From 0e0c98bc2c799f153adb9e71965fede32e550a58 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 14 Sep 2023 18:44:43 +0000 Subject: [PATCH 1/3] chore: bump @npmcli/template-oss from 4.17.0 to 4.18.1 Bumps [@npmcli/template-oss](https://github.com/npm/template-oss) from 4.17.0 to 4.18.1. - [Release notes](https://github.com/npm/template-oss/releases) - [Changelog](https://github.com/npm/template-oss/blob/main/CHANGELOG.md) - [Commits](https://github.com/npm/template-oss/compare/v4.17.0...v4.18.1) --- updated-dependencies: - dependency-name: "@npmcli/template-oss" dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index db035e97..63abf2a8 100644 --- a/package.json +++ b/package.json @@ -13,7 +13,7 @@ "posttest": "npm run lint" }, "devDependencies": { - "@npmcli/template-oss": "4.17.0", + "@npmcli/template-oss": "4.18.1", "tap": "^12.7.0" }, "license": "ISC", From 0f3c921e743afa42b1050abf4a99ab144e7facf9 Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Thu, 14 Sep 2023 18:28:12 -0700 Subject: [PATCH 2/3] chore: postinstall for dependabot template-oss PR --- .github/settings.yml | 52 --------------------------- .github/workflows/audit.yml | 5 ++- .github/workflows/ci-release.yml | 12 +++++-- .github/workflows/ci.yml | 11 ++++-- .github/workflows/codeql-analysis.yml | 2 -- .github/workflows/pull-request.yml | 7 ++-- .github/workflows/release.yml | 16 ++++++--- package.json | 4 +-- scripts/template-oss/index.js | 6 ++-- 9 files changed, 42 insertions(+), 73 deletions(-) delete mode 100644 .github/settings.yml diff --git a/.github/settings.yml b/.github/settings.yml deleted file mode 100644 index adbef7e6..00000000 --- a/.github/settings.yml +++ /dev/null @@ -1,52 +0,0 @@ -# This file is automatically added by @npmcli/template-oss. Do not edit. - -repository: - allow_merge_commit: false - allow_rebase_merge: true - allow_squash_merge: true - squash_merge_commit_title: PR_TITLE - squash_merge_commit_message: PR_BODY - delete_branch_on_merge: true - enable_automated_security_fixes: true - enable_vulnerability_alerts: true - -branches: - - name: main - protection: - required_status_checks: null - enforce_admins: true - required_pull_request_reviews: - required_approving_review_count: 1 - require_code_owner_reviews: true - require_last_push_approval: true - dismiss_stale_reviews: true - restrictions: - apps: [] - users: [] - teams: [ "cli-team" ] - - name: latest - protection: - required_status_checks: null - enforce_admins: true - required_pull_request_reviews: - required_approving_review_count: 1 - require_code_owner_reviews: true - require_last_push_approval: true - dismiss_stale_reviews: true - restrictions: - apps: [] - users: [] - teams: [ "cli-team" ] - - name: release/v* - protection: - required_status_checks: null - enforce_admins: true - required_pull_request_reviews: - required_approving_review_count: 1 - require_code_owner_reviews: true - require_last_push_approval: true - dismiss_stale_reviews: true - restrictions: - apps: [] - users: [] - teams: [ "cli-team" ] diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index 614b85d7..3cbca596 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -25,8 +25,11 @@ jobs: git config --global user.name "npm CLI robot" - name: Setup Node uses: actions/setup-node@v3 + id: node with: - node-version: 18.x + node-version: 20.x + check-latest: contains('20.x', '.x') + - name: Remove Template-OSS if: matrix && matrix.node-version == '6.17.1' run: | diff --git a/.github/workflows/ci-release.yml b/.github/workflows/ci-release.yml index 74b61726..cd75041e 100644 --- a/.github/workflows/ci-release.yml +++ b/.github/workflows/ci-release.yml @@ -8,7 +8,7 @@ on: ref: required: true type: string - default: main + default: release/v5 workflow_call: inputs: ref: @@ -80,8 +80,11 @@ jobs: git config --global user.name "npm CLI robot" - name: Setup Node uses: actions/setup-node@v3 + id: node with: - node-version: 18.x + node-version: 20.x + check-latest: contains('20.x', '.x') + - name: Remove Template-OSS if: matrix && matrix.node-version == '6.17.1' run: | @@ -115,7 +118,7 @@ jobs: shell: bash node-version: - 6.17.1 - - 18.x + - 20.x runs-on: ${{ matrix.platform.os }} defaults: run: @@ -174,8 +177,11 @@ jobs: git config --global user.name "npm CLI robot" - name: Setup Node uses: actions/setup-node@v3 + id: node with: node-version: ${{ matrix.node-version }} + check-latest: contains(matrix.node-version, '.x') + - name: Remove Template-OSS if: matrix && matrix.node-version == '6.17.1' run: | diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 11b02c0d..895a0567 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -8,7 +8,6 @@ on: push: branches: - main - - latest - release/v* schedule: # "At 09:00 UTC (02:00 PT) on Monday" https://crontab.guru/#0_9_*_*_1 @@ -31,8 +30,11 @@ jobs: git config --global user.name "npm CLI robot" - name: Setup Node uses: actions/setup-node@v3 + id: node with: - node-version: 18.x + node-version: 20.x + check-latest: contains('20.x', '.x') + - name: Remove Template-OSS if: matrix && matrix.node-version == '6.17.1' run: | @@ -59,7 +61,7 @@ jobs: shell: bash node-version: - 6.17.1 - - 18.x + - 20.x runs-on: ${{ matrix.platform.os }} defaults: run: @@ -73,8 +75,11 @@ jobs: git config --global user.name "npm CLI robot" - name: Setup Node uses: actions/setup-node@v3 + id: node with: node-version: ${{ matrix.node-version }} + check-latest: contains(matrix.node-version, '.x') + - name: Remove Template-OSS if: matrix && matrix.node-version == '6.17.1' run: | diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 21244879..9fb3f79a 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -6,12 +6,10 @@ on: push: branches: - main - - latest - release/v* pull_request: branches: - main - - latest - release/v* schedule: # "At 10:00 UTC (03:00 PT) on Monday" https://crontab.guru/#0_10_*_*_1 diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml index ad7fb0de..bed51254 100644 --- a/.github/workflows/pull-request.yml +++ b/.github/workflows/pull-request.yml @@ -29,8 +29,11 @@ jobs: git config --global user.name "npm CLI robot" - name: Setup Node uses: actions/setup-node@v3 + id: node with: - node-version: 18.x + node-version: 20.x + check-latest: contains('20.x', '.x') + - name: Remove Template-OSS if: matrix && matrix.node-version == '6.17.1' run: | @@ -50,4 +53,4 @@ jobs: env: PR_TITLE: ${{ github.event.pull_request.title }} run: | - echo '$PR_TITLE' | npx --offline commitlint -V + echo "$PR_TITLE" | npx --offline commitlint -V diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 96195497..e531819b 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -11,7 +11,6 @@ on: push: branches: - main - - latest - release/v* permissions: @@ -44,8 +43,11 @@ jobs: git config --global user.name "npm CLI robot" - name: Setup Node uses: actions/setup-node@v3 + id: node with: - node-version: 18.x + node-version: 20.x + check-latest: contains('20.x', '.x') + - name: Remove Template-OSS if: matrix && matrix.node-version == '6.17.1' run: | @@ -160,8 +162,11 @@ jobs: git config --global user.name "npm CLI robot" - name: Setup Node uses: actions/setup-node@v3 + id: node with: - node-version: 18.x + node-version: 20.x + check-latest: contains('20.x', '.x') + - name: Remove Template-OSS if: matrix && matrix.node-version == '6.17.1' run: | @@ -329,8 +334,11 @@ jobs: steps: - name: Setup Node uses: actions/setup-node@v3 + id: node with: - node-version: 18.x + node-version: 20.x + check-latest: contains('20.x', '.x') + - name: View in Registry run: | EXIT_CODE=0 diff --git a/package.json b/package.json index 63abf2a8..0cf846ec 100644 --- a/package.json +++ b/package.json @@ -13,7 +13,7 @@ "posttest": "npm run lint" }, "devDependencies": { - "@npmcli/template-oss": "4.18.1", + "@npmcli/template-oss": "4.19.0", "tap": "^12.7.0" }, "license": "ISC", @@ -33,6 +33,6 @@ "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", "content": "./scripts/template-oss", - "version": "4.17.0" + "version": "4.19.0" } } diff --git a/scripts/template-oss/index.js b/scripts/template-oss/index.js index 8e655e01..a1350cc8 100644 --- a/scripts/template-oss/index.js +++ b/scripts/template-oss/index.js @@ -13,10 +13,8 @@ module.exports = { eslint: false, dependabot: false, oldNode: OLD_NODE, - ciVersions: [ - OLD_NODE, - 'latest', - ], + ciVersions: [OLD_NODE], + backport: 5, allowPaths: [ '/range.bnf', '/semver.js', From a4ed290522a2ca58706ec64c2e7a8364ac31809f Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Thu, 14 Sep 2023 18:29:56 -0700 Subject: [PATCH 3/3] chore: auto publish --- .github/workflows/release.yml | 46 ++++++++++++----------------------- scripts/template-oss/index.js | 1 + 2 files changed, 17 insertions(+), 30 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index e531819b..0911e67e 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -182,7 +182,7 @@ jobs: RELEASE_COMMENT_ID: ${{ needs.release.outputs.comment-id }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | - npm exec --offline -- template-oss-release-manager --lockfile=false --publish=false + npm exec --offline -- template-oss-release-manager --lockfile=false --publish=true npm run rp-pull-request --ignore-scripts --if-present - name: Commit id: commit @@ -331,40 +331,26 @@ jobs: defaults: run: shell: bash + permissions: + deployments: write + id-token: write steps: + - name: Checkout + uses: actions/checkout@v3 + with: + ref: ${{ fromJSON(needs.release.outputs.release).tagName }} - name: Setup Node uses: actions/setup-node@v3 - id: node with: - node-version: 20.x - check-latest: contains('20.x', '.x') - - - name: View in Registry + node-version: 18.x + - name: Install npm@latest run: | - EXIT_CODE=0 - - function is_published { - if npm view "$@" --loglevel=error > /dev/null; then - echo 0 - else - echo 1 - fi - } - - for release in $(echo '${{ needs.release.outputs.releases }}' | jq -r '.[] | @base64'); do - name=$(echo "$release" | base64 --decode | jq -r .pkgName) - version=$(echo "$release" | base64 --decode | jq -r .version) - spec="$name@$version" - status=$(is_published "$spec") - if [[ "$status" -eq 1 ]]; then - echo "$spec ERROR" - EXIT_CODE=$status - else - echo "$spec OK" - fi - done - - exit $EXIT_CODE + npm i --prefer-online --no-fund --no-audit -g npm@latest + npm config set '//registry.npmjs.org/:_authToken'=\${PUBLISH_TOKEN} + - name: Publish + env: + PUBLISH_TOKEN: ${{ secrets.PUBLISH_TOKEN }} + run: npm publish --provenance --tag=next-5 post-release-integration: needs: [ release, release-integration ] diff --git a/scripts/template-oss/index.js b/scripts/template-oss/index.js index a1350cc8..c15cd6d6 100644 --- a/scripts/template-oss/index.js +++ b/scripts/template-oss/index.js @@ -15,6 +15,7 @@ module.exports = { oldNode: OLD_NODE, ciVersions: [OLD_NODE], backport: 5, + publish: true, allowPaths: [ '/range.bnf', '/semver.js',