let commentId = comments?.find(c => c.user.login === 'github-actions[bot]' && c.body.startsWith(body))?.id + const comments = await github.paginate(github.rest.issues.listComments, { owner, repo, issue_number }) + let commentId = comments.find(c => c.user.login === 'github-actions[bot]' && c.body.startsWith(body))?.id body += `Release workflow run: ${workflow.html_url}\n\n#### Force CI to Update This Release\n\n` body += `This PR will be updated and CI will run for every non-\`chore:\` commit that is pushed to \`main\`. ` body += `To force CI to update this PR, run this command:\n\n` - body += `\`\`\`\ngh workflow run release.yml -r ${REF_NAME}\n\`\`\`` + body += `\`\`\`\ngh workflow run release.yml -r ${REF_NAME} -R ${owner}/${repo}\n\`\`\`` if (commentId) { - await github.rest.issues.updateComment({ ...repo, comment_id: commentId, body }) + await github.rest.issues.updateComment({ owner, repo, comment_id: commentId, body }) } else { - const { data: comment } = await github.rest.issues.createComment({ ...issue, body }) + const { data: comment } = await github.rest.issues.createComment({ owner, repo, issue_number, body }) commentId = comment?.id } @@ -276,12 +275,45 @@ jobs: run: shell: bash steps: - - name: Checkout - uses: actions/checkout@v3 - - name: Setup Git User - run: | - git config --global user.email "npm-cli+bot@github.com" - git config --global user.name "npm CLI robot" + - name: Create Release PR Comment + uses: actions/github-script@v6 + env: + RELEASES: ${{ needs.release.outputs.releases }} + with: + script: | + const releases = JSON.parse(process.env.RELEASES) + const { runId, repo: { owner, repo } } = context + const issue_number = releases[0].prNumber + + let body = '## Release Workflow\n\n' + for (const { pkgName, version, url } of releases) { + body += `- \`${pkgName}@${version}\` ${url}\n` + } + + const comments = await github.paginate(github.rest.issues.listComments, { owner, repo, issue_number }) + const releaseComments = comments.filter(c => c.user.login === 'github-actions[bot]' && c.body.includes('Release is at')) + + for (const comment of releaseComments) { + await github.rest.issues.deleteComment({ owner, repo, comment_id: comment.id }) + } + + const runUrl = `https://github.com/${owner}/${repo}/actions/runs/${runId}` + await github.rest.issues.createComment({ + owner, + repo, + issue_number, + body: `${body}- Workflow run: :arrows_counterclockwise: ${runUrl}`, + }) + + release-integration: + needs: release + name: Release Integration + if: needs.release.outputs.release + runs-on: ubuntu-latest + defaults: + run: + shell: bash + steps: - name: Setup Node uses: actions/setup-node@v3 with: @@ -290,10 +322,82 @@ jobs: run: npm i --prefer-online --no-fund --no-audit -g npm@latest - name: npm Version run: npm -v - - name: Install Dependencies - run: npm i --ignore-scripts --no-audit --no-fund - - name: Run Post Release Actions - env: - RELEASES: ${{ needs.release.outputs.releases }} + - name: View in Registry + run: | + EXIT_CODE=0 + + function is_published { + if npm view "$@" --loglevel=error > /dev/null; then + echo 0 + else + echo 1 + fi + } + + for release in $(echo '${{ needs.release.outputs.releases }}' | jq -r '.[] | @base64'); do + name=$(echo "$release" | base64 --decode | jq -r .pkgName) + version=$(echo "$release" | base64 --decode | jq -r .version) + spec="$name@$version" + status=$(is_published "$spec") + if [[ "$status" -eq 1 ]]; then + echo "$spec ERROR" + EXIT_CODE=$status + else + echo "$spec OK" + fi + done + + exit $EXIT_CODE + + post-release-integration: + needs: [ release, release-integration ] + name: Post Release Integration - Release + if: github.repository_owner == 'npm' && needs.release.outputs.release && always() + runs-on: ubuntu-latest + defaults: + run: + shell: bash + steps: + - name: Get Needs Result + id: needs-result run: | - npm run rp-release --ignore-scripts --if-present ${{ join(fromJSON(needs.release.outputs.release-flags), ' ') }} + result="" + if [[ "${{ contains(needs.*.result, 'failure') }}" == "true" ]]; then + result="x" + elif [[ "${{ contains(needs.*.result, 'cancelled') }}" == "true" ]]; then + result="heavy_multiplication_x" + else + result="white_check_mark" + fi + echo "::set-output name=result::$result" + - name: Update Release PR Comment + uses: actions/github-script@v6 + env: + PR_NUMBER: ${{ fromJSON(needs.release.outputs.release).prNumber }} + RESULT: ${{ steps.needs-result.outputs.result }} + with: + script: | + const { PR_NUMBER: issue_number, RESULT } = process.env + const { repo: { owner, repo } } = context + + const comments = await github.paginate(github.rest.issues.listComments, { owner, repo, issue_number }) + const updateComment = comments.find(c => c.user.login === 'github-actions[bot]' && c.body.startsWith('## Release Workflow\n\n')) + + if (updateComment) { + console.log('Found comment to update:', JSON.stringify(updateComment, null, 2)) + let body = updateComment.body.replace(/Workflow run: :[a-z_]+:/, `Workflow run: :${RESULT}:`) + if (RESULT === 'x') { + body += `\n\n:rotating_light:` + body += ` @npm/cli-team: The post-release workflow failed for this release.` + body += ` Manual steps may need to be taken after examining the workflow output` + body += ` from the above workflow run. :rotating_light:` + } + await github.rest.issues.updateComment({ + owner, + repo, + body, + comment_id: updateComment.id, + }) + } else { + console.log('No matching comments found:', JSON.stringify(comments, null, 2)) + } diff --git a/package.json b/package.json index 65100e9..4d809bd 100644 --- a/package.json +++ b/package.json @@ -43,6 +43,6 @@ }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.11.0" + "version": "4.11.3" } } From ff2347d048de4486a211f82d64bfd14473eed7ea Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 7 Feb 2023 20:14:53 +0000 Subject: [PATCH 12/33] chore: bump @npmcli/template-oss from 4.11.3 to 4.11.4 Bumps [@npmcli/template-oss](https://github.com/npm/template-oss) from 4.11.3 to 4.11.4. - [Release notes](https://github.com/npm/template-oss/releases) - [Changelog](https://github.com/npm/template-oss/blob/main/CHANGELOG.md) - [Commits](https://github.com/npm/template-oss/compare/v4.11.3...v4.11.4) --- updated-dependencies: - dependency-name: @npmcli/template-oss dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 4d809bd..d93bb17 100644 --- a/package.json +++ b/package.json @@ -28,7 +28,7 @@ "license": "MIT", "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.11.3", + "@npmcli/template-oss": "4.11.4", "tap": "^16.3.0" }, "tap": { From e913f25918cf3627add8ed89aaecbdbf4ff466b3 Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Wed, 8 Feb 2023 10:09:22 -0700 Subject: [PATCH 13/33] chore: postinstall for dependabot template-oss PR --- .github/workflows/release.yml | 23 +++++++++++++++++------ package.json | 2 +- 2 files changed, 18 insertions(+), 7 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index f6daab5..f9299c9 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -4,6 +4,10 @@ name: Release on: workflow_dispatch: + inputs: + release-pr: + description: a release PR number to rerun release jobs on + type: string push: branches: - main @@ -53,7 +57,7 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | - npx --offline template-oss-release-please ${{ github.ref_name }} ${{ github.event_name }} + npx --offline template-oss-release-please "${{ github.ref_name }}" "${{ inputs.release-pr }}" - name: Post Pull Request Comment if: steps.release.outputs.pr-number uses: actions/github-script@v6 @@ -76,7 +80,7 @@ jobs: body += `Release workflow run: ${workflow.html_url}\n\n#### Force CI to Update This Release\n\n` body += `This PR will be updated and CI will run for every non-\`chore:\` commit that is pushed to \`main\`. ` body += `To force CI to update this PR, run this command:\n\n` - body += `\`\`\`\ngh workflow run release.yml -r ${REF_NAME} -R ${owner}/${repo}\n\`\`\`` + body += `\`\`\`\ngh workflow run release.yml -r ${REF_NAME} -R ${owner}/${repo} -f release-pr=${issue_number}\n\`\`\`` if (commentId) { await github.rest.issues.updateComment({ owner, repo, comment_id: commentId, body }) @@ -291,14 +295,17 @@ jobs: } const comments = await github.paginate(github.rest.issues.listComments, { owner, repo, issue_number }) - const releaseComments = comments.filter(c => c.user.login === 'github-actions[bot]' && c.body.includes('Release is at')) + .then(cs => cs.map(c => ({ id: c.id, login: c.user.login, body: c.body }))) + console.log(`Found comments: ${JSON.stringify(comments, null, 2)}`) + const releaseComments = comments.filter(c => c.login === 'github-actions[bot]' && c.body.includes('Release is at')) for (const comment of releaseComments) { + console.log(`Release comment: ${JSON.stringify(comment, null, 2)}`) await github.rest.issues.deleteComment({ owner, repo, comment_id: comment.id }) } const runUrl = `https://github.com/${owner}/${repo}/actions/runs/${runId}` - await github.rest.issues.createComment({ + await github.rest.issues.createComment({ owner, repo, issue_number, @@ -378,10 +385,14 @@ jobs: with: script: | const { PR_NUMBER: issue_number, RESULT } = process.env - const { repo: { owner, repo } } = context + const { runId, repo: { owner, repo } } = context const comments = await github.paginate(github.rest.issues.listComments, { owner, repo, issue_number }) - const updateComment = comments.find(c => c.user.login === 'github-actions[bot]' && c.body.startsWith('## Release Workflow\n\n')) + const updateComment = comments.find(c => + c.user.login === 'github-actions[bot]' && + c.body.startsWith('## Release Workflow\n\n') && + c.body.includes(runId) + ) if (updateComment) { console.log('Found comment to update:', JSON.stringify(updateComment, null, 2)) diff --git a/package.json b/package.json index d93bb17..0d7bcca 100644 --- a/package.json +++ b/package.json @@ -43,6 +43,6 @@ }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.11.3" + "version": "4.11.4" } } From eca0b938842c4eee0a10d95e21678ac7c4208fd4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 2 Mar 2023 21:07:45 +0000 Subject: [PATCH 14/33] chore: bump @npmcli/template-oss from 4.11.4 to 4.12.0 Bumps [@npmcli/template-oss](https://github.com/npm/template-oss) from 4.11.4 to 4.12.0. - [Release notes](https://github.com/npm/template-oss/releases) - [Changelog](https://github.com/npm/template-oss/blob/main/CHANGELOG.md) - [Commits](https://github.com/npm/template-oss/compare/v4.11.4...v4.12.0) --- updated-dependencies: - dependency-name: @npmcli/template-oss dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 0d7bcca..9957c35 100644 --- a/package.json +++ b/package.json @@ -28,7 +28,7 @@ "license": "MIT", "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.11.4", + "@npmcli/template-oss": "4.12.0", "tap": "^16.3.0" }, "tap": { From 3706ff6a7f4d6a23b85a53ff385549285b677f14 Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Tue, 7 Mar 2023 17:23:57 -0700 Subject: [PATCH 15/33] chore: postinstall for dependabot template-oss PR --- .github/workflows/post-dependabot.yml | 8 ++++---- .github/workflows/release.yml | 10 +++++----- SECURITY.md | 3 +-- package.json | 2 +- 4 files changed, 11 insertions(+), 12 deletions(-) diff --git a/.github/workflows/post-dependabot.yml b/.github/workflows/post-dependabot.yml index 19902bd..ce38340 100644 --- a/.github/workflows/post-dependabot.yml +++ b/.github/workflows/post-dependabot.yml @@ -48,11 +48,11 @@ jobs: run: | dependabot_dir="${{ steps.metadata.outputs.directory }}" if [[ "$dependabot_dir" == "/" ]]; then - echo "::set-output name=workspace::-iwr" + echo "workspace=-iwr" >> $GITHUB_OUTPUT else # strip leading slash from directory so it works as a # a path to the workspace flag - echo "::set-output name=workspace::-w ${dependabot_dir#/}" + echo "workspace=-w ${dependabot_dir#/}" >> $GITHUB_OUTPUT fi - name: Apply Changes @@ -61,7 +61,7 @@ jobs: run: | npm run template-oss-apply ${{ steps.flags.outputs.workspace }} if [[ `git status --porcelain` ]]; then - echo "::set-output name=changes::true" + echo "changes=true" >> $GITHUB_OUTPUT fi # This only sets the conventional commit prefix. This workflow can't reliably determine # what the breaking change is though. If a BREAKING CHANGE message is required then @@ -71,7 +71,7 @@ jobs: else prefix='chore' fi - echo "::set-output name=message::$prefix: postinstall for dependabot template-oss PR" + echo "message=$prefix: postinstall for dependabot template-oss PR" >> $GITHUB_OUTPUT # This step will fail if template-oss has made any workflow updates. It is impossible # for a workflow to update other workflows. In the case it does fail, we continue diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index f9299c9..780bcc9 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -180,7 +180,7 @@ jobs: run: | git commit --all --amend --no-edit || true git push --force-with-lease - echo "::set-output name=sha::$(git rev-parse HEAD)" + echo "sha=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT - name: Get Workflow Job uses: actions/github-script@v6 if: steps.commit.outputs.sha @@ -261,7 +261,7 @@ jobs: else result="success" fi - echo "::set-output name=result::$result" + echo "result=$result" >> $GITHUB_OUTPUT - name: Conclude Check uses: LouisBrunner/checks-action@v1.3.1 if: needs.update.outputs.check-id && always() @@ -368,7 +368,6 @@ jobs: - name: Get Needs Result id: needs-result run: | - result="" if [[ "${{ contains(needs.*.result, 'failure') }}" == "true" ]]; then result="x" elif [[ "${{ contains(needs.*.result, 'cancelled') }}" == "true" ]]; then @@ -376,7 +375,7 @@ jobs: else result="white_check_mark" fi - echo "::set-output name=result::$result" + echo "result=$result" >> $GITHUB_OUTPUT - name: Update Release PR Comment uses: actions/github-script@v6 env: @@ -397,7 +396,8 @@ jobs: if (updateComment) { console.log('Found comment to update:', JSON.stringify(updateComment, null, 2)) let body = updateComment.body.replace(/Workflow run: :[a-z_]+:/, `Workflow run: :${RESULT}:`) - if (RESULT === 'x') { + const tagCodeowner = RESULT !== 'white_check_mark' + if (tagCodeowner) { body += `\n\n:rotating_light:` body += ` @npm/cli-team: The post-release workflow failed for this release.` body += ` Manual steps may need to be taken after examining the workflow output` diff --git a/SECURITY.md b/SECURITY.md index 4e7c26c..9cd2dea 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -4,11 +4,10 @@ GitHub takes the security of our software products and services seriously, inclu If you believe you have found a security vulnerability in this GitHub-owned open source repository, you can report it to us in one of two ways. -If the vulnerability you have found is *not* [in scope for the GitHub Bug Bounty Program](https://bounty.github.com/#scope) or if you do not wish to be considered for a bounty reward, please report the issue to us directly using [private vulnerability reporting](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability). +If the vulnerability you have found is *not* [in scope for the GitHub Bug Bounty Program](https://bounty.github.com/#scope) or if you do not wish to be considered for a bounty reward, please report the issue to us directly through [opensource-security@github.com](mailto:opensource-security@github.com). If the vulnerability you have found is [in scope for the GitHub Bug Bounty Program](https://bounty.github.com/#scope) and you would like for your finding to be considered for a bounty reward, please submit the vulnerability to us through [HackerOne](https://hackerone.com/github) in order to be eligible to receive a bounty award. **Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests.** Thanks for helping make GitHub safe for everyone. - diff --git a/package.json b/package.json index 9957c35..e642ab9 100644 --- a/package.json +++ b/package.json @@ -43,6 +43,6 @@ }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.11.4" + "version": "4.12.0" } } From 11311d8d9ed24050af0857c6eb50441dc30d8b6a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 17 Apr 2023 10:59:48 -0700 Subject: [PATCH 16/33] chore: bump @npmcli/template-oss from 4.12.0 to 4.12.1 (#14) * chore: bump @npmcli/template-oss from 4.12.0 to 4.12.1 Bumps [@npmcli/template-oss](https://github.com/npm/template-oss) from 4.12.0 to 4.12.1. - [Release notes](https://github.com/npm/template-oss/releases) - [Changelog](https://github.com/npm/template-oss/blob/main/CHANGELOG.md) - [Commits](https://github.com/npm/template-oss/compare/v4.12.0...v4.12.1) --- updated-dependencies: - dependency-name: "@npmcli/template-oss" dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] * chore: postinstall for dependabot template-oss PR --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: npm CLI robot --- package.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/package.json b/package.json index e642ab9..ce29514 100644 --- a/package.json +++ b/package.json @@ -28,7 +28,7 @@ "license": "MIT", "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.12.0", + "@npmcli/template-oss": "4.12.1", "tap": "^16.3.0" }, "tap": { @@ -43,6 +43,6 @@ }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.12.0" + "version": "4.12.1" } } From 6f4b8475596e81e1c2047ec58e0ca946c899eef6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 17 Apr 2023 11:19:54 -0700 Subject: [PATCH 17/33] chore: bump @npmcli/template-oss from 4.12.1 to 4.13.0 (#15) * chore: bump @npmcli/template-oss from 4.12.1 to 4.13.0 Bumps [@npmcli/template-oss](https://github.com/npm/template-oss) from 4.12.1 to 4.13.0. - [Release notes](https://github.com/npm/template-oss/releases) - [Changelog](https://github.com/npm/template-oss/blob/main/CHANGELOG.md) - [Commits](https://github.com/npm/template-oss/compare/v4.12.1...v4.13.0) --- updated-dependencies: - dependency-name: "@npmcli/template-oss" dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] * chore: postinstall for dependabot template-oss PR * chore: postinstall for dependabot template-oss PR --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: npm CLI robot Co-authored-by: nlf --- .github/workflows/release.yml | 2 +- package.json | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 780bcc9..3dc197f 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -171,7 +171,7 @@ jobs: RELEASE_COMMENT_ID: ${{ needs.release.outputs.comment-id }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | - npm exec --offline -- template-oss-release-manager --lockfile=false + npm exec --offline -- template-oss-release-manager --lockfile=false --publish=false npm run rp-pull-request --ignore-scripts --if-present - name: Commit id: commit diff --git a/package.json b/package.json index ce29514..67f8f23 100644 --- a/package.json +++ b/package.json @@ -28,7 +28,7 @@ "license": "MIT", "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.12.1", + "@npmcli/template-oss": "4.13.0", "tap": "^16.3.0" }, "tap": { @@ -43,6 +43,6 @@ }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.12.1" + "version": "4.13.0" } } From eb265fe0a8ab61638be4fc4498c7127d10635b7b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 24 Apr 2023 12:35:26 -0700 Subject: [PATCH 18/33] chore: bump @npmcli/template-oss from 4.13.0 to 4.14.1 (#16) * chore: bump @npmcli/template-oss from 4.13.0 to 4.14.1 Bumps [@npmcli/template-oss](https://github.com/npm/template-oss) from 4.13.0 to 4.14.1. - [Release notes](https://github.com/npm/template-oss/releases) - [Changelog](https://github.com/npm/template-oss/blob/main/CHANGELOG.md) - [Commits](https://github.com/npm/template-oss/compare/v4.13.0...v4.14.1) --- updated-dependencies: - dependency-name: "@npmcli/template-oss" dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] * chore: postinstall for dependabot template-oss PR --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: npm CLI robot --- package.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/package.json b/package.json index 67f8f23..9621eca 100644 --- a/package.json +++ b/package.json @@ -28,7 +28,7 @@ "license": "MIT", "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.13.0", + "@npmcli/template-oss": "4.14.1", "tap": "^16.3.0" }, "tap": { @@ -43,6 +43,6 @@ }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.13.0" + "version": "4.14.1" } } From 00ab93ae5b179f4ba247cad68b6a3f49d1a9f000 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 3 May 2023 21:02:07 +0000 Subject: [PATCH 19/33] chore: bump @npmcli/template-oss from 4.14.1 to 4.15.1 Bumps [@npmcli/template-oss](https://github.com/npm/template-oss) from 4.14.1 to 4.15.1. - [Release notes](https://github.com/npm/template-oss/releases) - [Changelog](https://github.com/npm/template-oss/blob/main/CHANGELOG.md) - [Commits](https://github.com/npm/template-oss/compare/v4.14.1...v4.15.1) --- updated-dependencies: - dependency-name: @npmcli/template-oss dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 9621eca..b5fb937 100644 --- a/package.json +++ b/package.json @@ -28,7 +28,7 @@ "license": "MIT", "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.14.1", + "@npmcli/template-oss": "4.15.1", "tap": "^16.3.0" }, "tap": { From e9319f7666902f2cedbf1b98243c0724479e483b Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Wed, 31 May 2023 12:24:20 -0700 Subject: [PATCH 20/33] chore: postinstall for dependabot template-oss PR --- .github/settings.yml | 26 ++++++++++++++++ .github/workflows/ci-release.yml | 8 ++--- .github/workflows/pull-request.yml | 4 ++- .github/workflows/release.yml | 8 ++--- .gitignore | 1 + CONTRIBUTING.md | 50 ++++++++++++++++++++++++++++++ package.json | 2 +- 7 files changed, 89 insertions(+), 10 deletions(-) create mode 100644 .github/settings.yml create mode 100644 CONTRIBUTING.md diff --git a/.github/settings.yml b/.github/settings.yml new file mode 100644 index 0000000..107aa0a --- /dev/null +++ b/.github/settings.yml @@ -0,0 +1,26 @@ +# This file is automatically added by @npmcli/template-oss. Do not edit. + +repository: + allow_merge_commit: false + allow_rebase_merge: true + allow_squash_merge: true + squash_merge_commit_title: PR_TITLE + squash_merge_commit_message: PR_BODY + delete_branch_on_merge: true + enable_automated_security_fixes: true + enable_vulnerability_alerts: true + +branches: + - name: main + protection: + required_status_checks: null + enforce_admins: true + required_pull_request_reviews: + required_approving_review_count: 1 + require_code_owner_reviews: true + require_last_push_approval: true + dismiss_stale_reviews: true + restrictions: + apps: [] + users: [] + teams: [ "cli-team" ] diff --git a/.github/workflows/ci-release.yml b/.github/workflows/ci-release.yml index 6e80aa6..88e7905 100644 --- a/.github/workflows/ci-release.yml +++ b/.github/workflows/ci-release.yml @@ -61,7 +61,7 @@ jobs: return { summary } - name: Create Check - uses: LouisBrunner/checks-action@v1.3.1 + uses: LouisBrunner/checks-action@v1.6.0 id: check if: inputs.check-sha with: @@ -93,7 +93,7 @@ jobs: - name: Post Lint run: npm run postlint --ignore-scripts - name: Conclude Check - uses: LouisBrunner/checks-action@v1.3.1 + uses: LouisBrunner/checks-action@v1.6.0 if: steps.check.outputs.check_id && always() with: token: ${{ secrets.GITHUB_TOKEN }} @@ -162,7 +162,7 @@ jobs: return { summary } - name: Create Check - uses: LouisBrunner/checks-action@v1.3.1 + uses: LouisBrunner/checks-action@v1.6.0 id: check if: inputs.check-sha with: @@ -208,7 +208,7 @@ jobs: - name: Test run: npm test --ignore-scripts - name: Conclude Check - uses: LouisBrunner/checks-action@v1.3.1 + uses: LouisBrunner/checks-action@v1.6.0 if: steps.check.outputs.check_id && always() with: token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml index 99877da..721ea3c 100644 --- a/.github/workflows/pull-request.yml +++ b/.github/workflows/pull-request.yml @@ -44,5 +44,7 @@ jobs: npx --offline commitlint -V --from 'origin/${{ github.base_ref }}' --to ${{ github.event.pull_request.head.sha }} - name: Run Commitlint on PR Title if: steps.commit.outcome == 'failure' + env: + PR_TITLE: ${{ github.event.pull_request.title }} run: | - echo '${{ github.event.pull_request.title }}' | npx --offline commitlint -V + echo '$PR_TITLE' | npx --offline commitlint -V diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 3dc197f..a5994ea 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -124,7 +124,7 @@ jobs: return { summary } - name: Create Check - uses: LouisBrunner/checks-action@v1.3.1 + uses: LouisBrunner/checks-action@v1.6.0 id: check if: steps.release.outputs.pr-sha with: @@ -215,7 +215,7 @@ jobs: return { summary } - name: Create Check - uses: LouisBrunner/checks-action@v1.3.1 + uses: LouisBrunner/checks-action@v1.6.0 id: check if: steps.commit.outputs.sha with: @@ -225,7 +225,7 @@ jobs: sha: ${{ steps.commit.outputs.sha }} output: ${{ steps.check-output.outputs.result }} - name: Conclude Check - uses: LouisBrunner/checks-action@v1.3.1 + uses: LouisBrunner/checks-action@v1.6.0 if: needs.release.outputs.check-id && always() with: token: ${{ secrets.GITHUB_TOKEN }} @@ -263,7 +263,7 @@ jobs: fi echo "result=$result" >> $GITHUB_OUTPUT - name: Conclude Check - uses: LouisBrunner/checks-action@v1.3.1 + uses: LouisBrunner/checks-action@v1.6.0 if: needs.update.outputs.check-id && always() with: token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.gitignore b/.gitignore index 0ec3c84..b3eeced 100644 --- a/.gitignore +++ b/.gitignore @@ -15,6 +15,7 @@ !/bin/ !/CHANGELOG* !/CODE_OF_CONDUCT.md +!/CONTRIBUTING.md !/docs/ !/lib/ !/LICENSE* diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 0000000..69e8878 --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,50 @@ + + +# Contributing + +## Code of Conduct + +All interactions in the **npm** organization on GitHub are considered to be covered by our standard [Code of Conduct](https://docs.npmjs.com/policies/conduct). + +## Reporting Bugs + +Before submitting a new bug report please search for an existing or similar report. + +Use one of our existing issue templates if you believe you've come across a unique problem. + +Duplicate issues, or issues that don't use one of our templates may get closed without a response. + +## Pull Request Conventions + +### Commits + +We use [Conventional Commits](https://www.conventionalcommits.org/en/v1.0.0/). + +When opening a pull request please be sure that either the pull request title, or each commit in the pull request, has one of the following prefixes: + + - `feat`: For when introducing a new feature. The result will be a new semver minor version of the package when it is next published. + - `fix`: For bug fixes. The result will be a new semver patch version of the package when it is next published. + - `docs`: For documentation updates. The result will be a new semver patch version of the package when it is next published. + - `chore`: For changes that do not affect the published module. Often these are changes to tests. The result will be *no* change to the version of the package when it is next published (as the commit does not affect the published version). + +### Test Coverage + +Pull requests made against this repo will run `npm test` automatically. Please make sure tests pass locally before submitting a PR. + +Every new feature or bug fix should come with a corresponding test or tests that validate the solutions. Testing also reports on code coverage and will fail if code coverage drops. + +### Linting + +Linting is also done automatically once tests pass. `npm run lintfix` will fix most linting errors automatically. + +Please make sure linting passes before submitting a PR. + +## What _not_ to contribute? + +### Dependencies + +It should be noted that our team does not accept third-party dependency updates/PRs. If you submit a PR trying to update our dependencies we will close it with or without a reference to these contribution guidelines. + +### Tools/Automation + +Our core team is responsible for the maintenance of the tooling/automation in this project and we ask contributors to not make changes to these when contributing (e.g. `.github/*`, `.eslintrc.json`, `.licensee.json`). Most of those files also have a header at the top to remind folks they are automatically generated. Pull requests that alter these will not be accepted. diff --git a/package.json b/package.json index b5fb937..a17fd42 100644 --- a/package.json +++ b/package.json @@ -43,6 +43,6 @@ }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.14.1" + "version": "4.15.1" } } From dfc6c65133c4c47d055a17c32332138d7c4c7b0e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 5 Jul 2023 20:45:28 +0000 Subject: [PATCH 21/33] chore: bump @npmcli/template-oss from 4.15.1 to 4.17.0 Bumps [@npmcli/template-oss](https://github.com/npm/template-oss) from 4.15.1 to 4.17.0. - [Release notes](https://github.com/npm/template-oss/releases) - [Changelog](https://github.com/npm/template-oss/blob/main/CHANGELOG.md) - [Commits](https://github.com/npm/template-oss/compare/v4.15.1...v4.17.0) --- updated-dependencies: - dependency-name: @npmcli/template-oss dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index a17fd42..daa3ef8 100644 --- a/package.json +++ b/package.json @@ -28,7 +28,7 @@ "license": "MIT", "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.15.1", + "@npmcli/template-oss": "4.17.0", "tap": "^16.3.0" }, "tap": { From eddbe64265deaab32b5d6fdc700c45aaa767692b Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Wed, 12 Jul 2023 11:35:01 -0700 Subject: [PATCH 22/33] chore: postinstall for dependabot template-oss PR --- .github/settings.yml | 26 ++++++++++++++++++++++++++ .github/workflows/ci.yml | 1 + .github/workflows/codeql-analysis.yml | 2 ++ .github/workflows/release.yml | 2 +- package.json | 2 +- 5 files changed, 31 insertions(+), 2 deletions(-) diff --git a/.github/settings.yml b/.github/settings.yml index 107aa0a..adbef7e 100644 --- a/.github/settings.yml +++ b/.github/settings.yml @@ -24,3 +24,29 @@ branches: apps: [] users: [] teams: [ "cli-team" ] + - name: latest + protection: + required_status_checks: null + enforce_admins: true + required_pull_request_reviews: + required_approving_review_count: 1 + require_code_owner_reviews: true + require_last_push_approval: true + dismiss_stale_reviews: true + restrictions: + apps: [] + users: [] + teams: [ "cli-team" ] + - name: release/v* + protection: + required_status_checks: null + enforce_admins: true + required_pull_request_reviews: + required_approving_review_count: 1 + require_code_owner_reviews: true + require_last_push_approval: true + dismiss_stale_reviews: true + restrictions: + apps: [] + users: [] + teams: [ "cli-team" ] diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 9cc149d..5762610 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -9,6 +9,7 @@ on: branches: - main - latest + - release/v* schedule: # "At 09:00 UTC (02:00 PT) on Monday" https://crontab.guru/#0_9_*_*_1 - cron: "0 9 * * 1" diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 66b9498..2124487 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -7,10 +7,12 @@ on: branches: - main - latest + - release/v* pull_request: branches: - main - latest + - release/v* schedule: # "At 10:00 UTC (03:00 PT) on Monday" https://crontab.guru/#0_10_*_*_1 - cron: "0 10 * * 1" diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index a5994ea..7836b29 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -78,7 +78,7 @@ jobs: let commentId = comments.find(c => c.user.login === 'github-actions[bot]' && c.body.startsWith(body))?.id body += `Release workflow run: ${workflow.html_url}\n\n#### Force CI to Update This Release\n\n` - body += `This PR will be updated and CI will run for every non-\`chore:\` commit that is pushed to \`main\`. ` + body += `This PR will be updated and CI will run for every non-\`chore:\` commit that is pushed to \`${REF_NAME}\`. ` body += `To force CI to update this PR, run this command:\n\n` body += `\`\`\`\ngh workflow run release.yml -r ${REF_NAME} -R ${owner}/${repo} -f release-pr=${issue_number}\n\`\`\`` diff --git a/package.json b/package.json index daa3ef8..d292085 100644 --- a/package.json +++ b/package.json @@ -43,6 +43,6 @@ }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.15.1" + "version": "4.17.0" } } From d77789bfdd14116024c322410701e86f0e499646 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 18 Jul 2023 20:26:48 +0000 Subject: [PATCH 23/33] chore: bump @npmcli/template-oss from 4.17.0 to 4.18.0 Bumps [@npmcli/template-oss](https://github.com/npm/template-oss) from 4.17.0 to 4.18.0. - [Release notes](https://github.com/npm/template-oss/releases) - [Changelog](https://github.com/npm/template-oss/blob/main/CHANGELOG.md) - [Commits](https://github.com/npm/template-oss/compare/v4.17.0...v4.18.0) --- updated-dependencies: - dependency-name: @npmcli/template-oss dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index d292085..a57e2e6 100644 --- a/package.json +++ b/package.json @@ -28,7 +28,7 @@ "license": "MIT", "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.17.0", + "@npmcli/template-oss": "4.18.0", "tap": "^16.3.0" }, "tap": { From 02128764b78f39843292582f77ea67999f4b1e5f Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Wed, 19 Jul 2023 08:10:17 -0700 Subject: [PATCH 24/33] chore: postinstall for dependabot template-oss PR --- .github/dependabot.yml | 1 + .github/settings.yml | 27 +-------------------------- .github/workflows/ci-release.yml | 2 +- .github/workflows/ci.yml | 2 -- .github/workflows/codeql-analysis.yml | 4 ---- .github/workflows/pull-request.yml | 2 +- .github/workflows/release.yml | 2 -- package.json | 2 +- 8 files changed, 5 insertions(+), 37 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 8da2a45..22c0a80 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -7,6 +7,7 @@ updates: directory: / schedule: interval: daily + target-branch: "latest" allow: - dependency-type: direct versioning-strategy: increase-if-necessary diff --git a/.github/settings.yml b/.github/settings.yml index adbef7e..1328d3b 100644 --- a/.github/settings.yml +++ b/.github/settings.yml @@ -11,36 +11,11 @@ repository: enable_vulnerability_alerts: true branches: - - name: main - protection: - required_status_checks: null - enforce_admins: true - required_pull_request_reviews: - required_approving_review_count: 1 - require_code_owner_reviews: true - require_last_push_approval: true - dismiss_stale_reviews: true - restrictions: - apps: [] - users: [] - teams: [ "cli-team" ] - name: latest protection: required_status_checks: null enforce_admins: true - required_pull_request_reviews: - required_approving_review_count: 1 - require_code_owner_reviews: true - require_last_push_approval: true - dismiss_stale_reviews: true - restrictions: - apps: [] - users: [] - teams: [ "cli-team" ] - - name: release/v* - protection: - required_status_checks: null - enforce_admins: true + block_creations: true required_pull_request_reviews: required_approving_review_count: 1 require_code_owner_reviews: true diff --git a/.github/workflows/ci-release.yml b/.github/workflows/ci-release.yml index 88e7905..6053821 100644 --- a/.github/workflows/ci-release.yml +++ b/.github/workflows/ci-release.yml @@ -8,7 +8,7 @@ on: ref: required: true type: string - default: main + default: latest workflow_call: inputs: ref: diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 5762610..8c18f3f 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -7,9 +7,7 @@ on: pull_request: push: branches: - - main - latest - - release/v* schedule: # "At 09:00 UTC (02:00 PT) on Monday" https://crontab.guru/#0_9_*_*_1 - cron: "0 9 * * 1" diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 2124487..a233cd9 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -5,14 +5,10 @@ name: CodeQL on: push: branches: - - main - latest - - release/v* pull_request: branches: - - main - latest - - release/v* schedule: # "At 10:00 UTC (03:00 PT) on Monday" https://crontab.guru/#0_10_*_*_1 - cron: "0 10 * * 1" diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml index 721ea3c..b2c2479 100644 --- a/.github/workflows/pull-request.yml +++ b/.github/workflows/pull-request.yml @@ -47,4 +47,4 @@ jobs: env: PR_TITLE: ${{ github.event.pull_request.title }} run: | - echo '$PR_TITLE' | npx --offline commitlint -V + echo "$PR_TITLE" | npx --offline commitlint -V diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 7836b29..74bbcd1 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -10,9 +10,7 @@ on: type: string push: branches: - - main - latest - - release/v* permissions: contents: write diff --git a/package.json b/package.json index a57e2e6..7119978 100644 --- a/package.json +++ b/package.json @@ -43,6 +43,6 @@ }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.17.0" + "version": "4.18.0" } } From 4f63505715cbd9e4219442e26cd3c0dd8be3f778 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 12 Sep 2023 20:07:54 +0000 Subject: [PATCH 25/33] chore: bump @npmcli/template-oss from 4.18.0 to 4.18.1 Bumps [@npmcli/template-oss](https://github.com/npm/template-oss) from 4.18.0 to 4.18.1. - [Release notes](https://github.com/npm/template-oss/releases) - [Changelog](https://github.com/npm/template-oss/blob/main/CHANGELOG.md) - [Commits](https://github.com/npm/template-oss/compare/v4.18.0...v4.18.1) --- updated-dependencies: - dependency-name: @npmcli/template-oss dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 7119978..6fb7068 100644 --- a/package.json +++ b/package.json @@ -28,7 +28,7 @@ "license": "MIT", "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.18.0", + "@npmcli/template-oss": "4.18.1", "tap": "^16.3.0" }, "tap": { From 25d9898034a1641a5bd3aa34446838a7932ee954 Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Tue, 12 Sep 2023 17:42:25 -0700 Subject: [PATCH 26/33] chore: postinstall for dependabot template-oss PR --- .github/workflows/audit.yml | 46 ++++++++- .github/workflows/ci-release.yml | 90 +++++++++++++++-- .github/workflows/ci.yml | 90 +++++++++++++++-- .github/workflows/post-dependabot.yml | 46 ++++++++- .github/workflows/pull-request.yml | 46 ++++++++- .github/workflows/release.yml | 138 +++++++++++++++++++++++++- package.json | 2 +- 7 files changed, 435 insertions(+), 23 deletions(-) diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index 62892f9..2555c28 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -25,10 +25,54 @@ jobs: git config --global user.name "npm CLI robot" - name: Setup Node uses: actions/setup-node@v3 + id: node with: node-version: 18.x - - name: Install npm@latest + check-latest: contains('18.x', '.x') + + # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows + - name: Update Windows npm + if: | + matrix.platform.os == 'windows-latest' && ( + startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') + ) + run: | + curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz + tar xf npm-7.5.4.tgz + cd package + node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz + cd .. + rmdir /s /q package + + # Start on Node 10 because we dont test on anything lower + - name: Install npm@7 on Node 10 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v10.') + id: npm-7 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@7 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@8 on Node 12 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v12.') + id: npm-8 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@8 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@9 on Node 14/16/18.0 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') + id: npm-9 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@9 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@latest on Node + if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} run: npm i --prefer-online --no-fund --no-audit -g npm@latest + - name: npm Version run: npm -v - name: Install Dependencies diff --git a/.github/workflows/ci-release.yml b/.github/workflows/ci-release.yml index 6053821..fbfa4d5 100644 --- a/.github/workflows/ci-release.yml +++ b/.github/workflows/ci-release.yml @@ -80,10 +80,54 @@ jobs: git config --global user.name "npm CLI robot" - name: Setup Node uses: actions/setup-node@v3 + id: node with: node-version: 18.x - - name: Install npm@latest + check-latest: contains('18.x', '.x') + + # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows + - name: Update Windows npm + if: | + matrix.platform.os == 'windows-latest' && ( + startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') + ) + run: | + curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz + tar xf npm-7.5.4.tgz + cd package + node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz + cd .. + rmdir /s /q package + + # Start on Node 10 because we dont test on anything lower + - name: Install npm@7 on Node 10 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v10.') + id: npm-7 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@7 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@8 on Node 12 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v12.') + id: npm-8 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@8 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@9 on Node 14/16/18.0 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') + id: npm-9 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@9 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@latest on Node + if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} run: npm i --prefer-online --no-fund --no-audit -g npm@latest + - name: npm Version run: npm -v - name: Install Dependencies @@ -181,11 +225,17 @@ jobs: git config --global user.name "npm CLI robot" - name: Setup Node uses: actions/setup-node@v3 + id: node with: node-version: ${{ matrix.node-version }} + check-latest: contains(matrix.node-version, '.x') + + # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows - name: Update Windows npm - # node 12 and 14 ship with npm@6, which is known to fail when updating itself in windows - if: matrix.platform.os == 'windows-latest' && (startsWith(matrix.node-version, '12.') || startsWith(matrix.node-version, '14.')) + if: | + matrix.platform.os == 'windows-latest' && ( + startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') + ) run: | curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz tar xf npm-7.5.4.tgz @@ -193,12 +243,36 @@ jobs: node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz cd .. rmdir /s /q package - - name: Install npm@7 - if: startsWith(matrix.node-version, '10.') - run: npm i --prefer-online --no-fund --no-audit -g npm@7 - - name: Install npm@latest - if: ${{ !startsWith(matrix.node-version, '10.') }} + + # Start on Node 10 because we dont test on anything lower + - name: Install npm@7 on Node 10 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v10.') + id: npm-7 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@7 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@8 on Node 12 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v12.') + id: npm-8 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@8 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@9 on Node 14/16/18.0 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') + id: npm-9 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@9 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@latest on Node + if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} run: npm i --prefer-online --no-fund --no-audit -g npm@latest + - name: npm Version run: npm -v - name: Install Dependencies diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 8c18f3f..e61dee5 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -29,10 +29,54 @@ jobs: git config --global user.name "npm CLI robot" - name: Setup Node uses: actions/setup-node@v3 + id: node with: node-version: 18.x - - name: Install npm@latest + check-latest: contains('18.x', '.x') + + # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows + - name: Update Windows npm + if: | + matrix.platform.os == 'windows-latest' && ( + startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') + ) + run: | + curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz + tar xf npm-7.5.4.tgz + cd package + node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz + cd .. + rmdir /s /q package + + # Start on Node 10 because we dont test on anything lower + - name: Install npm@7 on Node 10 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v10.') + id: npm-7 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@7 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@8 on Node 12 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v12.') + id: npm-8 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@8 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@9 on Node 14/16/18.0 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') + id: npm-9 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@9 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@latest on Node + if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} run: npm i --prefer-online --no-fund --no-audit -g npm@latest + - name: npm Version run: npm -v - name: Install Dependencies @@ -78,11 +122,17 @@ jobs: git config --global user.name "npm CLI robot" - name: Setup Node uses: actions/setup-node@v3 + id: node with: node-version: ${{ matrix.node-version }} + check-latest: contains(matrix.node-version, '.x') + + # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows - name: Update Windows npm - # node 12 and 14 ship with npm@6, which is known to fail when updating itself in windows - if: matrix.platform.os == 'windows-latest' && (startsWith(matrix.node-version, '12.') || startsWith(matrix.node-version, '14.')) + if: | + matrix.platform.os == 'windows-latest' && ( + startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') + ) run: | curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz tar xf npm-7.5.4.tgz @@ -90,12 +140,36 @@ jobs: node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz cd .. rmdir /s /q package - - name: Install npm@7 - if: startsWith(matrix.node-version, '10.') - run: npm i --prefer-online --no-fund --no-audit -g npm@7 - - name: Install npm@latest - if: ${{ !startsWith(matrix.node-version, '10.') }} + + # Start on Node 10 because we dont test on anything lower + - name: Install npm@7 on Node 10 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v10.') + id: npm-7 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@7 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@8 on Node 12 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v12.') + id: npm-8 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@8 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@9 on Node 14/16/18.0 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') + id: npm-9 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@9 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@latest on Node + if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} run: npm i --prefer-online --no-fund --no-audit -g npm@latest + - name: npm Version run: npm -v - name: Install Dependencies diff --git a/.github/workflows/post-dependabot.yml b/.github/workflows/post-dependabot.yml index ce38340..c889883 100644 --- a/.github/workflows/post-dependabot.yml +++ b/.github/workflows/post-dependabot.yml @@ -26,10 +26,54 @@ jobs: git config --global user.name "npm CLI robot" - name: Setup Node uses: actions/setup-node@v3 + id: node with: node-version: 18.x - - name: Install npm@latest + check-latest: contains('18.x', '.x') + + # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows + - name: Update Windows npm + if: | + matrix.platform.os == 'windows-latest' && ( + startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') + ) + run: | + curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz + tar xf npm-7.5.4.tgz + cd package + node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz + cd .. + rmdir /s /q package + + # Start on Node 10 because we dont test on anything lower + - name: Install npm@7 on Node 10 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v10.') + id: npm-7 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@7 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@8 on Node 12 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v12.') + id: npm-8 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@8 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@9 on Node 14/16/18.0 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') + id: npm-9 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@9 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@latest on Node + if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} run: npm i --prefer-online --no-fund --no-audit -g npm@latest + - name: npm Version run: npm -v - name: Install Dependencies diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml index b2c2479..aac7cb6 100644 --- a/.github/workflows/pull-request.yml +++ b/.github/workflows/pull-request.yml @@ -29,10 +29,54 @@ jobs: git config --global user.name "npm CLI robot" - name: Setup Node uses: actions/setup-node@v3 + id: node with: node-version: 18.x - - name: Install npm@latest + check-latest: contains('18.x', '.x') + + # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows + - name: Update Windows npm + if: | + matrix.platform.os == 'windows-latest' && ( + startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') + ) + run: | + curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz + tar xf npm-7.5.4.tgz + cd package + node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz + cd .. + rmdir /s /q package + + # Start on Node 10 because we dont test on anything lower + - name: Install npm@7 on Node 10 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v10.') + id: npm-7 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@7 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@8 on Node 12 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v12.') + id: npm-8 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@8 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@9 on Node 14/16/18.0 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') + id: npm-9 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@9 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@latest on Node + if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} run: npm i --prefer-online --no-fund --no-audit -g npm@latest + - name: npm Version run: npm -v - name: Install Dependencies diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 74bbcd1..a9543d0 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -42,10 +42,54 @@ jobs: git config --global user.name "npm CLI robot" - name: Setup Node uses: actions/setup-node@v3 + id: node with: node-version: 18.x - - name: Install npm@latest + check-latest: contains('18.x', '.x') + + # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows + - name: Update Windows npm + if: | + matrix.platform.os == 'windows-latest' && ( + startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') + ) + run: | + curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz + tar xf npm-7.5.4.tgz + cd package + node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz + cd .. + rmdir /s /q package + + # Start on Node 10 because we dont test on anything lower + - name: Install npm@7 on Node 10 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v10.') + id: npm-7 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@7 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@8 on Node 12 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v12.') + id: npm-8 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@8 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@9 on Node 14/16/18.0 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') + id: npm-9 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@9 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@latest on Node + if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} run: npm i --prefer-online --no-fund --no-audit -g npm@latest + - name: npm Version run: npm -v - name: Install Dependencies @@ -155,10 +199,54 @@ jobs: git config --global user.name "npm CLI robot" - name: Setup Node uses: actions/setup-node@v3 + id: node with: node-version: 18.x - - name: Install npm@latest + check-latest: contains('18.x', '.x') + + # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows + - name: Update Windows npm + if: | + matrix.platform.os == 'windows-latest' && ( + startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') + ) + run: | + curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz + tar xf npm-7.5.4.tgz + cd package + node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz + cd .. + rmdir /s /q package + + # Start on Node 10 because we dont test on anything lower + - name: Install npm@7 on Node 10 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v10.') + id: npm-7 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@7 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@8 on Node 12 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v12.') + id: npm-8 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@8 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@9 on Node 14/16/18.0 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') + id: npm-9 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@9 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@latest on Node + if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} run: npm i --prefer-online --no-fund --no-audit -g npm@latest + - name: npm Version run: npm -v - name: Install Dependencies @@ -321,10 +409,54 @@ jobs: steps: - name: Setup Node uses: actions/setup-node@v3 + id: node with: node-version: 18.x - - name: Install npm@latest + check-latest: contains('18.x', '.x') + + # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows + - name: Update Windows npm + if: | + matrix.platform.os == 'windows-latest' && ( + startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') + ) + run: | + curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz + tar xf npm-7.5.4.tgz + cd package + node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz + cd .. + rmdir /s /q package + + # Start on Node 10 because we dont test on anything lower + - name: Install npm@7 on Node 10 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v10.') + id: npm-7 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@7 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@8 on Node 12 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v12.') + id: npm-8 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@8 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@9 on Node 14/16/18.0 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') + id: npm-9 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@9 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@latest on Node + if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} run: npm i --prefer-online --no-fund --no-audit -g npm@latest + - name: npm Version run: npm -v - name: View in Registry diff --git a/package.json b/package.json index 6fb7068..96aa52f 100644 --- a/package.json +++ b/package.json @@ -43,6 +43,6 @@ }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.18.0" + "version": "4.18.1" } } From c94f7242423c91568cf561747aac26e76991a783 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 15 Sep 2023 20:48:48 +0000 Subject: [PATCH 27/33] chore: bump @npmcli/template-oss from 4.18.1 to 4.19.0 Bumps [@npmcli/template-oss](https://github.com/npm/template-oss) from 4.18.1 to 4.19.0. - [Release notes](https://github.com/npm/template-oss/releases) - [Changelog](https://github.com/npm/template-oss/blob/main/CHANGELOG.md) - [Commits](https://github.com/npm/template-oss/compare/v4.18.1...v4.19.0) --- updated-dependencies: - dependency-name: @npmcli/template-oss dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 96aa52f..7c498c3 100644 --- a/package.json +++ b/package.json @@ -28,7 +28,7 @@ "license": "MIT", "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.18.1", + "@npmcli/template-oss": "4.19.0", "tap": "^16.3.0" }, "tap": { From bc6d77dd108be7a9550cb8a79ae3067d3019efe9 Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Fri, 15 Sep 2023 17:48:17 -0700 Subject: [PATCH 28/33] chore: postinstall for dependabot template-oss PR --- .github/workflows/audit.yml | 4 ++-- .github/workflows/ci-release.yml | 5 +++-- .github/workflows/ci.yml | 5 +++-- .github/workflows/post-dependabot.yml | 4 ++-- .github/workflows/pull-request.yml | 4 ++-- .github/workflows/release.yml | 12 ++++++------ package.json | 2 +- 7 files changed, 19 insertions(+), 17 deletions(-) diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index 2555c28..36f007e 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -27,8 +27,8 @@ jobs: uses: actions/setup-node@v3 id: node with: - node-version: 18.x - check-latest: contains('18.x', '.x') + node-version: 20.x + check-latest: contains('20.x', '.x') # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows - name: Update Windows npm diff --git a/.github/workflows/ci-release.yml b/.github/workflows/ci-release.yml index fbfa4d5..86ed7c2 100644 --- a/.github/workflows/ci-release.yml +++ b/.github/workflows/ci-release.yml @@ -82,8 +82,8 @@ jobs: uses: actions/setup-node@v3 id: node with: - node-version: 18.x - check-latest: contains('18.x', '.x') + node-version: 20.x + check-latest: contains('20.x', '.x') # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows - name: Update Windows npm @@ -167,6 +167,7 @@ jobs: - 16.x - 18.0.0 - 18.x + - 20.x runs-on: ${{ matrix.platform.os }} defaults: run: diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e61dee5..b491a1d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -31,8 +31,8 @@ jobs: uses: actions/setup-node@v3 id: node with: - node-version: 18.x - check-latest: contains('18.x', '.x') + node-version: 20.x + check-latest: contains('20.x', '.x') # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows - name: Update Windows npm @@ -109,6 +109,7 @@ jobs: - 16.x - 18.0.0 - 18.x + - 20.x runs-on: ${{ matrix.platform.os }} defaults: run: diff --git a/.github/workflows/post-dependabot.yml b/.github/workflows/post-dependabot.yml index c889883..c144660 100644 --- a/.github/workflows/post-dependabot.yml +++ b/.github/workflows/post-dependabot.yml @@ -28,8 +28,8 @@ jobs: uses: actions/setup-node@v3 id: node with: - node-version: 18.x - check-latest: contains('18.x', '.x') + node-version: 20.x + check-latest: contains('20.x', '.x') # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows - name: Update Windows npm diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml index aac7cb6..63a6169 100644 --- a/.github/workflows/pull-request.yml +++ b/.github/workflows/pull-request.yml @@ -31,8 +31,8 @@ jobs: uses: actions/setup-node@v3 id: node with: - node-version: 18.x - check-latest: contains('18.x', '.x') + node-version: 20.x + check-latest: contains('20.x', '.x') # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows - name: Update Windows npm diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index a9543d0..87c7be2 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -44,8 +44,8 @@ jobs: uses: actions/setup-node@v3 id: node with: - node-version: 18.x - check-latest: contains('18.x', '.x') + node-version: 20.x + check-latest: contains('20.x', '.x') # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows - name: Update Windows npm @@ -201,8 +201,8 @@ jobs: uses: actions/setup-node@v3 id: node with: - node-version: 18.x - check-latest: contains('18.x', '.x') + node-version: 20.x + check-latest: contains('20.x', '.x') # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows - name: Update Windows npm @@ -411,8 +411,8 @@ jobs: uses: actions/setup-node@v3 id: node with: - node-version: 18.x - check-latest: contains('18.x', '.x') + node-version: 20.x + check-latest: contains('20.x', '.x') # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows - name: Update Windows npm diff --git a/package.json b/package.json index 7c498c3..71bacec 100644 --- a/package.json +++ b/package.json @@ -43,6 +43,6 @@ }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.18.1" + "version": "4.19.0" } } From 1e54107648d0b9a86f6c64aac538252726e501c4 Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Sat, 16 Sep 2023 19:17:16 -0700 Subject: [PATCH 29/33] fix: refactor for new error style in node 20 --- lib/index.js | 172 ++++++++++++++++--------------- test/index.js | 276 +++++++++++++++++++++++++++++++++----------------- 2 files changed, 274 insertions(+), 174 deletions(-) diff --git a/lib/index.js b/lib/index.js index 2b9f3c2..c21dd64 100644 --- a/lib/index.js +++ b/lib/index.js @@ -1,55 +1,78 @@ 'use strict' -const hexify = char => { +const INDENT = Symbol.for('indent') +const NEWLINE = Symbol.for('newline') + +const DEFAULT_NEWLINE = '\n' +const DEFAULT_INDENT = ' ' +const BOM = /^\uFEFF/ + +// only respect indentation if we got a line break, otherwise squash it +// things other than objects and arrays aren't indented, so ignore those +// Important: in both of these regexps, the $1 capture group is the newline +// or undefined, and the $2 capture group is the indent, or undefined. +const FORMAT = /^\s*[{[]((?:\r?\n)+)([\s\t]*)/ +const EMPTY = /^(?:\{\}|\[\])((?:\r?\n)+)?$/ + +// Node 20 puts single quotes around the token and a comma after it +const UNEXPECTED_TOKEN = /^Unexpected token '?(.)'?(,)? /i + +const hexify = (char) => { const h = char.charCodeAt(0).toString(16).toUpperCase() - return '0x' + (h.length % 2 ? '0' : '') + h + return `0x${h.length % 2 ? '0' : ''}${h}` } -const parseError = (e, txt, context) => { +// Remove byte order marker. This catches EF BB BF (the UTF-8 BOM) +// because the buffer-to-string conversion in `fs.readFileSync()` +// translates it to FEFF, the UTF-16 BOM. +const stripBOM = (txt) => String(txt).replace(BOM, '') + +const makeParsedError = (msg, parsing, position = 0) => ({ + message: `${msg} while parsing ${parsing}`, + position, +}) + +const parseError = (e, txt, context = 20) => { + let msg = e.message + if (!txt) { - return { - message: e.message + ' while parsing empty string', - position: 0, - } + return makeParsedError(msg, 'empty string') } - const badToken = e.message.match(/^Unexpected token (.) .*position\s+(\d+)/i) - const errIdx = badToken ? +badToken[2] - : e.message.match(/^Unexpected end of JSON.*/i) ? txt.length - 1 - : null - const msg = badToken ? e.message.replace(/^Unexpected token ./, `Unexpected token ${ - JSON.stringify(badToken[1]) - } (${hexify(badToken[1])})`) - : e.message + const badTokenMatch = msg.match(UNEXPECTED_TOKEN) + const badIndexMatch = msg.match(/ position\s+(\d+)/i) - if (errIdx !== null && errIdx !== undefined) { - const start = errIdx <= context ? 0 - : errIdx - context + if (badTokenMatch) { + msg = msg.replace( + UNEXPECTED_TOKEN, + `Unexpected token ${JSON.stringify(badTokenMatch[1])} (${hexify(badTokenMatch[1])})$2 ` + ) + } - const end = errIdx + context >= txt.length ? txt.length - : errIdx + context + let errIdx + if (badIndexMatch) { + errIdx = +badIndexMatch[1] + } else if (msg.match(/^Unexpected end of JSON.*/i)) { + errIdx = txt.length - 1 + } - const slice = (start === 0 ? '' : '...') + - txt.slice(start, end) + - (end === txt.length ? '' : '...') + if (errIdx == null) { + return makeParsedError(msg, `'${txt.slice(0, context * 2)}'`) + } - const near = txt === slice ? '' : 'near ' + const start = errIdx <= context ? 0 : errIdx - context + const end = errIdx + context >= txt.length ? txt.length : errIdx + context + const slice = `${start ? '...' : ''}${txt.slice(start, end)}${end === txt.length ? '' : '...'}` - return { - message: msg + ` while parsing ${near}${JSON.stringify(slice)}`, - position: errIdx, - } - } else { - return { - message: msg + ` while parsing '${txt.slice(0, context * 2)}'`, - position: 0, - } - } + return makeParsedError( + msg, + `${txt === slice ? '' : 'near '}${JSON.stringify(slice)}`, + errIdx + ) } class JSONParseError extends SyntaxError { constructor (er, txt, context, caller) { - context = context || 20 const metadata = parseError(er, txt, context) super(metadata.message) Object.assign(this, metadata) @@ -63,67 +86,50 @@ class JSONParseError extends SyntaxError { } set name (n) {} + get [Symbol.toStringTag] () { return this.constructor.name } } -const kIndent = Symbol.for('indent') -const kNewline = Symbol.for('newline') -// only respect indentation if we got a line break, otherwise squash it -// things other than objects and arrays aren't indented, so ignore those -// Important: in both of these regexps, the $1 capture group is the newline -// or undefined, and the $2 capture group is the indent, or undefined. -const formatRE = /^\s*[{[]((?:\r?\n)+)([\s\t]*)/ -const emptyRE = /^(?:\{\}|\[\])((?:\r?\n)+)?$/ - -const parseJson = (txt, reviver, context) => { - const parseText = stripBOM(txt) - context = context || 20 - try { +const parseJson = (txt, reviver) => { + const result = JSON.parse(txt, reviver) + if (result && typeof result === 'object') { // get the indentation so that we can save it back nicely // if the file starts with {" then we have an indent of '', ie, none - // otherwise, pick the indentation of the next line after the first \n - // If the pattern doesn't match, then it means no indentation. - // JSON.stringify ignores symbols, so this is reasonably safe. - // if the string is '{}' or '[]', then use the default 2-space indent. - const [, newline = '\n', indent = ' '] = parseText.match(emptyRE) || - parseText.match(formatRE) || - [null, '', ''] - - const result = JSON.parse(parseText, reviver) - if (result && typeof result === 'object') { - result[kNewline] = newline - result[kIndent] = indent - } - return result + // otherwise, pick the indentation of the next line after the first \n If the + // pattern doesn't match, then it means no indentation. JSON.stringify ignores + // symbols, so this is reasonably safe. if the string is '{}' or '[]', then + // use the default 2-space indent. + const match = txt.match(EMPTY) || txt.match(FORMAT) || [null, '', ''] + result[NEWLINE] = match[1] ?? DEFAULT_NEWLINE + result[INDENT] = match[2] ?? DEFAULT_INDENT + } + return result +} + +const parseJsonError = (raw, reviver, context) => { + const txt = stripBOM(raw) + try { + return parseJson(txt, reviver) } catch (e) { - if (typeof txt !== 'string' && !Buffer.isBuffer(txt)) { - const isEmptyArray = Array.isArray(txt) && txt.length === 0 - throw Object.assign(new TypeError( - `Cannot parse ${isEmptyArray ? 'an empty array' : String(txt)}` - ), { - code: 'EJSONPARSE', - systemError: e, - }) + if (typeof raw !== 'string' && !Buffer.isBuffer(raw)) { + const msg = Array.isArray(raw) && raw.length === 0 ? 'an empty array' : String(raw) + throw Object.assign( + new TypeError(`Cannot parse ${msg}`), + { code: 'EJSONPARSE', systemError: e } + ) } - - throw new JSONParseError(e, parseText, context, parseJson) + throw new JSONParseError(e, txt, context, parseJsonError) } } -// Remove byte order marker. This catches EF BB BF (the UTF-8 BOM) -// because the buffer-to-string conversion in `fs.readFileSync()` -// translates it to FEFF, the UTF-16 BOM. -const stripBOM = txt => String(txt).replace(/^\uFEFF/, '') - -module.exports = parseJson -parseJson.JSONParseError = JSONParseError - -parseJson.noExceptions = (txt, reviver) => { +module.exports = parseJsonError +parseJsonError.JSONParseError = JSONParseError +parseJsonError.noExceptions = (raw, reviver) => { try { - return JSON.parse(stripBOM(txt), reviver) - } catch (e) { + return parseJson(stripBOM(raw), reviver) + } catch { // no exceptions } } diff --git a/test/index.js b/test/index.js index 4b1b562..081096c 100644 --- a/test/index.js +++ b/test/index.js @@ -1,10 +1,39 @@ 'use strict' const t = require('tap') - const parseJson = require('..') -t.test('parses JSON', t => { +const currentNodeMajor = +process.version.split('.')[0].slice(1) + +// Given an object where keys are major versions of node, this will return the +// value where the current major version is >= the latest key. eg: in node 24, +// for the input {20:1, 22:2}, this will return 2 if not match is found it will +// return the value of the `default` key. +const getLatestMatchingNode = ({ default: defaultNode, ...majors }) => { + for (const major of Object.keys(majors).sort((a, b) => b - a)) { + if (currentNodeMajor >= major) { + return majors[major] + } + } + return defaultNode +} + +// This will join all args into a regexp that can be used to assert a match. +// Each argument can be a string, regexp or an object passed to getLatestMatchingNode +const expectMessage = (...args) => new RegExp(args.map((rawValue) => { + const value = rawValue.constructor === Object ? getLatestMatchingNode(rawValue) : rawValue + return value instanceof RegExp ? value.source : value +}).join('')) + +const jsonThrows = (t, data, ...args) => { + let context + if (typeof args[0] === 'number') { + context = args.shift() + } + return t.throws(() => parseJson(data, null, context), ...args) +} + +t.test('parses JSON', (t) => { const cases = Object.entries({ object: { foo: 1, @@ -24,7 +53,7 @@ t.test('parses JSON', t => { } }) -t.test('preserves indentation and newline styles', t => { +t.test('preserves indentation and newline styles', (t) => { const kIndent = Symbol.for('indent') const kNewline = Symbol.for('newline') const object = { name: 'object', version: '1.2.3' } @@ -34,7 +63,7 @@ t.test('preserves indentation and newline styles', t => { for (const [type, obj] of Object.entries({ object, array })) { const n = JSON.stringify({ type, newline, indent }) const txt = JSON.stringify(obj, null, indent).replace(/\n/g, newline) - t.test(n, t => { + t.test(n, (t) => { const res = parseJson(txt) // no newline if no indentation t.equal(res[kNewline], indent && newline, 'preserved newline') @@ -47,7 +76,7 @@ t.test('preserves indentation and newline styles', t => { t.end() }) -t.test('indentation is the default when object/array is empty', t => { +t.test('indentation is the default when object/array is empty', (t) => { const kIndent = Symbol.for('indent') const kNewline = Symbol.for('newline') const obj = '{}' @@ -55,7 +84,7 @@ t.test('indentation is the default when object/array is empty', t => { for (const newline of ['', '\n', '\r\n', '\n\n', '\r\n\r\n']) { const expect = newline || '\n' for (const str of [obj, arr]) { - t.test(JSON.stringify({ str, newline, expect }), t => { + t.test(JSON.stringify({ str, newline, expect }), (t) => { const res = parseJson(str + newline) t.equal(res[kNewline], expect, 'got expected newline') t.equal(res[kIndent], ' ', 'got expected default indentation') @@ -66,7 +95,7 @@ t.test('indentation is the default when object/array is empty', t => { t.end() }) -t.test('parses JSON if it is a Buffer, removing BOM bytes', t => { +t.test('parses JSON if it is a Buffer, removing BOM bytes', (t) => { const str = JSON.stringify({ foo: 1, bar: { @@ -74,131 +103,188 @@ t.test('parses JSON if it is a Buffer, removing BOM bytes', t => { }, }) const data = Buffer.from(str) - const bom = Buffer.concat([Buffer.from([0xEF, 0xBB, 0xBF]), data]) + const bom = Buffer.concat([Buffer.from([0xef, 0xbb, 0xbf]), data]) t.same(parseJson(data), JSON.parse(str)) t.same(parseJson(bom), JSON.parse(str), 'strips the byte order marker') t.end() }) -t.test('better errors when faced with \\b and other malarky', t => { +t.test('better errors when faced with \\b and other malarky', (t) => { const str = JSON.stringify({ foo: 1, bar: { baz: [1, 2, 3, 'four'], }, }) - const data = Buffer.from(str) - const bombom = Buffer.concat([Buffer.from([0xEF, 0xBB, 0xBF, 0xEF, 0xBB, 0xBF]), data]) - t.throws(() => parseJson(bombom), { - message: /\(0xFEFF\) in JSON at position 0/, - }, 'only strips a single BOM, not multiple') - const bs = str + '\b\b\b\b\b\b\b\b\b\b\b\b' - t.throws(() => parseJson(bs), { - message: /^Unexpected token "\\b" \(0x08\) in JSON at position.*\\b"$/, + const bombom = Buffer.concat([ + Buffer.from([0xef, 0xbb, 0xbf, 0xef, 0xbb, 0xbf]), + Buffer.from(str), + ]) + + jsonThrows( + t, + bombom, + { + message: /Unexpected token "." \(0xFEFF\)/, + }, + 'only strips a single BOM, not multiple' + ) + + jsonThrows(t, str + '\b\b\b\b\b\b\b\b\b\b\b\b', { + message: expectMessage( + 'Unexpected ', + { + 20: 'non-whitespace character after JSON', + default: /token "\\b" \(0x08\) in JSON/, + }, + / at position.*\\b"/ + ), }) + t.end() }) -t.test('throws SyntaxError for unexpected token', t => { +t.test('throws SyntaxError for unexpected token', (t) => { const data = 'foo' - t.throws( - () => parseJson(data), - { - message: 'Unexpected token "o" (0x6F) in JSON at position 1 while parsing "foo"', - code: 'EJSONPARSE', - position: 1, - name: 'JSONParseError', - systemError: SyntaxError, - } - ) + jsonThrows(t, data, { + message: expectMessage( + /Unexpected token "o" \(0x6F\)/, + { + 20: ', "foo" is not valid JSON', + default: ' in JSON at position 1', + }, + / while parsing .foo./ + ), + code: 'EJSONPARSE', + position: getLatestMatchingNode({ 20: 0, default: 1 }), + name: 'JSONParseError', + systemError: SyntaxError, + }) t.end() }) -t.test('throws SyntaxError for unexpected end of JSON', t => { +t.test('throws SyntaxError for unexpected end of JSON', (t) => { const data = '{"foo: bar}' - t.throws( - () => parseJson(data), - { - message: 'Unexpected end of JSON input while parsing "{\\"foo: bar}"', - code: 'EJSONPARSE', - position: 10, - name: 'JSONParseError', - systemError: SyntaxError, - } - ) + jsonThrows(t, data, { + message: expectMessage( + { + 20: /Unterminated string in JSON at position \d+/, + default: /Unexpected end of JSON input/, + }, + / while parsing "{\\"foo: bar}"/ + ), + code: 'EJSONPARSE', + position: getLatestMatchingNode({ 20: 11, default: 10 }), + name: 'JSONParseError', + systemError: SyntaxError, + }) t.end() }) -t.test('throws SyntaxError for unexpected number', t => { +t.test('throws SyntaxError for unexpected number', (t) => { const data = '[[1,2],{3,3,3,3,3}]' - t.throws( - () => parseJson(data), - { - message: 'Unexpected number in JSON at position 8', - code: 'EJSONPARSE', - position: 0, - name: 'JSONParseError', - systemError: SyntaxError, - } - ) + jsonThrows(t, data, { + message: expectMessage( + { + 20: "Expected property name or '}'", + default: 'Unexpected number', + }, + ' in JSON at position 8' + ), + code: 'EJSONPARSE', + position: 8, + name: 'JSONParseError', + systemError: SyntaxError, + }) t.end() }) -t.test('SyntaxError with less context (limited start)', t => { +t.test('SyntaxError with less context (limited start)', (t) => { const data = '{"6543210' - t.throws( - () => parseJson(data, null, 3), - { - message: 'Unexpected end of JSON input while parsing near "...3210"', - code: 'EJSONPARSE', - position: 8, - name: 'JSONParseError', - systemError: SyntaxError, - }) + jsonThrows(t, data, 3, { + message: expectMessage( + { + 20: 'Unterminated string in JSON at position 9', + default: 'Unexpected end of JSON input', + }, + ' while parsing near "...', + { + 20: '210', + default: '3210', + } + ), + code: 'EJSONPARSE', + position: getLatestMatchingNode({ 20: 9, default: 8 }), + name: 'JSONParseError', + systemError: SyntaxError, + }) t.end() }) -t.test('SyntaxError with less context (limited end)', t => { +t.test('SyntaxError with less context (limited end)', (t) => { const data = 'abcde' - t.throws( - () => parseJson(data, null, 2), - { - message: 'Unexpected token "a" (0x61) in JSON at position 0 while parsing near "ab..."', - code: 'EJSONPARSE', - position: 0, - name: 'JSONParseError', - systemError: SyntaxError, - } - ) + jsonThrows(t, data, 2, { + message: expectMessage( + /Unexpected token "a" \(0x61\)/, + { + 20: ', "abcde" is not valid JSON', + default: ' in JSON at position 0', + }, + ' while parsing ', + { + 20: "'abcd'", + default: 'near "ab..."', + } + ), + code: 'EJSONPARSE', + position: 0, + name: 'JSONParseError', + systemError: SyntaxError, + }) t.end() }) -t.test('throws TypeError for undefined', t => { - t.throws( - () => parseJson(undefined), - new TypeError('Cannot parse undefined') - ) +t.test('throws for end of input', (t) => { + const data = '{"a":1,""' + jsonThrows(t, data, 2, { + message: expectMessage('Unexpected end of JSON input while parsing'), + code: 'EJSONPARSE', + position: 8, + name: 'JSONParseError', + systemError: SyntaxError, + }) t.end() }) -t.test('throws TypeError for non-strings', t => { - t.throws( - () => parseJson(new Map()), - new TypeError('Cannot parse [object Map]') +t[currentNodeMajor >= 20 ? 'test' : 'skip']('coverage on node 20', (t) => { + t.match( + new parseJson.JSONParseError( + { message: `Unexpected token \b at position 2` }, + 'a'.repeat(4), + 1 + ).message, + /Unexpected token/ ) t.end() }) -t.test('throws TypeError for empty arrays', t => { - t.throws( - () => parseJson([]), - new TypeError('Cannot parse an empty array') - ) +t.test('throws TypeError for undefined', (t) => { + jsonThrows(t, undefined, new TypeError('Cannot parse undefined')) t.end() }) -t.test('handles empty string helpfully', t => { - t.throws(() => parseJson(''), { +t.test('throws TypeError for non-strings', (t) => { + jsonThrows(t, new Map(), new TypeError('Cannot parse [object Map]')) + t.end() +}) + +t.test('throws TypeError for empty arrays', (t) => { + jsonThrows(t, [], new TypeError('Cannot parse an empty array')) + t.end() +}) + +t.test('handles empty string helpfully', (t) => { + jsonThrows(t, '', { message: 'Unexpected end of JSON input while parsing empty string', name: 'JSONParseError', position: 0, @@ -208,12 +294,19 @@ t.test('handles empty string helpfully', t => { t.end() }) -t.test('json parse error class', t => { +t.test('json parse error class', (t) => { t.type(parseJson.JSONParseError, 'function') + // we already checked all the various index checking logic above const poop = new Error('poop') + const fooShouldNotShowUpInStackTrace = () => { - return new parseJson.JSONParseError(poop, 'this is some json', undefined, bar) + return new parseJson.JSONParseError( + poop, + 'this is some json', + undefined, + bar + ) } const bar = () => fooShouldNotShowUpInStackTrace() const err1 = bar() @@ -224,6 +317,7 @@ t.test('json parse error class', t => { err1.name = 'something else' t.equal(err1.name, 'JSONParseError') t.notMatch(err1.stack, /fooShouldNotShowUpInStackTrace/) + // calling it directly, tho, it does const fooShouldShowUpInStackTrace = () => { return new parseJson.JSONParseError(poop, 'this is some json') @@ -237,7 +331,7 @@ t.test('json parse error class', t => { t.end() }) -t.test('parse without exception', t => { +t.test('parse without exception', (t) => { const bad = 'this is not json' t.equal(parseJson.noExceptions(bad), undefined, 'does not throw') const obj = { this: 'is json' } @@ -245,7 +339,7 @@ t.test('parse without exception', t => { t.same(parseJson.noExceptions(good), obj, 'parses json string') const buf = Buffer.from(good) t.same(parseJson.noExceptions(buf), obj, 'parses json buffer') - const bom = Buffer.concat([Buffer.from([0xEF, 0xBB, 0xBF]), buf]) + const bom = Buffer.concat([Buffer.from([0xef, 0xbb, 0xbf]), buf]) t.same(parseJson.noExceptions(bom), obj, 'parses json buffer with bom') t.end() }) From 977736c7eedad7cb896da3f88660f3a2d7a3115f Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Fri, 17 Nov 2023 09:50:46 -0700 Subject: [PATCH 30/33] chore: @npmcli/template-oss@4.20.0 --- .eslintrc.js | 3 + .github/workflows/audit.yml | 59 ++++----- .github/workflows/ci-release.yml | 108 +++++++--------- .github/workflows/ci.yml | 108 +++++++--------- .github/workflows/post-dependabot.yml | 59 ++++----- .github/workflows/pull-request.yml | 59 ++++----- .github/workflows/release.yml | 177 ++++++++++---------------- .gitignore | 3 + package.json | 6 +- 9 files changed, 235 insertions(+), 347 deletions(-) diff --git a/.eslintrc.js b/.eslintrc.js index 5db9f81..f21d26e 100644 --- a/.eslintrc.js +++ b/.eslintrc.js @@ -10,6 +10,9 @@ const localConfigs = readdir(__dirname) module.exports = { root: true, + ignorePatterns: [ + 'tap-testdir*/', + ], extends: [ '@npmcli', ...localConfigs, diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index 36f007e..908ae16 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -30,48 +30,33 @@ jobs: node-version: 20.x check-latest: contains('20.x', '.x') - # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows - - name: Update Windows npm - if: | - matrix.platform.os == 'windows-latest' && ( - startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') - ) - run: | - curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz - tar xf npm-7.5.4.tgz - cd package - node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz - cd .. - rmdir /s /q package - - # Start on Node 10 because we dont test on anything lower - - name: Install npm@7 on Node 10 + - name: Install Latest npm shell: bash - if: startsWith(steps.node.outputs.node-version, 'v10.') - id: npm-7 + env: + NODE_VERSION: ${{ steps.node.outputs.node-version }} run: | - npm i --prefer-online --no-fund --no-audit -g npm@7 - echo "updated=true" >> "$GITHUB_OUTPUT" + MATCH="" + SPECS=("latest" "next-10" "next-9" "next-8" "next-7" "next-6") - - name: Install npm@8 on Node 12 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v12.') - id: npm-8 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@8 - echo "updated=true" >> "$GITHUB_OUTPUT" + echo "node@$NODE_VERSION" - - name: Install npm@9 on Node 14/16/18.0 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') - id: npm-9 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@9 - echo "updated=true" >> "$GITHUB_OUTPUT" + for SPEC in ${SPECS[@]}; do + ENGINES=$(npm view npm@$SPEC --json | jq -r '.engines.node') + echo "Checking if node@$NODE_VERSION satisfies npm@$SPEC ($ENGINES)" + + if npx semver -r "$ENGINES" "$NODE_VERSION" > /dev/null; then + MATCH=$SPEC + echo "Found compatible version: npm@$MATCH" + break + fi + done + + if [ -z $MATCH ]; then + echo "Could not find a compatible version of npm for node@$NODE_VERSION" + exit 1 + fi - - name: Install npm@latest on Node - if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} - run: npm i --prefer-online --no-fund --no-audit -g npm@latest + npm i --prefer-online --no-fund --no-audit -g npm@$MATCH - name: npm Version run: npm -v diff --git a/.github/workflows/ci-release.yml b/.github/workflows/ci-release.yml index 86ed7c2..0a056a5 100644 --- a/.github/workflows/ci-release.yml +++ b/.github/workflows/ci-release.yml @@ -85,48 +85,33 @@ jobs: node-version: 20.x check-latest: contains('20.x', '.x') - # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows - - name: Update Windows npm - if: | - matrix.platform.os == 'windows-latest' && ( - startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') - ) - run: | - curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz - tar xf npm-7.5.4.tgz - cd package - node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz - cd .. - rmdir /s /q package - - # Start on Node 10 because we dont test on anything lower - - name: Install npm@7 on Node 10 + - name: Install Latest npm shell: bash - if: startsWith(steps.node.outputs.node-version, 'v10.') - id: npm-7 + env: + NODE_VERSION: ${{ steps.node.outputs.node-version }} run: | - npm i --prefer-online --no-fund --no-audit -g npm@7 - echo "updated=true" >> "$GITHUB_OUTPUT" + MATCH="" + SPECS=("latest" "next-10" "next-9" "next-8" "next-7" "next-6") - - name: Install npm@8 on Node 12 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v12.') - id: npm-8 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@8 - echo "updated=true" >> "$GITHUB_OUTPUT" + echo "node@$NODE_VERSION" - - name: Install npm@9 on Node 14/16/18.0 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') - id: npm-9 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@9 - echo "updated=true" >> "$GITHUB_OUTPUT" + for SPEC in ${SPECS[@]}; do + ENGINES=$(npm view npm@$SPEC --json | jq -r '.engines.node') + echo "Checking if node@$NODE_VERSION satisfies npm@$SPEC ($ENGINES)" - - name: Install npm@latest on Node - if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} - run: npm i --prefer-online --no-fund --no-audit -g npm@latest + if npx semver -r "$ENGINES" "$NODE_VERSION" > /dev/null; then + MATCH=$SPEC + echo "Found compatible version: npm@$MATCH" + break + fi + done + + if [ -z $MATCH ]; then + echo "Could not find a compatible version of npm for node@$NODE_VERSION" + exit 1 + fi + + npm i --prefer-online --no-fund --no-audit -g npm@$MATCH - name: npm Version run: npm -v @@ -235,7 +220,9 @@ jobs: - name: Update Windows npm if: | matrix.platform.os == 'windows-latest' && ( - startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') + startsWith(steps.node.outputs.node-version, 'v10.') || + startsWith(steps.node.outputs.node-version, 'v12.') || + startsWith(steps.node.outputs.node-version, 'v14.') ) run: | curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz @@ -245,34 +232,33 @@ jobs: cd .. rmdir /s /q package - # Start on Node 10 because we dont test on anything lower - - name: Install npm@7 on Node 10 + - name: Install Latest npm shell: bash - if: startsWith(steps.node.outputs.node-version, 'v10.') - id: npm-7 + env: + NODE_VERSION: ${{ steps.node.outputs.node-version }} run: | - npm i --prefer-online --no-fund --no-audit -g npm@7 - echo "updated=true" >> "$GITHUB_OUTPUT" + MATCH="" + SPECS=("latest" "next-10" "next-9" "next-8" "next-7" "next-6") - - name: Install npm@8 on Node 12 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v12.') - id: npm-8 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@8 - echo "updated=true" >> "$GITHUB_OUTPUT" + echo "node@$NODE_VERSION" - - name: Install npm@9 on Node 14/16/18.0 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') - id: npm-9 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@9 - echo "updated=true" >> "$GITHUB_OUTPUT" + for SPEC in ${SPECS[@]}; do + ENGINES=$(npm view npm@$SPEC --json | jq -r '.engines.node') + echo "Checking if node@$NODE_VERSION satisfies npm@$SPEC ($ENGINES)" + + if npx semver -r "$ENGINES" "$NODE_VERSION" > /dev/null; then + MATCH=$SPEC + echo "Found compatible version: npm@$MATCH" + break + fi + done + + if [ -z $MATCH ]; then + echo "Could not find a compatible version of npm for node@$NODE_VERSION" + exit 1 + fi - - name: Install npm@latest on Node - if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} - run: npm i --prefer-online --no-fund --no-audit -g npm@latest + npm i --prefer-online --no-fund --no-audit -g npm@$MATCH - name: npm Version run: npm -v diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b491a1d..984097d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -34,48 +34,33 @@ jobs: node-version: 20.x check-latest: contains('20.x', '.x') - # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows - - name: Update Windows npm - if: | - matrix.platform.os == 'windows-latest' && ( - startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') - ) - run: | - curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz - tar xf npm-7.5.4.tgz - cd package - node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz - cd .. - rmdir /s /q package - - # Start on Node 10 because we dont test on anything lower - - name: Install npm@7 on Node 10 + - name: Install Latest npm shell: bash - if: startsWith(steps.node.outputs.node-version, 'v10.') - id: npm-7 + env: + NODE_VERSION: ${{ steps.node.outputs.node-version }} run: | - npm i --prefer-online --no-fund --no-audit -g npm@7 - echo "updated=true" >> "$GITHUB_OUTPUT" + MATCH="" + SPECS=("latest" "next-10" "next-9" "next-8" "next-7" "next-6") - - name: Install npm@8 on Node 12 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v12.') - id: npm-8 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@8 - echo "updated=true" >> "$GITHUB_OUTPUT" + echo "node@$NODE_VERSION" - - name: Install npm@9 on Node 14/16/18.0 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') - id: npm-9 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@9 - echo "updated=true" >> "$GITHUB_OUTPUT" + for SPEC in ${SPECS[@]}; do + ENGINES=$(npm view npm@$SPEC --json | jq -r '.engines.node') + echo "Checking if node@$NODE_VERSION satisfies npm@$SPEC ($ENGINES)" + + if npx semver -r "$ENGINES" "$NODE_VERSION" > /dev/null; then + MATCH=$SPEC + echo "Found compatible version: npm@$MATCH" + break + fi + done + + if [ -z $MATCH ]; then + echo "Could not find a compatible version of npm for node@$NODE_VERSION" + exit 1 + fi - - name: Install npm@latest on Node - if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} - run: npm i --prefer-online --no-fund --no-audit -g npm@latest + npm i --prefer-online --no-fund --no-audit -g npm@$MATCH - name: npm Version run: npm -v @@ -132,7 +117,9 @@ jobs: - name: Update Windows npm if: | matrix.platform.os == 'windows-latest' && ( - startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') + startsWith(steps.node.outputs.node-version, 'v10.') || + startsWith(steps.node.outputs.node-version, 'v12.') || + startsWith(steps.node.outputs.node-version, 'v14.') ) run: | curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz @@ -142,34 +129,33 @@ jobs: cd .. rmdir /s /q package - # Start on Node 10 because we dont test on anything lower - - name: Install npm@7 on Node 10 + - name: Install Latest npm shell: bash - if: startsWith(steps.node.outputs.node-version, 'v10.') - id: npm-7 + env: + NODE_VERSION: ${{ steps.node.outputs.node-version }} run: | - npm i --prefer-online --no-fund --no-audit -g npm@7 - echo "updated=true" >> "$GITHUB_OUTPUT" + MATCH="" + SPECS=("latest" "next-10" "next-9" "next-8" "next-7" "next-6") - - name: Install npm@8 on Node 12 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v12.') - id: npm-8 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@8 - echo "updated=true" >> "$GITHUB_OUTPUT" + echo "node@$NODE_VERSION" - - name: Install npm@9 on Node 14/16/18.0 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') - id: npm-9 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@9 - echo "updated=true" >> "$GITHUB_OUTPUT" + for SPEC in ${SPECS[@]}; do + ENGINES=$(npm view npm@$SPEC --json | jq -r '.engines.node') + echo "Checking if node@$NODE_VERSION satisfies npm@$SPEC ($ENGINES)" + + if npx semver -r "$ENGINES" "$NODE_VERSION" > /dev/null; then + MATCH=$SPEC + echo "Found compatible version: npm@$MATCH" + break + fi + done + + if [ -z $MATCH ]; then + echo "Could not find a compatible version of npm for node@$NODE_VERSION" + exit 1 + fi - - name: Install npm@latest on Node - if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} - run: npm i --prefer-online --no-fund --no-audit -g npm@latest + npm i --prefer-online --no-fund --no-audit -g npm@$MATCH - name: npm Version run: npm -v diff --git a/.github/workflows/post-dependabot.yml b/.github/workflows/post-dependabot.yml index c144660..9a4b761 100644 --- a/.github/workflows/post-dependabot.yml +++ b/.github/workflows/post-dependabot.yml @@ -31,48 +31,33 @@ jobs: node-version: 20.x check-latest: contains('20.x', '.x') - # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows - - name: Update Windows npm - if: | - matrix.platform.os == 'windows-latest' && ( - startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') - ) - run: | - curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz - tar xf npm-7.5.4.tgz - cd package - node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz - cd .. - rmdir /s /q package - - # Start on Node 10 because we dont test on anything lower - - name: Install npm@7 on Node 10 + - name: Install Latest npm shell: bash - if: startsWith(steps.node.outputs.node-version, 'v10.') - id: npm-7 + env: + NODE_VERSION: ${{ steps.node.outputs.node-version }} run: | - npm i --prefer-online --no-fund --no-audit -g npm@7 - echo "updated=true" >> "$GITHUB_OUTPUT" + MATCH="" + SPECS=("latest" "next-10" "next-9" "next-8" "next-7" "next-6") - - name: Install npm@8 on Node 12 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v12.') - id: npm-8 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@8 - echo "updated=true" >> "$GITHUB_OUTPUT" + echo "node@$NODE_VERSION" - - name: Install npm@9 on Node 14/16/18.0 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') - id: npm-9 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@9 - echo "updated=true" >> "$GITHUB_OUTPUT" + for SPEC in ${SPECS[@]}; do + ENGINES=$(npm view npm@$SPEC --json | jq -r '.engines.node') + echo "Checking if node@$NODE_VERSION satisfies npm@$SPEC ($ENGINES)" + + if npx semver -r "$ENGINES" "$NODE_VERSION" > /dev/null; then + MATCH=$SPEC + echo "Found compatible version: npm@$MATCH" + break + fi + done + + if [ -z $MATCH ]; then + echo "Could not find a compatible version of npm for node@$NODE_VERSION" + exit 1 + fi - - name: Install npm@latest on Node - if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} - run: npm i --prefer-online --no-fund --no-audit -g npm@latest + npm i --prefer-online --no-fund --no-audit -g npm@$MATCH - name: npm Version run: npm -v diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml index 63a6169..3418d4c 100644 --- a/.github/workflows/pull-request.yml +++ b/.github/workflows/pull-request.yml @@ -34,48 +34,33 @@ jobs: node-version: 20.x check-latest: contains('20.x', '.x') - # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows - - name: Update Windows npm - if: | - matrix.platform.os == 'windows-latest' && ( - startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') - ) - run: | - curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz - tar xf npm-7.5.4.tgz - cd package - node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz - cd .. - rmdir /s /q package - - # Start on Node 10 because we dont test on anything lower - - name: Install npm@7 on Node 10 + - name: Install Latest npm shell: bash - if: startsWith(steps.node.outputs.node-version, 'v10.') - id: npm-7 + env: + NODE_VERSION: ${{ steps.node.outputs.node-version }} run: | - npm i --prefer-online --no-fund --no-audit -g npm@7 - echo "updated=true" >> "$GITHUB_OUTPUT" + MATCH="" + SPECS=("latest" "next-10" "next-9" "next-8" "next-7" "next-6") - - name: Install npm@8 on Node 12 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v12.') - id: npm-8 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@8 - echo "updated=true" >> "$GITHUB_OUTPUT" + echo "node@$NODE_VERSION" - - name: Install npm@9 on Node 14/16/18.0 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') - id: npm-9 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@9 - echo "updated=true" >> "$GITHUB_OUTPUT" + for SPEC in ${SPECS[@]}; do + ENGINES=$(npm view npm@$SPEC --json | jq -r '.engines.node') + echo "Checking if node@$NODE_VERSION satisfies npm@$SPEC ($ENGINES)" + + if npx semver -r "$ENGINES" "$NODE_VERSION" > /dev/null; then + MATCH=$SPEC + echo "Found compatible version: npm@$MATCH" + break + fi + done + + if [ -z $MATCH ]; then + echo "Could not find a compatible version of npm for node@$NODE_VERSION" + exit 1 + fi - - name: Install npm@latest on Node - if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} - run: npm i --prefer-online --no-fund --no-audit -g npm@latest + npm i --prefer-online --no-fund --no-audit -g npm@$MATCH - name: npm Version run: npm -v diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 87c7be2..70010ab 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -47,48 +47,33 @@ jobs: node-version: 20.x check-latest: contains('20.x', '.x') - # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows - - name: Update Windows npm - if: | - matrix.platform.os == 'windows-latest' && ( - startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') - ) - run: | - curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz - tar xf npm-7.5.4.tgz - cd package - node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz - cd .. - rmdir /s /q package - - # Start on Node 10 because we dont test on anything lower - - name: Install npm@7 on Node 10 + - name: Install Latest npm shell: bash - if: startsWith(steps.node.outputs.node-version, 'v10.') - id: npm-7 + env: + NODE_VERSION: ${{ steps.node.outputs.node-version }} run: | - npm i --prefer-online --no-fund --no-audit -g npm@7 - echo "updated=true" >> "$GITHUB_OUTPUT" + MATCH="" + SPECS=("latest" "next-10" "next-9" "next-8" "next-7" "next-6") - - name: Install npm@8 on Node 12 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v12.') - id: npm-8 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@8 - echo "updated=true" >> "$GITHUB_OUTPUT" + echo "node@$NODE_VERSION" - - name: Install npm@9 on Node 14/16/18.0 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') - id: npm-9 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@9 - echo "updated=true" >> "$GITHUB_OUTPUT" + for SPEC in ${SPECS[@]}; do + ENGINES=$(npm view npm@$SPEC --json | jq -r '.engines.node') + echo "Checking if node@$NODE_VERSION satisfies npm@$SPEC ($ENGINES)" - - name: Install npm@latest on Node - if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} - run: npm i --prefer-online --no-fund --no-audit -g npm@latest + if npx semver -r "$ENGINES" "$NODE_VERSION" > /dev/null; then + MATCH=$SPEC + echo "Found compatible version: npm@$MATCH" + break + fi + done + + if [ -z $MATCH ]; then + echo "Could not find a compatible version of npm for node@$NODE_VERSION" + exit 1 + fi + + npm i --prefer-online --no-fund --no-audit -g npm@$MATCH - name: npm Version run: npm -v @@ -204,48 +189,33 @@ jobs: node-version: 20.x check-latest: contains('20.x', '.x') - # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows - - name: Update Windows npm - if: | - matrix.platform.os == 'windows-latest' && ( - startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') - ) - run: | - curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz - tar xf npm-7.5.4.tgz - cd package - node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz - cd .. - rmdir /s /q package - - # Start on Node 10 because we dont test on anything lower - - name: Install npm@7 on Node 10 + - name: Install Latest npm shell: bash - if: startsWith(steps.node.outputs.node-version, 'v10.') - id: npm-7 + env: + NODE_VERSION: ${{ steps.node.outputs.node-version }} run: | - npm i --prefer-online --no-fund --no-audit -g npm@7 - echo "updated=true" >> "$GITHUB_OUTPUT" + MATCH="" + SPECS=("latest" "next-10" "next-9" "next-8" "next-7" "next-6") - - name: Install npm@8 on Node 12 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v12.') - id: npm-8 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@8 - echo "updated=true" >> "$GITHUB_OUTPUT" + echo "node@$NODE_VERSION" - - name: Install npm@9 on Node 14/16/18.0 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') - id: npm-9 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@9 - echo "updated=true" >> "$GITHUB_OUTPUT" + for SPEC in ${SPECS[@]}; do + ENGINES=$(npm view npm@$SPEC --json | jq -r '.engines.node') + echo "Checking if node@$NODE_VERSION satisfies npm@$SPEC ($ENGINES)" + + if npx semver -r "$ENGINES" "$NODE_VERSION" > /dev/null; then + MATCH=$SPEC + echo "Found compatible version: npm@$MATCH" + break + fi + done + + if [ -z $MATCH ]; then + echo "Could not find a compatible version of npm for node@$NODE_VERSION" + exit 1 + fi - - name: Install npm@latest on Node - if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} - run: npm i --prefer-online --no-fund --no-audit -g npm@latest + npm i --prefer-online --no-fund --no-audit -g npm@$MATCH - name: npm Version run: npm -v @@ -414,48 +384,33 @@ jobs: node-version: 20.x check-latest: contains('20.x', '.x') - # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows - - name: Update Windows npm - if: | - matrix.platform.os == 'windows-latest' && ( - startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') - ) - run: | - curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz - tar xf npm-7.5.4.tgz - cd package - node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz - cd .. - rmdir /s /q package - - # Start on Node 10 because we dont test on anything lower - - name: Install npm@7 on Node 10 + - name: Install Latest npm shell: bash - if: startsWith(steps.node.outputs.node-version, 'v10.') - id: npm-7 + env: + NODE_VERSION: ${{ steps.node.outputs.node-version }} run: | - npm i --prefer-online --no-fund --no-audit -g npm@7 - echo "updated=true" >> "$GITHUB_OUTPUT" + MATCH="" + SPECS=("latest" "next-10" "next-9" "next-8" "next-7" "next-6") - - name: Install npm@8 on Node 12 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v12.') - id: npm-8 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@8 - echo "updated=true" >> "$GITHUB_OUTPUT" + echo "node@$NODE_VERSION" - - name: Install npm@9 on Node 14/16/18.0 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') - id: npm-9 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@9 - echo "updated=true" >> "$GITHUB_OUTPUT" + for SPEC in ${SPECS[@]}; do + ENGINES=$(npm view npm@$SPEC --json | jq -r '.engines.node') + echo "Checking if node@$NODE_VERSION satisfies npm@$SPEC ($ENGINES)" + + if npx semver -r "$ENGINES" "$NODE_VERSION" > /dev/null; then + MATCH=$SPEC + echo "Found compatible version: npm@$MATCH" + break + fi + done + + if [ -z $MATCH ]; then + echo "Could not find a compatible version of npm for node@$NODE_VERSION" + exit 1 + fi - - name: Install npm@latest on Node - if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} - run: npm i --prefer-online --no-fund --no-audit -g npm@latest + npm i --prefer-online --no-fund --no-audit -g npm@$MATCH - name: npm Version run: npm -v diff --git a/.gitignore b/.gitignore index b3eeced..773cada 100644 --- a/.gitignore +++ b/.gitignore @@ -2,6 +2,8 @@ # ignore everything in the root /* +# transient test directories +tap-testdir*/ # keep these !**/.gitignore @@ -27,3 +29,4 @@ !/SECURITY.md !/tap-snapshots/ !/test/ +!/tsconfig.json diff --git a/package.json b/package.json index 71bacec..97bbc42 100644 --- a/package.json +++ b/package.json @@ -10,7 +10,7 @@ "scripts": { "test": "tap", "snap": "tap", - "lint": "eslint \"**/*.js\"", + "lint": "eslint \"**/*.{js,cjs,ts,mjs,jsx,tsx}\"", "postlint": "template-oss-check", "template-oss-apply": "template-oss-apply --force", "lintfix": "npm run lint -- --fix", @@ -28,7 +28,7 @@ "license": "MIT", "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.19.0", + "@npmcli/template-oss": "4.20.0", "tap": "^16.3.0" }, "tap": { @@ -43,6 +43,6 @@ }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.19.0" + "version": "4.20.0" } } From 875d80fc5427a8db16c6c802c00aa7ddac7927a6 Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Fri, 17 Nov 2023 21:33:12 -0700 Subject: [PATCH 31/33] chore: rename default branch --- .github/dependabot.yml | 2 +- .github/settings.yml | 2 +- .github/workflows/ci-release.yml | 2 +- .github/workflows/ci.yml | 2 +- .github/workflows/codeql-analysis.yml | 4 ++-- .github/workflows/release.yml | 2 +- 6 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 22c0a80..69312df 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -7,7 +7,7 @@ updates: directory: / schedule: interval: daily - target-branch: "latest" + target-branch: "main" allow: - dependency-type: direct versioning-strategy: increase-if-necessary diff --git a/.github/settings.yml b/.github/settings.yml index 1328d3b..c742871 100644 --- a/.github/settings.yml +++ b/.github/settings.yml @@ -11,7 +11,7 @@ repository: enable_vulnerability_alerts: true branches: - - name: latest + - name: main protection: required_status_checks: null enforce_admins: true diff --git a/.github/workflows/ci-release.yml b/.github/workflows/ci-release.yml index 0a056a5..2006738 100644 --- a/.github/workflows/ci-release.yml +++ b/.github/workflows/ci-release.yml @@ -8,7 +8,7 @@ on: ref: required: true type: string - default: latest + default: main workflow_call: inputs: ref: diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 984097d..56c6a67 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -7,7 +7,7 @@ on: pull_request: push: branches: - - latest + - main schedule: # "At 09:00 UTC (02:00 PT) on Monday" https://crontab.guru/#0_9_*_*_1 - cron: "0 9 * * 1" diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index a233cd9..f7e691d 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -5,10 +5,10 @@ name: CodeQL on: push: branches: - - latest + - main pull_request: branches: - - latest + - main schedule: # "At 10:00 UTC (03:00 PT) on Monday" https://crontab.guru/#0_10_*_*_1 - cron: "0 10 * * 1" diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 70010ab..c86169c 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -10,7 +10,7 @@ on: type: string push: branches: - - latest + - main permissions: contents: write From 0a13e9c255c2f840dd3a79f6afd7b038aee0d122 Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Mon, 27 Nov 2023 14:45:12 -0700 Subject: [PATCH 32/33] chore: auto publish (#46) --- .github/workflows/release.yml | 76 ++++++++--------------------------- package.json | 3 +- 2 files changed, 18 insertions(+), 61 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index c86169c..175a86d 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -227,7 +227,7 @@ jobs: RELEASE_COMMENT_ID: ${{ needs.release.outputs.comment-id }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | - npm exec --offline -- template-oss-release-manager --lockfile=false --publish=false + npm exec --offline -- template-oss-release-manager --lockfile=false --publish=true npm run rp-pull-request --ignore-scripts --if-present - name: Commit id: commit @@ -376,70 +376,26 @@ jobs: defaults: run: shell: bash + permissions: + deployments: write + id-token: write steps: + - name: Checkout + uses: actions/checkout@v3 + with: + ref: ${{ fromJSON(needs.release.outputs.release).tagName }} - name: Setup Node uses: actions/setup-node@v3 - id: node with: - node-version: 20.x - check-latest: contains('20.x', '.x') - - - name: Install Latest npm - shell: bash - env: - NODE_VERSION: ${{ steps.node.outputs.node-version }} - run: | - MATCH="" - SPECS=("latest" "next-10" "next-9" "next-8" "next-7" "next-6") - - echo "node@$NODE_VERSION" - - for SPEC in ${SPECS[@]}; do - ENGINES=$(npm view npm@$SPEC --json | jq -r '.engines.node') - echo "Checking if node@$NODE_VERSION satisfies npm@$SPEC ($ENGINES)" - - if npx semver -r "$ENGINES" "$NODE_VERSION" > /dev/null; then - MATCH=$SPEC - echo "Found compatible version: npm@$MATCH" - break - fi - done - - if [ -z $MATCH ]; then - echo "Could not find a compatible version of npm for node@$NODE_VERSION" - exit 1 - fi - - npm i --prefer-online --no-fund --no-audit -g npm@$MATCH - - - name: npm Version - run: npm -v - - name: View in Registry + node-version: 18.x + - name: Install npm@latest run: | - EXIT_CODE=0 - - function is_published { - if npm view "$@" --loglevel=error > /dev/null; then - echo 0 - else - echo 1 - fi - } - - for release in $(echo '${{ needs.release.outputs.releases }}' | jq -r '.[] | @base64'); do - name=$(echo "$release" | base64 --decode | jq -r .pkgName) - version=$(echo "$release" | base64 --decode | jq -r .version) - spec="$name@$version" - status=$(is_published "$spec") - if [[ "$status" -eq 1 ]]; then - echo "$spec ERROR" - EXIT_CODE=$status - else - echo "$spec OK" - fi - done - - exit $EXIT_CODE + npm i --prefer-online --no-fund --no-audit -g npm@latest + npm config set '//registry.npmjs.org/:_authToken'=\${PUBLISH_TOKEN} + - name: Publish + env: + PUBLISH_TOKEN: ${{ secrets.PUBLISH_TOKEN }} + run: npm publish --provenance --tag=latest post-release-integration: needs: [ release, release-integration ] diff --git a/package.json b/package.json index 97bbc42..b225fc3 100644 --- a/package.json +++ b/package.json @@ -43,6 +43,7 @@ }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.20.0" + "version": "4.20.0", + "publish": true } } From cbdd5271b6596b9b2388e4ebe46a74eb5595eda3 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 27 Nov 2023 17:17:31 -0700 Subject: [PATCH 33/33] chore: release 3.0.1 (#45) :robot: I have created a release *beep* *boop* --- ## [3.0.1](https://github.com/npm/json-parse-even-better-errors/compare/v3.0.0...v3.0.1) (2023-11-27) ### Bug Fixes * [`1e54107`](https://github.com/npm/json-parse-even-better-errors/commit/1e54107648d0b9a86f6c64aac538252726e501c4) [#25](https://github.com/npm/json-parse-even-better-errors/pull/25) refactor for new error style in node 20 (@lukekarrys) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- .release-please-manifest.json | 2 +- CHANGELOG.md | 6 ++++++ package.json | 2 +- 3 files changed, 8 insertions(+), 2 deletions(-) diff --git a/.release-please-manifest.json b/.release-please-manifest.json index d4f6f29..d6f5405 100644 --- a/.release-please-manifest.json +++ b/.release-please-manifest.json @@ -1,3 +1,3 @@ { - ".": "3.0.0" + ".": "3.0.1" } diff --git a/CHANGELOG.md b/CHANGELOG.md index 0544a4e..3c2b33a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,11 @@ # Changelog +## [3.0.1](https://github.com/npm/json-parse-even-better-errors/compare/v3.0.0...v3.0.1) (2023-11-27) + +### Bug Fixes + +* [`1e54107`](https://github.com/npm/json-parse-even-better-errors/commit/1e54107648d0b9a86f6c64aac538252726e501c4) [#25](https://github.com/npm/json-parse-even-better-errors/pull/25) refactor for new error style in node 20 (@lukekarrys) + ## [3.0.0](https://github.com/npm/json-parse-even-better-errors/compare/v2.3.1...v3.0.0) (2022-10-10) ### ⚠️ BREAKING CHANGES diff --git a/package.json b/package.json index b225fc3..5d0a1d9 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "json-parse-even-better-errors", - "version": "3.0.0", + "version": "3.0.1", "description": "JSON.parse with context information on error", "main": "lib/index.js", "files": [