From 238acc4d8bc1e9dfd0f64c0356aea9deb0434049 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 20 Apr 2022 02:20:14 -0700 Subject: [PATCH 01/13] chore: bump @npmcli/template-oss from 3.3.2 to 3.4.1 (#454) * chore: bump @npmcli/template-oss from 3.3.2 to 3.4.1 Bumps [@npmcli/template-oss](https://github.com/npm/template-oss) from 3.3.2 to 3.4.1. - [Release notes](https://github.com/npm/template-oss/releases) - [Changelog](https://github.com/npm/template-oss/blob/main/CHANGELOG.md) - [Commits](https://github.com/npm/template-oss/compare/v3.3.2...v3.4.1) --- updated-dependencies: - dependency-name: "@npmcli/template-oss" dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] * chore: postinstall for dependabot template-oss PR Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Luke Karrys --- .github/workflows/audit.yml | 4 ++-- .github/workflows/ci.yml | 8 ++++---- .github/workflows/codeql-analysis.yml | 4 ++-- .github/workflows/post-dependabot.yml | 4 ++-- .github/workflows/pull-request.yml | 4 ++-- package.json | 4 ++-- 6 files changed, 14 insertions(+), 14 deletions(-) diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index 03dcd937..7f48d351 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -15,8 +15,8 @@ jobs: - uses: actions/checkout@v3 - name: Setup git user run: | - git config --global user.email "ops+npm-cli@npmjs.com" - git config --global user.name "npm cli ops bot" + git config --global user.email "npm team" + git config --global user.name "ops+robot@npmjs.com" - uses: actions/setup-node@v3 with: node-version: 16.x diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 538e46a0..a48dcd4f 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -22,8 +22,8 @@ jobs: - uses: actions/checkout@v3 - name: Setup git user run: | - git config --global user.email "ops+npm-cli@npmjs.com" - git config --global user.name "npm cli ops bot" + git config --global user.email "npm team" + git config --global user.name "ops+robot@npmjs.com" - uses: actions/setup-node@v3 with: node-version: 16.x @@ -58,8 +58,8 @@ jobs: - uses: actions/checkout@v3 - name: Setup git user run: | - git config --global user.email "ops+npm-cli@npmjs.com" - git config --global user.name "npm cli ops bot" + git config --global user.email "npm team" + git config --global user.name "ops+robot@npmjs.com" - uses: actions/setup-node@v3 with: node-version: ${{ matrix.node-version }} diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 56cd7b9c..0067fc1b 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -34,8 +34,8 @@ jobs: - uses: actions/checkout@v3 - name: Setup git user run: | - git config --global user.email "ops+npm-cli@npmjs.com" - git config --global user.name "npm cli ops bot" + git config --global user.email "npm team" + git config --global user.name "ops+robot@npmjs.com" - name: Initialize CodeQL uses: github/codeql-action/init@v1 with: diff --git a/.github/workflows/post-dependabot.yml b/.github/workflows/post-dependabot.yml index 0372a7a9..4dd83131 100644 --- a/.github/workflows/post-dependabot.yml +++ b/.github/workflows/post-dependabot.yml @@ -16,8 +16,8 @@ jobs: - uses: actions/checkout@v3 - name: Setup git user run: | - git config --global user.email "ops+npm-cli@npmjs.com" - git config --global user.name "npm cli ops bot" + git config --global user.email "npm team" + git config --global user.name "ops+robot@npmjs.com" - uses: actions/setup-node@v3 with: node-version: 16.x diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml index 93a5c3c9..bf86a7da 100644 --- a/.github/workflows/pull-request.yml +++ b/.github/workflows/pull-request.yml @@ -20,8 +20,8 @@ jobs: fetch-depth: 0 - name: Setup git user run: | - git config --global user.email "ops+npm-cli@npmjs.com" - git config --global user.name "npm cli ops bot" + git config --global user.email "npm team" + git config --global user.name "ops+robot@npmjs.com" - uses: actions/setup-node@v3 with: node-version: 16.x diff --git a/package.json b/package.json index 7898f590..7463d3db 100644 --- a/package.json +++ b/package.json @@ -18,7 +18,7 @@ }, "devDependencies": { "@npmcli/eslint-config": "^3.0.1", - "@npmcli/template-oss": "3.3.2", + "@npmcli/template-oss": "3.4.1", "tap": "^16.0.0" }, "license": "ISC", @@ -52,7 +52,7 @@ "author": "GitHub Inc.", "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "3.3.2", + "version": "3.4.1", "engines": ">=10", "ciVersions": [ "10.0.0", From e80c3d4891901bc9d125a8439242e5dd70654454 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 22 Apr 2022 06:32:37 +0000 Subject: [PATCH 02/13] chore: bump @npmcli/template-oss from 3.4.1 to 3.4.2 Bumps [@npmcli/template-oss](https://github.com/npm/template-oss) from 3.4.1 to 3.4.2. - [Release notes](https://github.com/npm/template-oss/releases) - [Changelog](https://github.com/npm/template-oss/blob/main/CHANGELOG.md) - [Commits](https://github.com/npm/template-oss/compare/v3.4.1...v3.4.2) --- updated-dependencies: - dependency-name: "@npmcli/template-oss" dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 7463d3db..78785e31 100644 --- a/package.json +++ b/package.json @@ -18,7 +18,7 @@ }, "devDependencies": { "@npmcli/eslint-config": "^3.0.1", - "@npmcli/template-oss": "3.4.1", + "@npmcli/template-oss": "3.4.2", "tap": "^16.0.0" }, "license": "ISC", From c56a701f45653940ee8536eafe43b3e46c11d6cc Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Wed, 27 Apr 2022 15:27:26 -0700 Subject: [PATCH 03/13] chore: postinstall for dependabot template-oss PR --- .github/workflows/audit.yml | 4 ++-- .github/workflows/ci.yml | 8 ++++---- .github/workflows/codeql-analysis.yml | 4 ++-- .github/workflows/post-dependabot.yml | 4 ++-- .github/workflows/pull-request.yml | 4 ++-- package.json | 2 +- 6 files changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index 7f48d351..1e35e279 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -15,8 +15,8 @@ jobs: - uses: actions/checkout@v3 - name: Setup git user run: | - git config --global user.email "npm team" - git config --global user.name "ops+robot@npmjs.com" + git config --global user.email "ops+robot@npmjs.com" + git config --global user.name "npm team" - uses: actions/setup-node@v3 with: node-version: 16.x diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index a48dcd4f..c8014892 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -22,8 +22,8 @@ jobs: - uses: actions/checkout@v3 - name: Setup git user run: | - git config --global user.email "npm team" - git config --global user.name "ops+robot@npmjs.com" + git config --global user.email "ops+robot@npmjs.com" + git config --global user.name "npm team" - uses: actions/setup-node@v3 with: node-version: 16.x @@ -58,8 +58,8 @@ jobs: - uses: actions/checkout@v3 - name: Setup git user run: | - git config --global user.email "npm team" - git config --global user.name "ops+robot@npmjs.com" + git config --global user.email "ops+robot@npmjs.com" + git config --global user.name "npm team" - uses: actions/setup-node@v3 with: node-version: ${{ matrix.node-version }} diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 0067fc1b..2fbb6309 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -34,8 +34,8 @@ jobs: - uses: actions/checkout@v3 - name: Setup git user run: | - git config --global user.email "npm team" - git config --global user.name "ops+robot@npmjs.com" + git config --global user.email "ops+robot@npmjs.com" + git config --global user.name "npm team" - name: Initialize CodeQL uses: github/codeql-action/init@v1 with: diff --git a/.github/workflows/post-dependabot.yml b/.github/workflows/post-dependabot.yml index 4dd83131..94f5a8fd 100644 --- a/.github/workflows/post-dependabot.yml +++ b/.github/workflows/post-dependabot.yml @@ -16,8 +16,8 @@ jobs: - uses: actions/checkout@v3 - name: Setup git user run: | - git config --global user.email "npm team" - git config --global user.name "ops+robot@npmjs.com" + git config --global user.email "ops+robot@npmjs.com" + git config --global user.name "npm team" - uses: actions/setup-node@v3 with: node-version: 16.x diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml index bf86a7da..d2bc7dab 100644 --- a/.github/workflows/pull-request.yml +++ b/.github/workflows/pull-request.yml @@ -20,8 +20,8 @@ jobs: fetch-depth: 0 - name: Setup git user run: | - git config --global user.email "npm team" - git config --global user.name "ops+robot@npmjs.com" + git config --global user.email "ops+robot@npmjs.com" + git config --global user.name "npm team" - uses: actions/setup-node@v3 with: node-version: 16.x diff --git a/package.json b/package.json index 78785e31..6029e7cc 100644 --- a/package.json +++ b/package.json @@ -52,7 +52,7 @@ "author": "GitHub Inc.", "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "3.4.1", + "version": "3.4.2", "engines": ">=10", "ciVersions": [ "10.0.0", From e9a1f26e616b2e7a3e14e1803364229980142789 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 29 Jun 2022 14:14:36 -0700 Subject: [PATCH 04/13] chore: bump @npmcli/template-oss from 3.4.2 to 3.4.3 (#457) * chore: bump @npmcli/template-oss from 3.4.2 to 3.4.3 Bumps [@npmcli/template-oss](https://github.com/npm/template-oss) from 3.4.2 to 3.4.3. - [Release notes](https://github.com/npm/template-oss/releases) - [Changelog](https://github.com/npm/template-oss/blob/main/CHANGELOG.md) - [Commits](https://github.com/npm/template-oss/compare/v3.4.2...v3.4.3) --- updated-dependencies: - dependency-name: "@npmcli/template-oss" dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] * chore: postinstall for dependabot template-oss PR * chore: postinstall for dependabot template-oss PR Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: npm team Co-authored-by: Luke Karrys --- .eslintrc.js | 2 ++ .github/workflows/audit.yml | 4 ++-- .github/workflows/ci.yml | 8 ++++---- .github/workflows/codeql-analysis.yml | 4 ++-- .github/workflows/post-dependabot.yml | 4 ++-- .github/workflows/pull-request.yml | 4 ++-- .gitignore | 1 + CODE_OF_CONDUCT.md | 7 +++++++ package.json | 4 ++-- 9 files changed, 24 insertions(+), 14 deletions(-) create mode 100644 CODE_OF_CONDUCT.md diff --git a/.eslintrc.js b/.eslintrc.js index 0e8ad007..5db9f815 100644 --- a/.eslintrc.js +++ b/.eslintrc.js @@ -1,5 +1,7 @@ /* This file is automatically added by @npmcli/template-oss. Do not edit. */ +'use strict' + const { readdirSync: readdir } = require('fs') const localConfigs = readdir(__dirname) diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index 1e35e279..64716120 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -15,8 +15,8 @@ jobs: - uses: actions/checkout@v3 - name: Setup git user run: | - git config --global user.email "ops+robot@npmjs.com" - git config --global user.name "npm team" + git config --global user.email "npm-cli+bot@github.com" + git config --global user.name "npm CLI robot" - uses: actions/setup-node@v3 with: node-version: 16.x diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index c8014892..5f78652d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -22,8 +22,8 @@ jobs: - uses: actions/checkout@v3 - name: Setup git user run: | - git config --global user.email "ops+robot@npmjs.com" - git config --global user.name "npm team" + git config --global user.email "npm-cli+bot@github.com" + git config --global user.name "npm CLI robot" - uses: actions/setup-node@v3 with: node-version: 16.x @@ -58,8 +58,8 @@ jobs: - uses: actions/checkout@v3 - name: Setup git user run: | - git config --global user.email "ops+robot@npmjs.com" - git config --global user.name "npm team" + git config --global user.email "npm-cli+bot@github.com" + git config --global user.name "npm CLI robot" - uses: actions/setup-node@v3 with: node-version: ${{ matrix.node-version }} diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 2fbb6309..5d974116 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -34,8 +34,8 @@ jobs: - uses: actions/checkout@v3 - name: Setup git user run: | - git config --global user.email "ops+robot@npmjs.com" - git config --global user.name "npm team" + git config --global user.email "npm-cli+bot@github.com" + git config --global user.name "npm CLI robot" - name: Initialize CodeQL uses: github/codeql-action/init@v1 with: diff --git a/.github/workflows/post-dependabot.yml b/.github/workflows/post-dependabot.yml index 94f5a8fd..b6e81e6e 100644 --- a/.github/workflows/post-dependabot.yml +++ b/.github/workflows/post-dependabot.yml @@ -16,8 +16,8 @@ jobs: - uses: actions/checkout@v3 - name: Setup git user run: | - git config --global user.email "ops+robot@npmjs.com" - git config --global user.name "npm team" + git config --global user.email "npm-cli+bot@github.com" + git config --global user.name "npm CLI robot" - uses: actions/setup-node@v3 with: node-version: 16.x diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml index d2bc7dab..72230764 100644 --- a/.github/workflows/pull-request.yml +++ b/.github/workflows/pull-request.yml @@ -20,8 +20,8 @@ jobs: fetch-depth: 0 - name: Setup git user run: | - git config --global user.email "ops+robot@npmjs.com" - git config --global user.name "npm team" + git config --global user.email "npm-cli+bot@github.com" + git config --global user.name "npm CLI robot" - uses: actions/setup-node@v3 with: node-version: 16.x diff --git a/.gitignore b/.gitignore index dd3ceb93..8cd974e0 100644 --- a/.gitignore +++ b/.gitignore @@ -19,6 +19,7 @@ !/.github/ !/.gitignore !/.npmrc +!/CODE_OF_CONDUCT.md !/SECURITY.md !/bin/ !/classes/ diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md new file mode 100644 index 00000000..167043c2 --- /dev/null +++ b/CODE_OF_CONDUCT.md @@ -0,0 +1,7 @@ + + +All interactions in this repo are covered by the [npm Code of +Conduct](https://docs.npmjs.com/policies/conduct) + +The npm cli team may, at its own discretion, moderate, remove, or edit +any interactions such as pull requests, issues, and comments. diff --git a/package.json b/package.json index 6029e7cc..87f3bf23 100644 --- a/package.json +++ b/package.json @@ -18,7 +18,7 @@ }, "devDependencies": { "@npmcli/eslint-config": "^3.0.1", - "@npmcli/template-oss": "3.4.2", + "@npmcli/template-oss": "3.5.0", "tap": "^16.0.0" }, "license": "ISC", @@ -52,7 +52,7 @@ "author": "GitHub Inc.", "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "3.4.2", + "version": "3.5.0", "engines": ">=10", "ciVersions": [ "10.0.0", From 7d28971bbcf047416acaf099c2a52d342a2e0d05 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 23 Aug 2022 06:27:51 +0000 Subject: [PATCH 05/13] chore: bump @npmcli/template-oss from 3.5.0 to 3.6.0 Bumps [@npmcli/template-oss](https://github.com/npm/template-oss) from 3.5.0 to 3.6.0. - [Release notes](https://github.com/npm/template-oss/releases) - [Changelog](https://github.com/npm/template-oss/blob/main/CHANGELOG.md) - [Commits](https://github.com/npm/template-oss/compare/v3.5.0...v3.6.0) --- updated-dependencies: - dependency-name: "@npmcli/template-oss" dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 87f3bf23..6f8c9b57 100644 --- a/package.json +++ b/package.json @@ -18,7 +18,7 @@ }, "devDependencies": { "@npmcli/eslint-config": "^3.0.1", - "@npmcli/template-oss": "3.5.0", + "@npmcli/template-oss": "3.6.0", "tap": "^16.0.0" }, "license": "ISC", From bce42589d33e1a99454530a8fd52c7178e2b11c1 Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Tue, 23 Aug 2022 11:12:09 -0700 Subject: [PATCH 06/13] chore: postinstall for dependabot template-oss PR --- .github/matchers/tap.json | 32 +++++++++++++++++++++++++++ .github/workflows/audit.yml | 4 ++-- .github/workflows/ci.yml | 6 +++-- .github/workflows/codeql-analysis.yml | 4 ++-- package.json | 2 +- 5 files changed, 41 insertions(+), 7 deletions(-) create mode 100644 .github/matchers/tap.json diff --git a/.github/matchers/tap.json b/.github/matchers/tap.json new file mode 100644 index 00000000..ef114199 --- /dev/null +++ b/.github/matchers/tap.json @@ -0,0 +1,32 @@ +{ + "//@npmcli/template-oss": "This file is automatically added by @npmcli/template-oss. Do not edit.", + "problemMatcher": [ + { + "owner": "tap", + "pattern": [ + { + "regexp": "^\\s*not ok \\d+ - (.*)", + "message": 1 + }, + { + "regexp": "^\\s*---" + }, + { + "regexp": "^\\s*at:" + }, + { + "regexp": "^\\s*line:\\s*(\\d+)", + "line": 1 + }, + { + "regexp": "^\\s*column:\\s*(\\d+)", + "column": 1 + }, + { + "regexp": "^\\s*file:\\s*(.*)", + "file": 1 + } + ] + } + ] +} \ No newline at end of file diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index 64716120..d46429e1 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -5,8 +5,8 @@ name: Audit on: workflow_dispatch: schedule: - # "At 01:00 on Monday" https://crontab.guru/#0_1_*_*_1 - - cron: "0 1 * * 1" + # "At 08:00 UTC (01:00 PT) on Monday" https://crontab.guru/#0_8_*_*_1 + - cron: "0 8 * * 1" jobs: audit: diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 5f78652d..0abb0f6c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -12,8 +12,8 @@ on: - main - latest schedule: - # "At 02:00 on Monday" https://crontab.guru/#0_2_*_*_1 - - cron: "0 2 * * 1" + # "At 09:00 UTC (02:00 PT) on Monday" https://crontab.guru/#0_9_*_*_1 + - cron: "0 9 * * 1" jobs: lint: @@ -81,5 +81,7 @@ jobs: if: ${{ !startsWith(matrix.node-version, '10.') }} run: npm i --prefer-online --no-fund --no-audit -g npm@latest - run: npm -v + - name: add tap problem matcher + run: echo "::add-matcher::.github/matchers/tap.json" - run: npm i --ignore-scripts --no-audit --no-fund - run: npm test --ignore-scripts diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 5d974116..cfd0db30 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -13,8 +13,8 @@ on: - main - latest schedule: - # "At 03:00 on Monday" https://crontab.guru/#0_3_*_*_1 - - cron: "0 3 * * 1" + # "At 10:00 UTC (03:00 PT) on Monday" https://crontab.guru/#0_10_*_*_1 + - cron: "0 10 * * 1" jobs: analyze: diff --git a/package.json b/package.json index 6f8c9b57..3ab80b9a 100644 --- a/package.json +++ b/package.json @@ -52,7 +52,7 @@ "author": "GitHub Inc.", "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "3.5.0", + "version": "3.6.0", "engines": ">=10", "ciVersions": [ "10.0.0", From f97d6004732b822e0bf4618c3220dbefe6dcce79 Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Tue, 23 Aug 2022 11:12:09 -0700 Subject: [PATCH 07/13] chore: bump @npmcli/template-oss from 3.6.0 to 4.3.2 --- .github/dependabot.yml | 2 +- .github/matchers/tap.json | 2 +- .github/workflows/audit.yml | 26 ++- .github/workflows/ci-release.yml | 154 +++++++++++++++++ .github/workflows/ci.yml | 76 ++++++--- .github/workflows/codeql-analysis.yml | 20 +-- .github/workflows/post-dependabot.yml | 86 +++++++--- .github/workflows/pull-request.yml | 42 +++-- .github/workflows/release-please.yml | 26 --- .github/workflows/release.yml | 234 ++++++++++++++++++++++++++ .gitignore | 25 +-- .release-please-manifest.json | 3 + package.json | 28 ++- release-please-config.json | 36 ++++ 14 files changed, 628 insertions(+), 132 deletions(-) create mode 100644 .github/workflows/ci-release.yml delete mode 100644 .github/workflows/release-please.yml create mode 100644 .github/workflows/release.yml create mode 100644 .release-please-manifest.json create mode 100644 release-please-config.json diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 96d8eafb..8da2a452 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -4,7 +4,7 @@ version: 2 updates: - package-ecosystem: npm - directory: "/" + directory: / schedule: interval: daily allow: diff --git a/.github/matchers/tap.json b/.github/matchers/tap.json index ef114199..2c81ea98 100644 --- a/.github/matchers/tap.json +++ b/.github/matchers/tap.json @@ -29,4 +29,4 @@ ] } ] -} \ No newline at end of file +} diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index d46429e1..60bb334b 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -10,18 +10,28 @@ on: jobs: audit: + name: Audit Dependencies + if: github.repository_owner == 'npm' runs-on: ubuntu-latest + defaults: + run: + shell: bash steps: - - uses: actions/checkout@v3 - - name: Setup git user + - name: Checkout + uses: actions/checkout@v3 + - name: Setup Git User run: | git config --global user.email "npm-cli+bot@github.com" git config --global user.name "npm CLI robot" - - uses: actions/setup-node@v3 + - name: Setup Node + uses: actions/setup-node@v3 with: - node-version: 16.x - - name: Update npm to latest + node-version: 18.x + - name: Install npm@latest run: npm i --prefer-online --no-fund --no-audit -g npm@latest - - run: npm -v - - run: npm i --ignore-scripts --no-audit --no-fund --package-lock - - run: npm audit + - name: npm Version + run: npm -v + - name: Install Dependencies + run: npm i --ignore-scripts --no-audit --no-fund --package-lock + - name: Run Audit + run: npm audit diff --git a/.github/workflows/ci-release.yml b/.github/workflows/ci-release.yml new file mode 100644 index 00000000..00779f0d --- /dev/null +++ b/.github/workflows/ci-release.yml @@ -0,0 +1,154 @@ +# This file is automatically added by @npmcli/template-oss. Do not edit. + +name: CI - Release + +on: + workflow_call: + inputs: + ref: + required: true + type: string + check-sha: + required: true + type: string + +jobs: + lint-all: + name: Lint All + if: github.repository_owner == 'npm' + runs-on: ubuntu-latest + defaults: + run: + shell: bash + steps: + - name: Create Check + uses: LouisBrunner/checks-action@v1.3.1 + id: check + + with: + token: ${{ secrets.GITHUB_TOKEN }} + status: in_progress + name: Lint All + sha: ${{ inputs.check-sha }} + # XXX: this does not work when using the default GITHUB_TOKEN. + # Instead we post the main job url to the PR as a comment which + # will link to all the other checks. To work around this we would + # need to create a GitHub that would create on-demand tokens. + # https://github.com/LouisBrunner/checks-action/issues/18 + # details_url: + - name: Checkout + uses: actions/checkout@v3 + with: + ref: ${{ inputs.ref }} + - name: Setup Git User + run: | + git config --global user.email "npm-cli+bot@github.com" + git config --global user.name "npm CLI robot" + - name: Setup Node + uses: actions/setup-node@v3 + with: + node-version: 18.x + - name: Install npm@latest + run: npm i --prefer-online --no-fund --no-audit -g npm@latest + - name: npm Version + run: npm -v + - name: Install Dependencies + run: npm i --ignore-scripts --no-audit --no-fund + - name: Lint + run: npm run lint --ignore-scripts + - name: Post Lint + run: npm run postlint --ignore-scripts + - name: Conclude Check + uses: LouisBrunner/checks-action@v1.3.1 + if: always() + with: + token: ${{ secrets.GITHUB_TOKEN }} + conclusion: ${{ job.status }} + check_id: ${{ steps.check.outputs.check_id }} + + test-all: + name: Test All - ${{ matrix.platform.name }} - ${{ matrix.node-version }} + if: github.repository_owner == 'npm' + strategy: + fail-fast: false + matrix: + platform: + - name: Linux + os: ubuntu-latest + shell: bash + - name: macOS + os: macos-latest + shell: bash + - name: Windows + os: windows-latest + shell: cmd + node-version: + - 10.0.0 + - 10.x + - 12.x + - 14.x + - 16.x + - 18.x + runs-on: ${{ matrix.platform.os }} + defaults: + run: + shell: ${{ matrix.platform.shell }} + steps: + - name: Create Check + uses: LouisBrunner/checks-action@v1.3.1 + id: check + + with: + token: ${{ secrets.GITHUB_TOKEN }} + status: in_progress + name: Test All - ${{ matrix.platform.name }} - ${{ matrix.node-version }} + sha: ${{ inputs.check-sha }} + # XXX: this does not work when using the default GITHUB_TOKEN. + # Instead we post the main job url to the PR as a comment which + # will link to all the other checks. To work around this we would + # need to create a GitHub that would create on-demand tokens. + # https://github.com/LouisBrunner/checks-action/issues/18 + # details_url: + - name: Checkout + uses: actions/checkout@v3 + with: + ref: ${{ inputs.ref }} + - name: Setup Git User + run: | + git config --global user.email "npm-cli+bot@github.com" + git config --global user.name "npm CLI robot" + - name: Setup Node + uses: actions/setup-node@v3 + with: + node-version: ${{ matrix.node-version }} + - name: Update Windows npm + # node 12 and 14 ship with npm@6, which is known to fail when updating itself in windows + if: matrix.platform.os == 'windows-latest' && (startsWith(matrix.node-version, '12.') || startsWith(matrix.node-version, '14.')) + run: | + curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz + tar xf npm-7.5.4.tgz + cd package + node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz + cd .. + rmdir /s /q package + - name: Install npm@7 + if: startsWith(matrix.node-version, '10.') + run: npm i --prefer-online --no-fund --no-audit -g npm@7 + - name: Install npm@latest + if: ${{ !startsWith(matrix.node-version, '10.') }} + run: npm i --prefer-online --no-fund --no-audit -g npm@latest + - name: npm Version + run: npm -v + - name: Install Dependencies + run: npm i --ignore-scripts --no-audit --no-fund + - name: Add Problem Matcher + run: echo "::add-matcher::.github/matchers/tap.json" + - name: Test + run: npm test --ignore-scripts -ws -iwr --if-present + - name: Conclude Check + uses: LouisBrunner/checks-action@v1.3.1 + if: always() + with: + token: ${{ secrets.GITHUB_TOKEN }} + conclusion: ${{ job.status }} + check_id: ${{ steps.check.outputs.check_id }} diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 0abb0f6c..6ef276b1 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -5,8 +5,6 @@ name: CI on: workflow_dispatch: pull_request: - branches: - - '*' push: branches: - main @@ -17,53 +15,73 @@ on: jobs: lint: + name: Lint + if: github.repository_owner == 'npm' runs-on: ubuntu-latest + defaults: + run: + shell: bash steps: - - uses: actions/checkout@v3 - - name: Setup git user + - name: Checkout + uses: actions/checkout@v3 + - name: Setup Git User run: | git config --global user.email "npm-cli+bot@github.com" git config --global user.name "npm CLI robot" - - uses: actions/setup-node@v3 + - name: Setup Node + uses: actions/setup-node@v3 with: - node-version: 16.x - - name: Update npm to latest + node-version: 18.x + - name: Install npm@latest run: npm i --prefer-online --no-fund --no-audit -g npm@latest - - run: npm -v - - run: npm i --ignore-scripts --no-audit --no-fund - - run: npm run lint + - name: npm Version + run: npm -v + - name: Install Dependencies + run: npm i --ignore-scripts --no-audit --no-fund + - name: Lint + run: npm run lint --ignore-scripts + - name: Post Lint + run: npm run postlint --ignore-scripts test: + name: Test - ${{ matrix.platform.name }} - ${{ matrix.node-version }} + if: github.repository_owner == 'npm' strategy: fail-fast: false matrix: + platform: + - name: Linux + os: ubuntu-latest + shell: bash + - name: macOS + os: macos-latest + shell: bash + - name: Windows + os: windows-latest + shell: cmd node-version: - 10.0.0 - 10.x - 12.x - 14.x - 16.x - platform: - - os: ubuntu-latest - shell: bash - - os: macos-latest - shell: bash - - os: windows-latest - shell: cmd + - 18.x runs-on: ${{ matrix.platform.os }} defaults: run: shell: ${{ matrix.platform.shell }} steps: - - uses: actions/checkout@v3 - - name: Setup git user + - name: Checkout + uses: actions/checkout@v3 + - name: Setup Git User run: | git config --global user.email "npm-cli+bot@github.com" git config --global user.name "npm CLI robot" - - uses: actions/setup-node@v3 + - name: Setup Node + uses: actions/setup-node@v3 with: node-version: ${{ matrix.node-version }} - - name: Update to workable npm (windows) + - name: Update Windows npm # node 12 and 14 ship with npm@6, which is known to fail when updating itself in windows if: matrix.platform.os == 'windows-latest' && (startsWith(matrix.node-version, '12.') || startsWith(matrix.node-version, '14.')) run: | @@ -73,15 +91,17 @@ jobs: node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz cd .. rmdir /s /q package - - name: Update npm to 7 - # If we do test on npm 10 it needs npm7 + - name: Install npm@7 if: startsWith(matrix.node-version, '10.') run: npm i --prefer-online --no-fund --no-audit -g npm@7 - - name: Update npm to latest + - name: Install npm@latest if: ${{ !startsWith(matrix.node-version, '10.') }} run: npm i --prefer-online --no-fund --no-audit -g npm@latest - - run: npm -v - - name: add tap problem matcher + - name: npm Version + run: npm -v + - name: Install Dependencies + run: npm i --ignore-scripts --no-audit --no-fund + - name: Add Problem Matcher run: echo "::add-matcher::.github/matchers/tap.json" - - run: npm i --ignore-scripts --no-audit --no-fund - - run: npm test --ignore-scripts + - name: Test + run: npm test --ignore-scripts -iwr diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index cfd0db30..66b9498a 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -1,6 +1,6 @@ # This file is automatically added by @npmcli/template-oss. Do not edit. -name: "CodeQL" +name: CodeQL on: push: @@ -8,7 +8,6 @@ on: - main - latest pull_request: - # The branches below must be a subset of the branches above branches: - main - latest @@ -24,21 +23,16 @@ jobs: actions: read contents: read security-events: write - - strategy: - fail-fast: false - matrix: - language: [ javascript ] - steps: - - uses: actions/checkout@v3 - - name: Setup git user + - name: Checkout + uses: actions/checkout@v3 + - name: Setup Git User run: | git config --global user.email "npm-cli+bot@github.com" git config --global user.name "npm CLI robot" - name: Initialize CodeQL - uses: github/codeql-action/init@v1 + uses: github/codeql-action/init@v2 with: - languages: ${{ matrix.language }} + languages: javascript - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v1 + uses: github/codeql-action/analyze@v2 diff --git a/.github/workflows/post-dependabot.yml b/.github/workflows/post-dependabot.yml index b6e81e6e..98acf69c 100644 --- a/.github/workflows/post-dependabot.yml +++ b/.github/workflows/post-dependabot.yml @@ -1,43 +1,91 @@ # This file is automatically added by @npmcli/template-oss. Do not edit. -name: Post Dependabot Actions +name: Post Dependabot on: pull_request -# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions permissions: contents: write jobs: - template-oss-apply: + template-oss: + name: template-oss + if: github.repository_owner == 'npm' && github.actor == 'dependabot[bot]' runs-on: ubuntu-latest - if: github.actor == 'dependabot[bot]' + defaults: + run: + shell: bash steps: - - uses: actions/checkout@v3 - - name: Setup git user + - name: Checkout + uses: actions/checkout@v3 + with: + ref: ${{ github.event.pull_request.head_ref }} + - name: Setup Git User run: | git config --global user.email "npm-cli+bot@github.com" git config --global user.name "npm CLI robot" - - uses: actions/setup-node@v3 + - name: Setup Node + uses: actions/setup-node@v3 with: - node-version: 16.x - - name: Update npm to latest + node-version: 18.x + - name: Install npm@latest run: npm i --prefer-online --no-fund --no-audit -g npm@latest - - run: npm -v - - name: Dependabot metadata + - name: npm Version + run: npm -v + - name: Install Dependencies + run: npm i --ignore-scripts --no-audit --no-fund + - name: Fetch Dependabot Metadata id: metadata - uses: dependabot/fetch-metadata@v1.1.1 + uses: dependabot/fetch-metadata@v1 with: - github-token: "${{ secrets.GITHUB_TOKEN }}" - - name: npm install and commit + github-token: ${{ secrets.GITHUB_TOKEN }} + + # Dependabot can update multiple directories so we output which directory + # it is acting on so we can run the command for the correct root or workspace + - name: Get Dependabot Directory if: contains(steps.metadata.outputs.dependency-names, '@npmcli/template-oss') + id: flags + run: | + if [[ "${{ steps.metadata.outputs.directory }}" == "/" ]]; then + echo "::set-output name=workspace::-iwr" + else + echo "::set-output name=workspace::-w ${{ steps.metadata.outputs.directory }}" + fi + + - name: Apply Changes + if: steps.flags.outputs.workspace + id: apply + run: | + npm run template-oss-apply ${{ steps.flags.outputs.workspace }} + if [[ `git status --porcelain` ]]; then + echo "::set-output name=changes::true" + fi + + # This step will fail if template-oss has made any workflow updates. It is impossible + # for a workflow to update other workflows. In the case it does fail, we continue + # and then try to apply only a portion of the changes in the next step + - name: Push All Changes + if: steps.apply.outputs.changes + id: push + continue-on-error: true + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + git commit -am "chore: postinstall for dependabot template-oss PR" + git push + + - name: Push All Changes Except Workflows + if: steps.push.outcome == 'failure' env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | - gh pr checkout ${{ github.event.pull_request.number }} - npm install --ignore-scripts --no-audit --no-fund - npm run template-oss-apply - git add . + git reset HEAD~ + git checkout HEAD -- .github/workflows/ + git clean -fd .github/workflows/ git commit -am "chore: postinstall for dependabot template-oss PR" git push - npm run lint + + - name: Check Changes + if: steps.apply.outputs.changes + run: | + npm exec --offline ${{ steps.flags.outputs.workspace }} -- template-oss-check diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml index 72230764..1a1d1ee8 100644 --- a/.github/workflows/pull-request.yml +++ b/.github/workflows/pull-request.yml @@ -1,6 +1,6 @@ # This file is automatically added by @npmcli/template-oss. Do not edit. -name: Pull Request Linting +name: Pull Request on: pull_request: @@ -11,28 +11,38 @@ on: - synchronize jobs: - check: - name: Check PR Title or Commits + commitlint: + name: Lint Commits + if: github.repository_owner == 'npm' runs-on: ubuntu-latest + defaults: + run: + shell: bash steps: - - uses: actions/checkout@v3 + - name: Checkout + uses: actions/checkout@v3 with: fetch-depth: 0 - - name: Setup git user + - name: Setup Git User run: | git config --global user.email "npm-cli+bot@github.com" git config --global user.name "npm CLI robot" - - uses: actions/setup-node@v3 + - name: Setup Node + uses: actions/setup-node@v3 with: - node-version: 16.x - - name: Update npm to latest + node-version: 18.x + - name: Install npm@latest run: npm i --prefer-online --no-fund --no-audit -g npm@latest - - run: npm -v - - name: Install deps - run: npm i -D @commitlint/cli @commitlint/config-conventional - - name: Check commits OR PR title - env: - PR_TITLE: ${{ github.event.pull_request.title }} + - name: npm Version + run: npm -v + - name: Install Dependencies + run: npm i --ignore-scripts --no-audit --no-fund + - name: Run Commitlint on Commits + id: commit + continue-on-error: true run: | - npx --offline commitlint -V --from origin/main --to ${{ github.event.pull_request.head.sha }} \ - || echo $PR_TITLE | npx --offline commitlint -V + npx --offline commitlint -V --from origin/${{ github.base_ref }} --to ${{ github.event.pull_request.head.sha }} + - name: Run Commitlint on PR Title + if: steps.commit.outcome == 'failure' + run: | + echo ${{ github.event.pull_request.title }} | npx --offline commitlint -V diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml deleted file mode 100644 index ab3a9105..00000000 --- a/.github/workflows/release-please.yml +++ /dev/null @@ -1,26 +0,0 @@ -# This file is automatically added by @npmcli/template-oss. Do not edit. - -name: Release Please - -on: - push: - branches: - - main - - latest - -jobs: - release-please: - runs-on: ubuntu-latest - steps: - - uses: google-github-actions/release-please-action@v3 - id: release - with: - release-type: node - changelog-types: > - [ - {"type":"feat","section":"Features","hidden":false}, - {"type":"fix","section":"Bug Fixes","hidden":false}, - {"type":"docs","section":"Documentation","hidden":false}, - {"type":"deps","section":"Dependencies","hidden":false}, - {"type":"chore","hidden":true} - ] diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 00000000..01a8d6a9 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,234 @@ +# This file is automatically added by @npmcli/template-oss. Do not edit. + +name: Release + +on: + push: + branches: + - main + - latest + +permissions: + contents: write + pull-requests: write + checks: write + +jobs: + release: + outputs: + pr: ${{ steps.release.outputs.pr }} + releases: ${{ steps.release.outputs.releases }} + release-flags: ${{ steps.release.outputs.release-flags }} + branch: ${{ steps.release.outputs.pr-branch }} + pr-number: ${{ steps.release.outputs.pr-number }} + comment-id: ${{ steps.pr-comment.outputs.result }} + check-id: ${{ steps.check.outputs.check_id }} + name: Release + if: github.repository_owner == 'npm' + runs-on: ubuntu-latest + defaults: + run: + shell: bash + steps: + - name: Checkout + uses: actions/checkout@v3 + - name: Setup Git User + run: | + git config --global user.email "npm-cli+bot@github.com" + git config --global user.name "npm CLI robot" + - name: Setup Node + uses: actions/setup-node@v3 + with: + node-version: 18.x + - name: Install npm@latest + run: npm i --prefer-online --no-fund --no-audit -g npm@latest + - name: npm Version + run: npm -v + - name: Install Dependencies + run: npm i --ignore-scripts --no-audit --no-fund + - name: Release Please + id: release + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + npx --offline template-oss-release-please ${{ github.ref_name }} + - name: Post Pull Request Comment + if: steps.release.outputs.pr-number + uses: actions/github-script@v6 + id: pr-comment + env: + PR_NUMBER: ${{ steps.release.outputs.pr-number }} + with: + script: | + const repo = { owner: context.repo.owner, repo: context.repo.repo } + const issue = { ...repo, issue_number: process.env.PR_NUMBER } + + const { data: workflow } = await github.rest.actions.getWorkflowRun({ ...repo, run_id: context.runId }) + + let body = '## Release Manager\n\n' + + const comments = await github.paginate(github.rest.issues.listComments, issue) + let commentId = comments?.find(c => c.user.login === 'github-actions[bot]' && c.body.startsWith(body))?.id + + body += `- Release workflow run: ${workflow.html_url}` + if (commentId) { + await github.rest.issues.updateComment({ ...repo, comment_id: commentId, body }) + } else { + const { data: comment } = await github.rest.issues.createComment({ ...issue, body }) + commentId = comment?.id + } + + return commentId + - name: Create Check + uses: LouisBrunner/checks-action@v1.3.1 + id: check + if: steps.release.outputs.pr-number + with: + token: ${{ secrets.GITHUB_TOKEN }} + status: in_progress + name: Release + sha: ${{ steps.release.outputs.pr-sha }} + # XXX: this does not work when using the default GITHUB_TOKEN. + # Instead we post the main job url to the PR as a comment which + # will link to all the other checks. To work around this we would + # need to create a GitHub that would create on-demand tokens. + # https://github.com/LouisBrunner/checks-action/issues/18 + # details_url: + + update: + needs: release + outputs: + sha: ${{ steps.commit.outputs.sha }} + check-id: ${{ steps.check.outputs.check_id }} + name: Update - Release + if: github.repository_owner == 'npm' && needs.release.outputs.pr + runs-on: ubuntu-latest + defaults: + run: + shell: bash + steps: + - name: Checkout + uses: actions/checkout@v3 + with: + fetch-depth: 0 + ref: ${{ needs.release.outputs.branch }} + - name: Setup Git User + run: | + git config --global user.email "npm-cli+bot@github.com" + git config --global user.name "npm CLI robot" + - name: Setup Node + uses: actions/setup-node@v3 + with: + node-version: 18.x + - name: Install npm@latest + run: npm i --prefer-online --no-fund --no-audit -g npm@latest + - name: npm Version + run: npm -v + - name: Install Dependencies + run: npm i --ignore-scripts --no-audit --no-fund + - name: Run Post Pull Request Actions + env: + RELEASE_PR_NUMBER: ${{ needs.release.outputs.pr-number }} + RELEASE_COMMENT_ID: ${{ needs.release.outputs.comment-id }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + npm run rp-pull-request --ignore-scripts -ws -iwr --if-present + - name: Commit + id: commit + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + git commit --all --amend --no-edit || true + git push --force-with-lease + echo "::set-output name=sha::$(git rev-parse HEAD)" + - name: Create Check + uses: LouisBrunner/checks-action@v1.3.1 + id: check + + with: + token: ${{ secrets.GITHUB_TOKEN }} + status: in_progress + name: Release + sha: ${{ steps.commit.outputs.sha }} + # XXX: this does not work when using the default GITHUB_TOKEN. + # Instead we post the main job url to the PR as a comment which + # will link to all the other checks. To work around this we would + # need to create a GitHub that would create on-demand tokens. + # https://github.com/LouisBrunner/checks-action/issues/18 + # details_url: + - name: Conclude Check + uses: LouisBrunner/checks-action@v1.3.1 + if: always() + with: + token: ${{ secrets.GITHUB_TOKEN }} + conclusion: ${{ job.status }} + check_id: ${{ needs.release.outputs.check-id }} + + ci: + name: CI - Release + needs: [ release, update ] + if: needs.release.outputs.pr + uses: ./.github/workflows/ci-release.yml + with: + ref: ${{ needs.release.outputs.branch }} + check-sha: ${{ needs.update.outputs.sha }} + + post-ci: + needs: [ release, update, ci ] + name: Post CI - Release + if: github.repository_owner == 'npm' && needs.release.outputs.pr && always() + runs-on: ubuntu-latest + defaults: + run: + shell: bash + steps: + - name: Get Needs Result + id: needs-result + run: | + result="" + if [[ "${{ contains(needs.*.result, 'failure') }}" == "true" ]]; then + result="failure" + elif [[ "${{ contains(needs.*.result, 'cancelled') }}" == "true" ]]; then + result="cancelled" + else + result="success" + fi + echo "::set-output name=result::$result" + - name: Conclude Check + uses: LouisBrunner/checks-action@v1.3.1 + if: always() + with: + token: ${{ secrets.GITHUB_TOKEN }} + conclusion: ${{ steps.needs-result.outputs.result }} + check_id: ${{ needs.update.outputs.check-id }} + + post-release: + needs: release + name: Post Release - Release + if: github.repository_owner == 'npm' && needs.release.outputs.releases + runs-on: ubuntu-latest + defaults: + run: + shell: bash + steps: + - name: Checkout + uses: actions/checkout@v3 + - name: Setup Git User + run: | + git config --global user.email "npm-cli+bot@github.com" + git config --global user.name "npm CLI robot" + - name: Setup Node + uses: actions/setup-node@v3 + with: + node-version: 18.x + - name: Install npm@latest + run: npm i --prefer-online --no-fund --no-audit -g npm@latest + - name: npm Version + run: npm -v + - name: Install Dependencies + run: npm i --ignore-scripts --no-audit --no-fund + - name: Run Post Release Actions + env: + RELEASES: ${{ needs.release.outputs.releases }} + run: | + npm run rp-release --ignore-scripts --if-present ${{ join(fromJSON(needs.release.outputs.release-flags), ' ') }} diff --git a/.gitignore b/.gitignore index 8cd974e0..3b94e235 100644 --- a/.gitignore +++ b/.gitignore @@ -4,29 +4,32 @@ /* # keep these -!/.eslintrc.local.* !**/.gitignore -!/docs/ -!/tap-snapshots/ -!/test/ -!/map.js -!/scripts/ -!/README* -!/LICENSE* -!/CHANGELOG* !/.commitlintrc.js !/.eslintrc.js +!/.eslintrc.local.* !/.github/ !/.gitignore !/.npmrc -!/CODE_OF_CONDUCT.md -!/SECURITY.md +!/.release-please-manifest.json !/bin/ +!/CHANGELOG* !/classes/ +!/CODE_OF_CONDUCT.md +!/docs/ !/functions/ !/index.js !/internal/ +!/lib/ +!/LICENSE* +!/map.js !/package.json !/preload.js !/range.bnf !/ranges/ +!/README* +!/release-please-config.json +!/scripts/ +!/SECURITY.md +!/tap-snapshots/ +!/test/ diff --git a/.release-please-manifest.json b/.release-please-manifest.json new file mode 100644 index 00000000..cb9f56d9 --- /dev/null +++ b/.release-please-manifest.json @@ -0,0 +1,3 @@ +{ + ".": "7.3.7" +} diff --git a/package.json b/package.json index 3ab80b9a..ed130058 100644 --- a/package.json +++ b/package.json @@ -6,19 +6,15 @@ "scripts": { "test": "tap", "snap": "tap", - "preversion": "npm test", - "postversion": "npm publish", - "postpublish": "git push origin --follow-tags", "lint": "eslint \"**/*.js\"", "postlint": "template-oss-check", "lintfix": "npm run lint -- --fix", - "prepublishOnly": "git push origin --follow-tags", "posttest": "npm run lint", "template-oss-apply": "template-oss-apply --force" }, "devDependencies": { "@npmcli/eslint-config": "^3.0.1", - "@npmcli/template-oss": "3.6.0", + "@npmcli/template-oss": "4.3.2", "tap": "^16.0.0" }, "license": "ISC", @@ -31,6 +27,7 @@ }, "files": [ "bin/", + "lib/", "classes/", "functions/", "internal/", @@ -41,7 +38,11 @@ ], "tap": { "check-coverage": true, - "coverage-map": "map.js" + "coverage-map": "map.js", + "nyc-arg": [ + "--exclude", + "tap-snapshots/**" + ] }, "engines": { "node": ">=10" @@ -52,17 +53,17 @@ "author": "GitHub Inc.", "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "3.6.0", + "version": "4.3.2", "engines": ">=10", "ciVersions": [ "10.0.0", "10.x", "12.x", "14.x", - "16.x" + "16.x", + "18.x" ], "distPaths": [ - "bin/", "classes/", "functions/", "internal/", @@ -70,6 +71,15 @@ "index.js", "preload.js", "range.bnf" + ], + "allowPaths": [ + "/classes/", + "/functions/", + "/internal/", + "/ranges/", + "/index.js", + "/preload.js", + "/range.bnf" ] } } diff --git a/release-please-config.json b/release-please-config.json new file mode 100644 index 00000000..73d1e353 --- /dev/null +++ b/release-please-config.json @@ -0,0 +1,36 @@ +{ + "exclude-packages-from-root": true, + "group-pull-request-title-pattern": "chore: release ${version}", + "pull-request-title-pattern": "chore: release${component} ${version}", + "changelog-sections": [ + { + "type": "feat", + "section": "Features", + "hidden": false + }, + { + "type": "fix", + "section": "Bug Fixes", + "hidden": false + }, + { + "type": "docs", + "section": "Documentation", + "hidden": false + }, + { + "type": "deps", + "section": "Dependencies", + "hidden": false + }, + { + "type": "chore", + "hidden": true + } + ], + "packages": { + ".": { + "package-name": "" + } + } +} From 802a66d868044f6c040634a95333fb36aac2535f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 23 Sep 2022 06:47:56 +0000 Subject: [PATCH 08/13] chore: bump @npmcli/template-oss from 4.3.2 to 4.4.4 Bumps [@npmcli/template-oss](https://github.com/npm/template-oss) from 4.3.2 to 4.4.4. - [Release notes](https://github.com/npm/template-oss/releases) - [Changelog](https://github.com/npm/template-oss/blob/main/CHANGELOG.md) - [Commits](https://github.com/npm/template-oss/compare/v4.3.2...v4.4.4) --- updated-dependencies: - dependency-name: @npmcli/template-oss dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index ed130058..cfafbe74 100644 --- a/package.json +++ b/package.json @@ -14,7 +14,7 @@ }, "devDependencies": { "@npmcli/eslint-config": "^3.0.1", - "@npmcli/template-oss": "4.3.2", + "@npmcli/template-oss": "4.4.4", "tap": "^16.0.0" }, "license": "ISC", From 60108838a3ad5ed75e0d6142c7bea66503556ccc Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Thu, 29 Sep 2022 20:36:26 -0700 Subject: [PATCH 09/13] chore: postinstall for dependabot template-oss PR --- .github/workflows/ci.yml | 48 +++++++++++++++++++++++++++ .github/workflows/post-dependabot.yml | 42 +++++++++++++++++++---- package.json | 2 +- 3 files changed, 85 insertions(+), 7 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 6ef276b1..293511ca 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -14,6 +14,54 @@ on: - cron: "0 9 * * 1" jobs: + engines: + name: Engines - ${{ matrix.platform.name }} - ${{ matrix.node-version }} + if: github.repository_owner == 'npm' + strategy: + fail-fast: false + matrix: + platform: + - name: Linux + os: ubuntu-latest + shell: bash + node-version: + - 10.0.0 + runs-on: ${{ matrix.platform.os }} + defaults: + run: + shell: ${{ matrix.platform.shell }} + steps: + - name: Checkout + uses: actions/checkout@v3 + - name: Setup Git User + run: | + git config --global user.email "npm-cli+bot@github.com" + git config --global user.name "npm CLI robot" + - name: Setup Node + uses: actions/setup-node@v3 + with: + node-version: ${{ matrix.node-version }} + - name: Update Windows npm + # node 12 and 14 ship with npm@6, which is known to fail when updating itself in windows + if: matrix.platform.os == 'windows-latest' && (startsWith(matrix.node-version, '12.') || startsWith(matrix.node-version, '14.')) + run: | + curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz + tar xf npm-7.5.4.tgz + cd package + node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz + cd .. + rmdir /s /q package + - name: Install npm@7 + if: startsWith(matrix.node-version, '10.') + run: npm i --prefer-online --no-fund --no-audit -g npm@7 + - name: Install npm@latest + if: ${{ !startsWith(matrix.node-version, '10.') }} + run: npm i --prefer-online --no-fund --no-audit -g npm@latest + - name: npm Version + run: npm -v + - name: Install Dependencies + run: npm i --ignore-scripts --no-audit --no-fund --engines-strict + lint: name: Lint if: github.repository_owner == 'npm' diff --git a/.github/workflows/post-dependabot.yml b/.github/workflows/post-dependabot.yml index 98acf69c..e854e127 100644 --- a/.github/workflows/post-dependabot.yml +++ b/.github/workflows/post-dependabot.yml @@ -19,7 +19,7 @@ jobs: - name: Checkout uses: actions/checkout@v3 with: - ref: ${{ github.event.pull_request.head_ref }} + ref: ${{ github.ref_name }} - name: Setup Git User run: | git config --global user.email "npm-cli+bot@github.com" @@ -46,10 +46,13 @@ jobs: if: contains(steps.metadata.outputs.dependency-names, '@npmcli/template-oss') id: flags run: | - if [[ "${{ steps.metadata.outputs.directory }}" == "/" ]]; then + dependabot_dir="${{ steps.metadata.outputs.directory }}" + if [[ "$dependabot_dir" == "/" ]]; then echo "::set-output name=workspace::-iwr" else - echo "::set-output name=workspace::-w ${{ steps.metadata.outputs.directory }}" + # strip leading slash from directory so it works as a + # a path to the workspace flag + echo "::set-output name=workspace::-w ${dependabot_dir#/}" fi - name: Apply Changes @@ -60,6 +63,15 @@ jobs: if [[ `git status --porcelain` ]]; then echo "::set-output name=changes::true" fi + # This only sets the conventional commit prefix. This workflow can't reliably determine + # what the breaking change is though. If a BREAKING CHANGE message is required then + # this PR check will fail and the commit will be amended with stafftools + if [[ "${{ steps.dependabot-metadata.outputs.update-type }}" == "version-update:semver-major" ]]; then + prefix='feat!' + else + prefix='chore!' + fi + echo "::set-output name=message::$prefix: postinstall for dependabot template-oss PR" # This step will fail if template-oss has made any workflow updates. It is impossible # for a workflow to update other workflows. In the case it does fail, we continue @@ -71,21 +83,39 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | - git commit -am "chore: postinstall for dependabot template-oss PR" + git commit -am "${{ steps.apply.outputs.message }}" git push + # If the previous step failed, then reset the commit and remove any workflow changes + # and attempt to commit and push again. This is helpful because we will have a commit + # with the correct prefix that we can then --amend with @npmcli/stafftools later. - name: Push All Changes Except Workflows - if: steps.push.outcome == 'failure' + if: steps.apply.outputs.changes && steps.push-all.outcome == 'failure' env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | git reset HEAD~ git checkout HEAD -- .github/workflows/ git clean -fd .github/workflows/ - git commit -am "chore: postinstall for dependabot template-oss PR" + git commit -am "${{ steps.apply.outputs.message }}" git push + # Check if all the necessary template-oss changes were applied. Since we continued + # on errors in one of the previous steps, this check will fail if our follow up + # only applied a portion of the changes and we need to followup manually. + # + # Note that this used to run `lint` and `postlint` but that will fail this action + # if we've also shipped any linting changes separate from template-oss. We do + # linting in another action, so we want to fail this one only if there are + # template-oss changes that could not be applied. - name: Check Changes if: steps.apply.outputs.changes run: | npm exec --offline ${{ steps.flags.outputs.workspace }} -- template-oss-check + + - name: Fail on Breaking Change + if: steps.apply.outputs.changes && startsWith(steps.apply.outputs.message, 'feat!') + run: | + echo "This PR has a breaking change. Run 'npx -p @npmcli/stafftools gh template-oss-fix'" + echo "for more information on how to fix this with a BREAKING CHANGE footer." + exit 1 diff --git a/package.json b/package.json index cfafbe74..105fef5d 100644 --- a/package.json +++ b/package.json @@ -53,7 +53,7 @@ "author": "GitHub Inc.", "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.3.2", + "version": "4.4.4", "engines": ">=10", "ciVersions": [ "10.0.0", From 7209b14ccd7ca35b9a1077a0b67d9ce884fe6d00 Mon Sep 17 00:00:00 2001 From: Amit Sengupta Date: Tue, 4 Oct 2022 23:51:06 +0530 Subject: [PATCH 10/13] docs: update range.js comments to clarify the caret ranges examples (#477) --- classes/range.js | 3 +++ 1 file changed, 3 insertions(+) diff --git a/classes/range.js b/classes/range.js index 7dc24bc7..a791d912 100644 --- a/classes/range.js +++ b/classes/range.js @@ -252,6 +252,7 @@ const isX = id => !id || id.toLowerCase() === 'x' || id === '*' // ~1.2, ~1.2.x, ~>1.2, ~>1.2.x --> >=1.2.0 <1.3.0-0 // ~1.2.3, ~>1.2.3 --> >=1.2.3 <1.3.0-0 // ~1.2.0, ~>1.2.0 --> >=1.2.0 <1.3.0-0 +// ~0.0.1 --> >=0.0.1 <0.1.0-0 const replaceTildes = (comp, options) => comp.trim().split(/\s+/).map((c) => { return replaceTilde(c, options) @@ -291,6 +292,8 @@ const replaceTilde = (comp, options) => { // ^1.2, ^1.2.x --> >=1.2.0 <2.0.0-0 // ^1.2.3 --> >=1.2.3 <2.0.0-0 // ^1.2.0 --> >=1.2.0 <2.0.0-0 +// ^0.0.1 --> >=0.0.1 <0.0.2-0 +// ^0.1.0 --> >=0.1.0 <0.2.0-0 const replaceCarets = (comp, options) => comp.trim().split(/\s+/).map((c) => { return replaceCaret(c, options) From d8ef32cee7a7e34310838f32451c9bcf52956b64 Mon Sep 17 00:00:00 2001 From: Myles Borins Date: Tue, 4 Oct 2022 14:27:11 -0400 Subject: [PATCH 11/13] fix: add support for node.js esm auto exports (#383) --- index.js | 122 ++++++++++++++++++++++++++++++++++++------------------- 1 file changed, 81 insertions(+), 41 deletions(-) diff --git a/index.js b/index.js index 57e2ae64..4a342c6a 100644 --- a/index.js +++ b/index.js @@ -1,48 +1,88 @@ // just pre-load all the stuff that index.js lazily exports const internalRe = require('./internal/re') +const constants = require('./internal/constants') +const SemVer = require('./classes/semver') +const identifiers = require('./internal/identifiers') +const parse = require('./functions/parse') +const valid = require('./functions/valid') +const clean = require('./functions/clean') +const inc = require('./functions/inc') +const diff = require('./functions/diff') +const major = require('./functions/major') +const minor = require('./functions/minor') +const patch = require('./functions/patch') +const prerelease = require('./functions/prerelease') +const compare = require('./functions/compare') +const rcompare = require('./functions/rcompare') +const compareLoose = require('./functions/compare-loose') +const compareBuild = require('./functions/compare-build') +const sort = require('./functions/sort') +const rsort = require('./functions/rsort') +const gt = require('./functions/gt') +const lt = require('./functions/lt') +const eq = require('./functions/eq') +const neq = require('./functions/neq') +const gte = require('./functions/gte') +const lte = require('./functions/lte') +const cmp = require('./functions/cmp') +const coerce = require('./functions/coerce') +const Comparator = require('./classes/comparator') +const Range = require('./classes/range') +const satisfies = require('./functions/satisfies') +const toComparators = require('./ranges/to-comparators') +const maxSatisfying = require('./ranges/max-satisfying') +const minSatisfying = require('./ranges/min-satisfying') +const minVersion = require('./ranges/min-version') +const validRange = require('./ranges/valid') +const outside = require('./ranges/outside') +const gtr = require('./ranges/gtr') +const ltr = require('./ranges/ltr') +const intersects = require('./ranges/intersects') +const simplifyRange = require('./ranges/simplify') +const subset = require('./ranges/subset') module.exports = { + parse, + valid, + clean, + inc, + diff, + major, + minor, + patch, + prerelease, + compare, + rcompare, + compareLoose, + compareBuild, + sort, + rsort, + gt, + lt, + eq, + neq, + gte, + lte, + cmp, + coerce, + Comparator, + Range, + satisfies, + toComparators, + maxSatisfying, + minSatisfying, + minVersion, + validRange, + outside, + gtr, + ltr, + intersects, + simplifyRange, + subset, + SemVer, re: internalRe.re, src: internalRe.src, tokens: internalRe.t, - SEMVER_SPEC_VERSION: require('./internal/constants').SEMVER_SPEC_VERSION, - SemVer: require('./classes/semver'), - compareIdentifiers: require('./internal/identifiers').compareIdentifiers, - rcompareIdentifiers: require('./internal/identifiers').rcompareIdentifiers, - parse: require('./functions/parse'), - valid: require('./functions/valid'), - clean: require('./functions/clean'), - inc: require('./functions/inc'), - diff: require('./functions/diff'), - major: require('./functions/major'), - minor: require('./functions/minor'), - patch: require('./functions/patch'), - prerelease: require('./functions/prerelease'), - compare: require('./functions/compare'), - rcompare: require('./functions/rcompare'), - compareLoose: require('./functions/compare-loose'), - compareBuild: require('./functions/compare-build'), - sort: require('./functions/sort'), - rsort: require('./functions/rsort'), - gt: require('./functions/gt'), - lt: require('./functions/lt'), - eq: require('./functions/eq'), - neq: require('./functions/neq'), - gte: require('./functions/gte'), - lte: require('./functions/lte'), - cmp: require('./functions/cmp'), - coerce: require('./functions/coerce'), - Comparator: require('./classes/comparator'), - Range: require('./classes/range'), - satisfies: require('./functions/satisfies'), - toComparators: require('./ranges/to-comparators'), - maxSatisfying: require('./ranges/max-satisfying'), - minSatisfying: require('./ranges/min-satisfying'), - minVersion: require('./ranges/min-version'), - validRange: require('./ranges/valid'), - outside: require('./ranges/outside'), - gtr: require('./ranges/gtr'), - ltr: require('./ranges/ltr'), - intersects: require('./ranges/intersects'), - simplifyRange: require('./ranges/simplify'), - subset: require('./ranges/subset'), + SEMVER_SPEC_VERSION: constants.SEMVER_SPEC_VERSION, + compareIdentifiers: identifiers.compareIdentifiers, + rcompareIdentifiers: identifiers.rcompareIdentifiers, } From 40f7dfcc20974c3f8e526b359326da5db02407a4 Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Tue, 4 Oct 2022 12:30:57 -0700 Subject: [PATCH 12/13] chore(ci): dont set workspaces flag for tests (#487) --- .github/workflows/ci-release.yml | 2 +- .github/workflows/ci.yml | 2 +- package.json | 1 + scripts/_step-test.yml | 4 ++++ 4 files changed, 7 insertions(+), 2 deletions(-) create mode 100644 scripts/_step-test.yml diff --git a/.github/workflows/ci-release.yml b/.github/workflows/ci-release.yml index 00779f0d..ccd68e1e 100644 --- a/.github/workflows/ci-release.yml +++ b/.github/workflows/ci-release.yml @@ -144,7 +144,7 @@ jobs: - name: Add Problem Matcher run: echo "::add-matcher::.github/matchers/tap.json" - name: Test - run: npm test --ignore-scripts -ws -iwr --if-present + run: npm test --ignore-scripts - name: Conclude Check uses: LouisBrunner/checks-action@v1.3.1 if: always() diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 293511ca..4bc2e2db 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -152,4 +152,4 @@ jobs: - name: Add Problem Matcher run: echo "::add-matcher::.github/matchers/tap.json" - name: Test - run: npm test --ignore-scripts -iwr + run: npm test --ignore-scripts diff --git a/package.json b/package.json index 105fef5d..25255f82 100644 --- a/package.json +++ b/package.json @@ -55,6 +55,7 @@ "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", "version": "4.4.4", "engines": ">=10", + "content": "./scripts", "ciVersions": [ "10.0.0", "10.x", diff --git a/scripts/_step-test.yml b/scripts/_step-test.yml new file mode 100644 index 00000000..5b7131bc --- /dev/null +++ b/scripts/_step-test.yml @@ -0,0 +1,4 @@ +- name: Add Problem Matcher + run: echo "::add-matcher::.github/matchers/tap.json" +- name: Test + run: {{ rootNpmPath }} test --ignore-scripts From dc0fe202faaf19a545ce5eeab3480be84180a082 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 4 Oct 2022 12:37:26 -0700 Subject: [PATCH 13/13] chore: release 7.3.8 (#486) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- .release-please-manifest.json | 2 +- CHANGELOG.md | 10 ++++++++++ package.json | 2 +- 3 files changed, 12 insertions(+), 2 deletions(-) diff --git a/.release-please-manifest.json b/.release-please-manifest.json index cb9f56d9..c1526ab8 100644 --- a/.release-please-manifest.json +++ b/.release-please-manifest.json @@ -1,3 +1,3 @@ { - ".": "7.3.7" + ".": "7.3.8" } diff --git a/CHANGELOG.md b/CHANGELOG.md index 04ad0067..289bbac0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,15 @@ # Changelog +## [7.3.8](https://github.com/npm/node-semver/compare/v7.3.7...v7.3.8) (2022-10-04) + +### Bug Fixes + +* [`d8ef32c`](https://github.com/npm/node-semver/commit/d8ef32cee7a7e34310838f32451c9bcf52956b64) [#383](https://github.com/npm/node-semver/pull/383) add support for node.js esm auto exports (#383) (@MylesBorins) + +### Documentation + +* [`7209b14`](https://github.com/npm/node-semver/commit/7209b14ccd7ca35b9a1077a0b67d9ce884fe6d00) [#477](https://github.com/npm/node-semver/pull/477) update range.js comments to clarify the caret ranges examples (#477) (@amitse) + ### [7.3.7](https://github.com/npm/node-semver/compare/v7.3.6...v7.3.7) (2022-04-11) diff --git a/package.json b/package.json index 25255f82..72d3f66e 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "semver", - "version": "7.3.7", + "version": "7.3.8", "description": "The semantic version parser used by npm.", "main": "index.js", "scripts": {