diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 8da2a45..69312df 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -7,6 +7,7 @@ updates: directory: / schedule: interval: daily + target-branch: "main" allow: - dependency-type: direct versioning-strategy: increase-if-necessary diff --git a/.github/settings.yml b/.github/settings.yml index 1019e26..c742871 100644 --- a/.github/settings.yml +++ b/.github/settings.yml @@ -1,2 +1,27 @@ ---- -_extends: '.github:npm-cli/settings.yml' +# This file is automatically added by @npmcli/template-oss. Do not edit. + +repository: + allow_merge_commit: false + allow_rebase_merge: true + allow_squash_merge: true + squash_merge_commit_title: PR_TITLE + squash_merge_commit_message: PR_BODY + delete_branch_on_merge: true + enable_automated_security_fixes: true + enable_vulnerability_alerts: true + +branches: + - name: main + protection: + required_status_checks: null + enforce_admins: true + block_creations: true + required_pull_request_reviews: + required_approving_review_count: 1 + require_code_owner_reviews: true + require_last_push_approval: true + dismiss_stale_reviews: true + restrictions: + apps: [] + users: [] + teams: [ "cli-team" ] diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index 62892f9..36f007e 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -25,10 +25,54 @@ jobs: git config --global user.name "npm CLI robot" - name: Setup Node uses: actions/setup-node@v3 + id: node with: - node-version: 18.x - - name: Install npm@latest + node-version: 20.x + check-latest: contains('20.x', '.x') + + # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows + - name: Update Windows npm + if: | + matrix.platform.os == 'windows-latest' && ( + startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') + ) + run: | + curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz + tar xf npm-7.5.4.tgz + cd package + node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz + cd .. + rmdir /s /q package + + # Start on Node 10 because we dont test on anything lower + - name: Install npm@7 on Node 10 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v10.') + id: npm-7 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@7 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@8 on Node 12 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v12.') + id: npm-8 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@8 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@9 on Node 14/16/18.0 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') + id: npm-9 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@9 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@latest on Node + if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} run: npm i --prefer-online --no-fund --no-audit -g npm@latest + - name: npm Version run: npm -v - name: Install Dependencies diff --git a/.github/workflows/ci-release.yml b/.github/workflows/ci-release.yml index 6e80aa6..c470b21 100644 --- a/.github/workflows/ci-release.yml +++ b/.github/workflows/ci-release.yml @@ -61,7 +61,7 @@ jobs: return { summary } - name: Create Check - uses: LouisBrunner/checks-action@v1.3.1 + uses: LouisBrunner/checks-action@v1.6.0 id: check if: inputs.check-sha with: @@ -80,10 +80,54 @@ jobs: git config --global user.name "npm CLI robot" - name: Setup Node uses: actions/setup-node@v3 + id: node with: - node-version: 18.x - - name: Install npm@latest + node-version: 20.x + check-latest: contains('20.x', '.x') + + # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows + - name: Update Windows npm + if: | + matrix.platform.os == 'windows-latest' && ( + startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') + ) + run: | + curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz + tar xf npm-7.5.4.tgz + cd package + node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz + cd .. + rmdir /s /q package + + # Start on Node 10 because we dont test on anything lower + - name: Install npm@7 on Node 10 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v10.') + id: npm-7 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@7 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@8 on Node 12 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v12.') + id: npm-8 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@8 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@9 on Node 14/16/18.0 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') + id: npm-9 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@9 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@latest on Node + if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} run: npm i --prefer-online --no-fund --no-audit -g npm@latest + - name: npm Version run: npm -v - name: Install Dependencies @@ -93,7 +137,7 @@ jobs: - name: Post Lint run: npm run postlint --ignore-scripts - name: Conclude Check - uses: LouisBrunner/checks-action@v1.3.1 + uses: LouisBrunner/checks-action@v1.6.0 if: steps.check.outputs.check_id && always() with: token: ${{ secrets.GITHUB_TOKEN }} @@ -123,6 +167,7 @@ jobs: - 16.x - 18.0.0 - 18.x + - 20.x runs-on: ${{ matrix.platform.os }} defaults: run: @@ -162,7 +207,7 @@ jobs: return { summary } - name: Create Check - uses: LouisBrunner/checks-action@v1.3.1 + uses: LouisBrunner/checks-action@v1.6.0 id: check if: inputs.check-sha with: @@ -181,11 +226,17 @@ jobs: git config --global user.name "npm CLI robot" - name: Setup Node uses: actions/setup-node@v3 + id: node with: node-version: ${{ matrix.node-version }} + check-latest: contains(matrix.node-version, '.x') + + # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows - name: Update Windows npm - # node 12 and 14 ship with npm@6, which is known to fail when updating itself in windows - if: matrix.platform.os == 'windows-latest' && (startsWith(matrix.node-version, '12.') || startsWith(matrix.node-version, '14.')) + if: | + matrix.platform.os == 'windows-latest' && ( + startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') + ) run: | curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz tar xf npm-7.5.4.tgz @@ -193,12 +244,36 @@ jobs: node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz cd .. rmdir /s /q package - - name: Install npm@7 - if: startsWith(matrix.node-version, '10.') - run: npm i --prefer-online --no-fund --no-audit -g npm@7 - - name: Install npm@latest - if: ${{ !startsWith(matrix.node-version, '10.') }} + + # Start on Node 10 because we dont test on anything lower + - name: Install npm@7 on Node 10 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v10.') + id: npm-7 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@7 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@8 on Node 12 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v12.') + id: npm-8 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@8 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@9 on Node 14/16/18.0 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') + id: npm-9 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@9 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@latest on Node + if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} run: npm i --prefer-online --no-fund --no-audit -g npm@latest + - name: npm Version run: npm -v - name: Install Dependencies @@ -208,7 +283,7 @@ jobs: - name: Test run: npm test --ignore-scripts - name: Conclude Check - uses: LouisBrunner/checks-action@v1.3.1 + uses: LouisBrunner/checks-action@v1.6.0 if: steps.check.outputs.check_id && always() with: token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 9cc149d..7f7f93b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -8,7 +8,6 @@ on: push: branches: - main - - latest schedule: # "At 09:00 UTC (02:00 PT) on Monday" https://crontab.guru/#0_9_*_*_1 - cron: "0 9 * * 1" @@ -30,10 +29,54 @@ jobs: git config --global user.name "npm CLI robot" - name: Setup Node uses: actions/setup-node@v3 + id: node with: - node-version: 18.x - - name: Install npm@latest + node-version: 20.x + check-latest: contains('20.x', '.x') + + # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows + - name: Update Windows npm + if: | + matrix.platform.os == 'windows-latest' && ( + startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') + ) + run: | + curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz + tar xf npm-7.5.4.tgz + cd package + node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz + cd .. + rmdir /s /q package + + # Start on Node 10 because we dont test on anything lower + - name: Install npm@7 on Node 10 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v10.') + id: npm-7 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@7 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@8 on Node 12 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v12.') + id: npm-8 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@8 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@9 on Node 14/16/18.0 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') + id: npm-9 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@9 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@latest on Node + if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} run: npm i --prefer-online --no-fund --no-audit -g npm@latest + - name: npm Version run: npm -v - name: Install Dependencies @@ -66,6 +109,7 @@ jobs: - 16.x - 18.0.0 - 18.x + - 20.x runs-on: ${{ matrix.platform.os }} defaults: run: @@ -79,11 +123,17 @@ jobs: git config --global user.name "npm CLI robot" - name: Setup Node uses: actions/setup-node@v3 + id: node with: node-version: ${{ matrix.node-version }} + check-latest: contains(matrix.node-version, '.x') + + # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows - name: Update Windows npm - # node 12 and 14 ship with npm@6, which is known to fail when updating itself in windows - if: matrix.platform.os == 'windows-latest' && (startsWith(matrix.node-version, '12.') || startsWith(matrix.node-version, '14.')) + if: | + matrix.platform.os == 'windows-latest' && ( + startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') + ) run: | curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz tar xf npm-7.5.4.tgz @@ -91,12 +141,36 @@ jobs: node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz cd .. rmdir /s /q package - - name: Install npm@7 - if: startsWith(matrix.node-version, '10.') - run: npm i --prefer-online --no-fund --no-audit -g npm@7 - - name: Install npm@latest - if: ${{ !startsWith(matrix.node-version, '10.') }} + + # Start on Node 10 because we dont test on anything lower + - name: Install npm@7 on Node 10 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v10.') + id: npm-7 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@7 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@8 on Node 12 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v12.') + id: npm-8 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@8 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@9 on Node 14/16/18.0 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') + id: npm-9 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@9 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@latest on Node + if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} run: npm i --prefer-online --no-fund --no-audit -g npm@latest + - name: npm Version run: npm -v - name: Install Dependencies diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 66b9498..f7e691d 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -6,11 +6,9 @@ on: push: branches: - main - - latest pull_request: branches: - main - - latest schedule: # "At 10:00 UTC (03:00 PT) on Monday" https://crontab.guru/#0_10_*_*_1 - cron: "0 10 * * 1" diff --git a/.github/workflows/post-dependabot.yml b/.github/workflows/post-dependabot.yml index ce38340..c144660 100644 --- a/.github/workflows/post-dependabot.yml +++ b/.github/workflows/post-dependabot.yml @@ -26,10 +26,54 @@ jobs: git config --global user.name "npm CLI robot" - name: Setup Node uses: actions/setup-node@v3 + id: node with: - node-version: 18.x - - name: Install npm@latest + node-version: 20.x + check-latest: contains('20.x', '.x') + + # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows + - name: Update Windows npm + if: | + matrix.platform.os == 'windows-latest' && ( + startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') + ) + run: | + curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz + tar xf npm-7.5.4.tgz + cd package + node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz + cd .. + rmdir /s /q package + + # Start on Node 10 because we dont test on anything lower + - name: Install npm@7 on Node 10 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v10.') + id: npm-7 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@7 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@8 on Node 12 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v12.') + id: npm-8 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@8 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@9 on Node 14/16/18.0 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') + id: npm-9 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@9 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@latest on Node + if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} run: npm i --prefer-online --no-fund --no-audit -g npm@latest + - name: npm Version run: npm -v - name: Install Dependencies diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml index 99877da..63a6169 100644 --- a/.github/workflows/pull-request.yml +++ b/.github/workflows/pull-request.yml @@ -29,10 +29,54 @@ jobs: git config --global user.name "npm CLI robot" - name: Setup Node uses: actions/setup-node@v3 + id: node with: - node-version: 18.x - - name: Install npm@latest + node-version: 20.x + check-latest: contains('20.x', '.x') + + # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows + - name: Update Windows npm + if: | + matrix.platform.os == 'windows-latest' && ( + startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') + ) + run: | + curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz + tar xf npm-7.5.4.tgz + cd package + node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz + cd .. + rmdir /s /q package + + # Start on Node 10 because we dont test on anything lower + - name: Install npm@7 on Node 10 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v10.') + id: npm-7 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@7 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@8 on Node 12 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v12.') + id: npm-8 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@8 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@9 on Node 14/16/18.0 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') + id: npm-9 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@9 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@latest on Node + if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} run: npm i --prefer-online --no-fund --no-audit -g npm@latest + - name: npm Version run: npm -v - name: Install Dependencies @@ -44,5 +88,7 @@ jobs: npx --offline commitlint -V --from 'origin/${{ github.base_ref }}' --to ${{ github.event.pull_request.head.sha }} - name: Run Commitlint on PR Title if: steps.commit.outcome == 'failure' + env: + PR_TITLE: ${{ github.event.pull_request.title }} run: | - echo '${{ github.event.pull_request.title }}' | npx --offline commitlint -V + echo "$PR_TITLE" | npx --offline commitlint -V diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 3dc197f..f5de0e1 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -11,8 +11,6 @@ on: push: branches: - main - - latest - - release/v* permissions: contents: write @@ -44,10 +42,54 @@ jobs: git config --global user.name "npm CLI robot" - name: Setup Node uses: actions/setup-node@v3 + id: node with: - node-version: 18.x - - name: Install npm@latest + node-version: 20.x + check-latest: contains('20.x', '.x') + + # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows + - name: Update Windows npm + if: | + matrix.platform.os == 'windows-latest' && ( + startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') + ) + run: | + curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz + tar xf npm-7.5.4.tgz + cd package + node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz + cd .. + rmdir /s /q package + + # Start on Node 10 because we dont test on anything lower + - name: Install npm@7 on Node 10 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v10.') + id: npm-7 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@7 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@8 on Node 12 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v12.') + id: npm-8 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@8 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@9 on Node 14/16/18.0 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') + id: npm-9 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@9 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@latest on Node + if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} run: npm i --prefer-online --no-fund --no-audit -g npm@latest + - name: npm Version run: npm -v - name: Install Dependencies @@ -78,7 +120,7 @@ jobs: let commentId = comments.find(c => c.user.login === 'github-actions[bot]' && c.body.startsWith(body))?.id body += `Release workflow run: ${workflow.html_url}\n\n#### Force CI to Update This Release\n\n` - body += `This PR will be updated and CI will run for every non-\`chore:\` commit that is pushed to \`main\`. ` + body += `This PR will be updated and CI will run for every non-\`chore:\` commit that is pushed to \`${REF_NAME}\`. ` body += `To force CI to update this PR, run this command:\n\n` body += `\`\`\`\ngh workflow run release.yml -r ${REF_NAME} -R ${owner}/${repo} -f release-pr=${issue_number}\n\`\`\`` @@ -124,7 +166,7 @@ jobs: return { summary } - name: Create Check - uses: LouisBrunner/checks-action@v1.3.1 + uses: LouisBrunner/checks-action@v1.6.0 id: check if: steps.release.outputs.pr-sha with: @@ -157,10 +199,54 @@ jobs: git config --global user.name "npm CLI robot" - name: Setup Node uses: actions/setup-node@v3 + id: node with: - node-version: 18.x - - name: Install npm@latest + node-version: 20.x + check-latest: contains('20.x', '.x') + + # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows + - name: Update Windows npm + if: | + matrix.platform.os == 'windows-latest' && ( + startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') + ) + run: | + curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz + tar xf npm-7.5.4.tgz + cd package + node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz + cd .. + rmdir /s /q package + + # Start on Node 10 because we dont test on anything lower + - name: Install npm@7 on Node 10 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v10.') + id: npm-7 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@7 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@8 on Node 12 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v12.') + id: npm-8 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@8 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@9 on Node 14/16/18.0 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') + id: npm-9 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@9 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@latest on Node + if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} run: npm i --prefer-online --no-fund --no-audit -g npm@latest + - name: npm Version run: npm -v - name: Install Dependencies @@ -215,7 +301,7 @@ jobs: return { summary } - name: Create Check - uses: LouisBrunner/checks-action@v1.3.1 + uses: LouisBrunner/checks-action@v1.6.0 id: check if: steps.commit.outputs.sha with: @@ -225,7 +311,7 @@ jobs: sha: ${{ steps.commit.outputs.sha }} output: ${{ steps.check-output.outputs.result }} - name: Conclude Check - uses: LouisBrunner/checks-action@v1.3.1 + uses: LouisBrunner/checks-action@v1.6.0 if: needs.release.outputs.check-id && always() with: token: ${{ secrets.GITHUB_TOKEN }} @@ -263,7 +349,7 @@ jobs: fi echo "result=$result" >> $GITHUB_OUTPUT - name: Conclude Check - uses: LouisBrunner/checks-action@v1.3.1 + uses: LouisBrunner/checks-action@v1.6.0 if: needs.update.outputs.check-id && always() with: token: ${{ secrets.GITHUB_TOKEN }} @@ -323,10 +409,54 @@ jobs: steps: - name: Setup Node uses: actions/setup-node@v3 + id: node with: - node-version: 18.x - - name: Install npm@latest + node-version: 20.x + check-latest: contains('20.x', '.x') + + # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows + - name: Update Windows npm + if: | + matrix.platform.os == 'windows-latest' && ( + startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') + ) + run: | + curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz + tar xf npm-7.5.4.tgz + cd package + node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz + cd .. + rmdir /s /q package + + # Start on Node 10 because we dont test on anything lower + - name: Install npm@7 on Node 10 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v10.') + id: npm-7 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@7 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@8 on Node 12 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v12.') + id: npm-8 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@8 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@9 on Node 14/16/18.0 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') + id: npm-9 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@9 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@latest on Node + if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} run: npm i --prefer-online --no-fund --no-audit -g npm@latest + - name: npm Version run: npm -v - name: View in Registry diff --git a/.gitignore b/.gitignore index 0ec3c84..b3eeced 100644 --- a/.gitignore +++ b/.gitignore @@ -15,6 +15,7 @@ !/bin/ !/CHANGELOG* !/CODE_OF_CONDUCT.md +!/CONTRIBUTING.md !/docs/ !/lib/ !/LICENSE* diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 0000000..69e8878 --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,50 @@ + + +# Contributing + +## Code of Conduct + +All interactions in the **npm** organization on GitHub are considered to be covered by our standard [Code of Conduct](https://docs.npmjs.com/policies/conduct). + +## Reporting Bugs + +Before submitting a new bug report please search for an existing or similar report. + +Use one of our existing issue templates if you believe you've come across a unique problem. + +Duplicate issues, or issues that don't use one of our templates may get closed without a response. + +## Pull Request Conventions + +### Commits + +We use [Conventional Commits](https://www.conventionalcommits.org/en/v1.0.0/). + +When opening a pull request please be sure that either the pull request title, or each commit in the pull request, has one of the following prefixes: + + - `feat`: For when introducing a new feature. The result will be a new semver minor version of the package when it is next published. + - `fix`: For bug fixes. The result will be a new semver patch version of the package when it is next published. + - `docs`: For documentation updates. The result will be a new semver patch version of the package when it is next published. + - `chore`: For changes that do not affect the published module. Often these are changes to tests. The result will be *no* change to the version of the package when it is next published (as the commit does not affect the published version). + +### Test Coverage + +Pull requests made against this repo will run `npm test` automatically. Please make sure tests pass locally before submitting a PR. + +Every new feature or bug fix should come with a corresponding test or tests that validate the solutions. Testing also reports on code coverage and will fail if code coverage drops. + +### Linting + +Linting is also done automatically once tests pass. `npm run lintfix` will fix most linting errors automatically. + +Please make sure linting passes before submitting a PR. + +## What _not_ to contribute? + +### Dependencies + +It should be noted that our team does not accept third-party dependency updates/PRs. If you submit a PR trying to update our dependencies we will close it with or without a reference to these contribution guidelines. + +### Tools/Automation + +Our core team is responsible for the maintenance of the tooling/automation in this project and we ask contributors to not make changes to these when contributing (e.g. `.github/*`, `.eslintrc.json`, `.licensee.json`). Most of those files also have a header at the top to remind folks they are automatically generated. Pull requests that alter these will not be accepted. diff --git a/package.json b/package.json index d94c400..3d3ef6a 100644 --- a/package.json +++ b/package.json @@ -24,7 +24,7 @@ }, "devDependencies": { "@npmcli/eslint-config": "^4.0.1", - "@npmcli/template-oss": "4.13.0", + "@npmcli/template-oss": "4.19.0", "tap": "^16.3.2" }, "engines": { @@ -32,7 +32,7 @@ }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.13.0" + "version": "4.19.0" }, "tap": { "nyc-arg": [