Skip to content

Commit

Permalink
chore: @npmcli/[email protected]
Browse files Browse the repository at this point in the history
  • Loading branch information
@lukekarrys
lukekarrys committed Dec 12, 2022
1 parent 72b4956 commit fdd5ad5
Show file tree
Hide file tree
Showing 7 changed files with 43 additions and 73 deletions.
6 changes: 4 additions & 2 deletions .github/workflows/audit.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,5 +33,7 @@ jobs:
run: npm -v
- name: Install Dependencies
run: npm i --ignore-scripts --no-audit --no-fund --package-lock
- name: Run Audit
run: npm audit
- name: Run Production Audit
run: npm audit --omit=dev
- name: Run Full Audit
run: npm audit --audit-level=none
18 changes: 12 additions & 6 deletions .github/workflows/ci-release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,12 @@
name: CI - Release

on:
workflow_dispatch:
inputs:
ref:
required: true
type: string
default: main
workflow_call:
inputs:
ref:
Expand All @@ -23,7 +29,7 @@ jobs:
steps:
- name: Get Workflow Job
uses: actions/github-script@v6

if: inputs.check-sha
id: check-output
env:
JOB_NAME: "Lint All"
Expand Down Expand Up @@ -57,7 +63,7 @@ jobs:
- name: Create Check
uses: LouisBrunner/[email protected]
id: check

if: inputs.check-sha
with:
token: ${{ secrets.GITHUB_TOKEN }}
status: in_progress
Expand Down Expand Up @@ -88,7 +94,7 @@ jobs:
run: npm run postlint --ignore-scripts
- name: Conclude Check
uses: LouisBrunner/[email protected]
if: always()
if: steps.check.outputs.check_id && always()
with:
token: ${{ secrets.GITHUB_TOKEN }}
conclusion: ${{ job.status }}
Expand Down Expand Up @@ -124,7 +130,7 @@ jobs:
steps:
- name: Get Workflow Job
uses: actions/github-script@v6

if: inputs.check-sha
id: check-output
env:
JOB_NAME: "Test All"
Expand Down Expand Up @@ -158,7 +164,7 @@ jobs:
- name: Create Check
uses: LouisBrunner/[email protected]
id: check

if: inputs.check-sha
with:
token: ${{ secrets.GITHUB_TOKEN }}
status: in_progress
Expand Down Expand Up @@ -203,7 +209,7 @@ jobs:
run: npm test --ignore-scripts
- name: Conclude Check
uses: LouisBrunner/[email protected]
if: always()
if: steps.check.outputs.check_id && always()
with:
token: ${{ secrets.GITHUB_TOKEN }}
conclusion: ${{ job.status }}
Expand Down
50 changes: 0 additions & 50 deletions .github/workflows/ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,56 +14,6 @@ on:
- cron: "0 9 * * 1"

jobs:
engines:
name: Engines - ${{ matrix.platform.name }} - ${{ matrix.node-version }}
if: github.repository_owner == 'npm'
strategy:
fail-fast: false
matrix:
platform:
- name: Linux
os: ubuntu-latest
shell: bash
node-version:
- 14.17.0
- 16.13.0
- 18.0.0
runs-on: ${{ matrix.platform.os }}
defaults:
run:
shell: ${{ matrix.platform.shell }}
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Setup Git User
run: |
git config --global user.email "[email protected]"
git config --global user.name "npm CLI robot"
- name: Setup Node
uses: actions/setup-node@v3
with:
node-version: ${{ matrix.node-version }}
- name: Update Windows npm
# node 12 and 14 ship with npm@6, which is known to fail when updating itself in windows
if: matrix.platform.os == 'windows-latest' && (startsWith(matrix.node-version, '12.') || startsWith(matrix.node-version, '14.'))
run: |
curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz
tar xf npm-7.5.4.tgz
cd package
node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz
cd ..
rmdir /s /q package
- name: Install npm@7
if: startsWith(matrix.node-version, '10.')
run: npm i --prefer-online --no-fund --no-audit -g npm@7
- name: Install npm@latest
if: ${{ !startsWith(matrix.node-version, '10.') }}
run: npm i --prefer-online --no-fund --no-audit -g npm@latest
- name: npm Version
run: npm -v
- name: Install Dependencies
run: npm i --ignore-scripts --no-audit --no-fund --engines-strict

lint:
name: Lint
if: github.repository_owner == 'npm'
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/post-dependabot.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,10 +66,10 @@ jobs:
# This only sets the conventional commit prefix. This workflow can't reliably determine
# what the breaking change is though. If a BREAKING CHANGE message is required then
# this PR check will fail and the commit will be amended with stafftools
if [[ "${{ steps.dependabot-metadata.outputs.update-type }}" == "version-update:semver-major" ]]; then
if [[ "${{ steps.metadata.outputs.update-type }}" == "version-update:semver-major" ]]; then
prefix='feat!'
else
prefix='chore!'
prefix='chore'
fi
echo "::set-output name=message::$prefix: postinstall for dependabot template-oss PR"
Expand All @@ -90,7 +90,7 @@ jobs:
# and attempt to commit and push again. This is helpful because we will have a commit
# with the correct prefix that we can then --amend with @npmcli/stafftools later.
- name: Push All Changes Except Workflows
if: steps.apply.outputs.changes && steps.push-all.outcome == 'failure'
if: steps.apply.outputs.changes && steps.push.outcome == 'failure'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
Expand Down
19 changes: 10 additions & 9 deletions .github/workflows/release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ on:
branches:
- main
- latest
- release/v*

permissions:
contents: write
Expand Down Expand Up @@ -73,9 +74,9 @@ jobs:
const comments = await github.paginate(github.rest.issues.listComments, issue)
let commentId = comments?.find(c => c.user.login === 'github-actions[bot]' && c.body.startsWith(body))?.id
body += `Release workflow run: ${workflow.html_url}\n\n#### Force CI to Rerun for This Release\n\n`
body += `Release workflow run: ${workflow.html_url}\n\n#### Force CI to Update This Release\n\n`
body += `This PR will be updated and CI will run for every non-\`chore:\` commit that is pushed to \`main\`. `
body += `To force CI to rerun, run this command:\n\n`
body += `To force CI to update this PR, run this command:\n\n`
body += `\`\`\`\ngh workflow run release.yml -r ${REF_NAME}\n\`\`\``
if (commentId) {
Expand All @@ -88,7 +89,7 @@ jobs:
return commentId
- name: Get Workflow Job
uses: actions/github-script@v6
if: steps.release.outputs.pr-number
if: steps.release.outputs.pr-sha
id: check-output
env:
JOB_NAME: "Release"
Expand Down Expand Up @@ -122,7 +123,7 @@ jobs:
- name: Create Check
uses: LouisBrunner/[email protected]
id: check
if: steps.release.outputs.pr-number
if: steps.release.outputs.pr-sha
with:
token: ${{ secrets.GITHUB_TOKEN }}
status: in_progress
Expand Down Expand Up @@ -167,7 +168,7 @@ jobs:
RELEASE_COMMENT_ID: ${{ needs.release.outputs.comment-id }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
npm exec --offline -- template-oss-release-manager
npm exec --offline -- template-oss-release-manager --lockfile=false
npm run rp-pull-request --ignore-scripts --if-present
- name: Commit
id: commit
Expand All @@ -179,7 +180,7 @@ jobs:
echo "::set-output name=sha::$(git rev-parse HEAD)"
- name: Get Workflow Job
uses: actions/github-script@v6

if: steps.commit.outputs.sha
id: check-output
env:
JOB_NAME: "Update - Release"
Expand Down Expand Up @@ -213,7 +214,7 @@ jobs:
- name: Create Check
uses: LouisBrunner/[email protected]
id: check

if: steps.commit.outputs.sha
with:
token: ${{ secrets.GITHUB_TOKEN }}
status: in_progress
Expand All @@ -222,7 +223,7 @@ jobs:
output: ${{ steps.check-output.outputs.result }}
- name: Conclude Check
uses: LouisBrunner/[email protected]
if: always()
if: needs.release.outputs.check-id && always()
with:
token: ${{ secrets.GITHUB_TOKEN }}
conclusion: ${{ job.status }}
Expand Down Expand Up @@ -260,7 +261,7 @@ jobs:
echo "::set-output name=result::$result"
- name: Conclude Check
uses: LouisBrunner/[email protected]
if: always()
if: needs.update.outputs.check-id && always()
with:
token: ${{ secrets.GITHUB_TOKEN }}
conclusion: ${{ steps.needs-result.outputs.result }}
Expand Down
13 changes: 12 additions & 1 deletion SECURITY.md
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,14 @@
<!-- This file is automatically added by @npmcli/template-oss. Do not edit. -->

Please send vulnerability reports through [hackerone](https://hackerone.com/github).
GitHub takes the security of our software products and services seriously, including the open source code repositories managed through our GitHub organizations, such as [GitHub](https://github.com/GitHub).

If you believe you have found a security vulnerability in this GitHub-owned open source repository, you can report it to us in one of two ways.

If the vulnerability you have found is *not* [in scope for the GitHub Bug Bounty Program](https://bounty.github.com/#scope) or if you do not wish to be considered for a bounty reward, please report the issue to us directly using [private vulnerability reporting](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability).

If the vulnerability you have found is [in scope for the GitHub Bug Bounty Program](https://bounty.github.com/#scope) and you would like for your finding to be considered for a bounty reward, please submit the vulnerability to us through [HackerOne](https://hackerone.com/github) in order to be eligible to receive a bounty award.

**Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests.**

Thanks for helping make GitHub safe for everyone.

4 changes: 2 additions & 2 deletions package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
"main": "lib/index.js",
"devDependencies": {
"@npmcli/eslint-config": "^4.0.0",
"@npmcli/template-oss": "4.6.0",
"@npmcli/template-oss": "4.11.0",
"tap": "^16.3.0"
},
"scripts": {
Expand Down Expand Up @@ -47,6 +47,6 @@
},
"templateOSS": {
"//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.",
"version": "4.6.0"
"version": "4.11.0"
}
}

0 comments on commit fdd5ad5

Please sign in to comment.