ci: setup the auto release with correct setup

Labels and tokens are now correct.
tablecheck · Aug 20, 2021 · 5f2e8f6 · 5f2e8f6
1 parent bdecc55
commit 5f2e8f6
Show file tree

Hide file tree

Showing 6 changed files with 28 additions and 876 deletions.
diff --git a/.autorc b/.autorc
@@ -13,7 +13,6 @@
         }
       }
     ],
-    "conventional-commits",
     "first-time-contributor",
     "released",
     [

diff --git a/.github/workflows/label_checker.yml b/.github/workflows/label_checker.yml
@@ -23,6 +23,6 @@ jobs:
     steps:
       - uses: agilepathway/[email protected]
         with:
-          one_of: major,minor,patch,internal
+          one_of: major,minor,patch,skip-release,internal,documentation,tests,dependencies,performance
           none_of: invalid,wontfix,duplicate,question
           repo_token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -1,8 +1,6 @@
 name: Auto Release
 
 on:
-  workflow_dispatch:
-  # this allows us to manually run the release on other branches for canary and pre-releases
   push:
     branches:
       - main
@@ -14,8 +12,13 @@ jobs:
     steps:
       - name: Checkout 🛎️
         uses: actions/checkout@v2
-        with:
-          fetch-depth: 0
+
+      - name: Prepare repository
+        run: git fetch --unshallow --prune --tags
+
+      - name: Unset header
+        # checkout@v2 adds a header that makes branch protection report errors ):
+        run: git config --local --unset http.https://github.com/.extraheader
 
       - name: Read .nvmrc
         id: nvm
@@ -35,7 +38,7 @@ jobs:
 
       - name: Create Release ✨
         env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.RELEASE_BOT_TOKEN }}
           NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
           SLACK_TOKEN: ${{ secrets.SLACK_TOKEN }}
         run: npx auto shipit
diff --git a/auditjs.json b/auditjs.json
@@ -77,6 +77,21 @@
           "reference": "https://ossindex.sonatype.org/vulnerability/92bbcbaf-097a-43f9-855e-2052e38930db?component-type=npm&component-name=ssri&utm_source=auditjs&utm_medium=integration&utm_content=4.0.28"
         }
       ]
+    },
+    {
+      "coordinates": "pkg:npm/[email protected]",
+      "description": "Extract the non-magic parent path from a glob string.",
+      "reference": "https://ossindex.sonatype.org/component/pkg:npm/[email protected]?utm_source=auditjs&utm_medium=integration&utm_content=4.0.28",
+      "vulnerabilities": [
+        {
+          "id": "64cd5f21-8af4-4eae-ac7d-a53241ea693a",
+          "title": "CWE-400: Uncontrolled Resource Consumption ('Resource Exhaustion')",
+          "description": "The software does not properly restrict the size or amount of resources that are requested or influenced by an actor, which can be used to consume more resources than intended.",
+          "cvssScore": 7.5,
+          "cvssVector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+          "reference": "https://ossindex.sonatype.org/vulnerability/64cd5f21-8af4-4eae-ac7d-a53241ea693a?component-type=npm&component-name=glob-parent&utm_source=auditjs&utm_medium=integration&utm_content=4.0.28"
+        }
+      ]
     }
   ],
   "ignore": [
@@ -94,6 +109,9 @@
     },
     {
       "id": "92bbcbaf-097a-43f9-855e-2052e38930db"
+    },
+    {
+      "id": "64cd5f21-8af4-4eae-ac7d-a53241ea693a"
     }
   ]
 }
-Original file line number
+Diff line change
@@ Expand Up / @@ -13,7 +13,6 @@ @@
             }
           }
         ],
-        "conventional-commits",
         "first-time-contributor",
         "released",
         [
@@ Expand Down @@