From fa0b1739bfd61c4911aac2a9888888a44e5be15c Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Mon, 28 Mar 2022 22:53:45 -0700 Subject: [PATCH 01/29] fix: properly apply file changes and version update --- lib/apply/apply-files.js | 4 ++-- lib/apply/apply-version.js | 26 ++++++++++++++++++++++ lib/apply/index.js | 1 + lib/config.js | 12 +++++----- lib/content/pkg.json | 2 +- tap-snapshots/test/check/diffs.js.test.cjs | 25 ++++++++++++++++----- test/apply/full-content.js | 9 ++++++-- test/setup.js | 1 + 8 files changed, 65 insertions(+), 15 deletions(-) create mode 100644 lib/apply/apply-version.js diff --git a/lib/apply/apply-files.js b/lib/apply/apply-files.js index 383e2380..920e24a7 100644 --- a/lib/apply/apply-files.js +++ b/lib/apply/apply-files.js @@ -18,7 +18,7 @@ module.exports = [{ options.config.repoFiles, options ), - when: ({ config: c }) => c.isForce || (c.needsUpdate && c.applyRepo), + when: ({ config: c }) => c.applyRepo && c.needsUpdate, name: 'apply-repo', }, { run: (options) => run( @@ -26,6 +26,6 @@ module.exports = [{ options.config.moduleFiles, options ), - when: ({ config: c }) => c.isForce || (c.needsUpdate && c.applyModule), + when: ({ config: c }) => c.applyModule && c.needsUpdate, name: 'apply-module', }] diff --git a/lib/apply/apply-version.js b/lib/apply/apply-version.js new file mode 100644 index 00000000..9a4a849c --- /dev/null +++ b/lib/apply/apply-version.js @@ -0,0 +1,26 @@ +const log = require('proc-log') +const PackageJson = require('@npmcli/package-json') + +const run = async ({ config: c }) => { + const { + moduleDir: dir, + __CONFIG_KEY__: key, + __VERSION__: version, + } = c + + log.verbose('apply-version', dir) + + const pkg = await PackageJson.load(dir) + if (!pkg.content[key]) { + pkg.content[key] = { version } + } else { + pkg.content[key].version = version + } + await pkg.save() +} + +module.exports = { + run, + when: ({ config: c }) => c.needsUpdate && !c.isDogFood, + name: 'apply-version', +} diff --git a/lib/apply/index.js b/lib/apply/index.js index 4917332b..80905d93 100644 --- a/lib/apply/index.js +++ b/lib/apply/index.js @@ -2,4 +2,5 @@ const run = require('../index.js') module.exports = (root, content) => run(root, content, [ require('./apply-files.js'), + require('./apply-version.js'), ]) diff --git a/lib/config.js b/lib/config.js index 83465259..aa8e8224 100644 --- a/lib/config.js +++ b/lib/config.js @@ -56,6 +56,7 @@ const getConfig = async ({ const isRoot = root === path const isLatest = version === LATEST_VERSION const isDogFood = pkg.name === NAME + const isForce = process.argv.includes('--force') // this is written to ci yml files so it needs to always use posix const pkgRelPath = makePosix(relative(root, path)) @@ -111,16 +112,17 @@ const getConfig = async ({ pkgName: pkg.name, pkgNameFs: pkg.name.replace(/\//g, '-').replace(/@/g, ''), pkgRelPath: pkgRelPath, - // force changes if we are dogfooding this repo or with force argv - // XXX: setup proper cli arg parsing - isForce: isDogFood || process.argv.includes('--force'), + // booleans to control application of updates + isForce, + isDogFood, isLatest, - needsUpdate: !isLatest, + // needs update if we are dogfooding this repo, with force argv, or its + // behind the current version + needsUpdate: isForce || isDogFood || !isLatest, // templateoss specific values __NAME__: NAME, __CONFIG_KEY__: CONFIG_KEY, __VERSION__: LATEST_VERSION, - __DOGFOOD__: isDogFood, } // merge the rest of base and pkg content to make the diff --git a/lib/content/pkg.json b/lib/content/pkg.json index f3ba9626..ad5852a6 100644 --- a/lib/content/pkg.json +++ b/lib/content/pkg.json @@ -20,7 +20,7 @@ "node": {{{json engines}}} }, {{{json __CONFIG_KEY__}}}: { - "version": {{#if __DOGFOOD__}}{{{del}}}{{else}}{{{json __VERSION__}}}{{/if}} + "version": {{#if isDogFood}}{{{del}}}{{else}}{{{json __VERSION__}}}{{/if}} }, "templateVersion": {{{del}}}, "standard": {{{del}}} diff --git a/tap-snapshots/test/check/diffs.js.test.cjs b/tap-snapshots/test/check/diffs.js.test.cjs index 3a498f08..73f61c5f 100644 --- a/tap-snapshots/test/check/diffs.js.test.cjs +++ b/tap-snapshots/test/check/diffs.js.test.cjs @@ -71,7 +71,10 @@ source package.json ======================================== { - "name": "testpkg" + "name": "testpkg", + "templateOSS": { + "version": "{{VERSION}}" + } } ` @@ -114,7 +117,10 @@ content/source.json package.json ======================================== { - "name": "testpkg" + "name": "testpkg", + "templateOSS": { + "version": "{{VERSION}}" + } } target.json @@ -163,7 +169,10 @@ content/source.json package.json ======================================== { - "name": "testpkg" + "name": "testpkg", + "templateOSS": { + "version": "{{VERSION}}" + } } target.json @@ -204,7 +213,10 @@ content/source.json package.json ======================================== { - "name": "testpkg" + "name": "testpkg", + "templateOSS": { + "version": "{{VERSION}}" + } } target.json @@ -276,7 +288,10 @@ source package.json ======================================== { - "name": "testpkg" + "name": "testpkg", + "templateOSS": { + "version": "{{VERSION}}" + } } target.txt diff --git a/test/apply/full-content.js b/test/apply/full-content.js index 944ea187..bdbab8f5 100644 --- a/test/apply/full-content.js +++ b/test/apply/full-content.js @@ -37,7 +37,12 @@ t.test('workspaces + everything', async (t) => { t.test('with empty content', async (t) => { const s = await setup(t, { content: {} }) await s.apply() - t.strictSame(await s.readdirSource(), { - 'package.json': JSON.stringify({ name: 'testpkg' }, null, 2), + const source = await s.readdirSource() + t.strictSame(Object.keys(source), ['package.json']) + t.strictSame(JSON.parse(source['package.json']), { + name: 'testpkg', + templateOSS: { + version: setup.pkgVersion, + }, }) }) diff --git a/test/setup.js b/test/setup.js index 031a69cf..b6ff13cc 100644 --- a/test/setup.js +++ b/test/setup.js @@ -176,6 +176,7 @@ const formatSnapshots = { module.exports = setup module.exports.git = setupGit module.exports.content = CONTENT +module.exports.pkgVersion = VERSION module.exports.clean = cleanSnapshot module.exports.format = formatSnapshots module.exports.okPackage = okPackage From 43f0d259ec2013725adb88a061bcfd1fc7dcc070 Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Mon, 28 Mar 2022 22:54:11 -0700 Subject: [PATCH 02/29] fix: rm security.md files from workspaces --- lib/content/index.js | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/content/index.js b/lib/content/index.js index b472fe06..55aeb1e8 100644 --- a/lib/content/index.js +++ b/lib/content/index.js @@ -53,6 +53,7 @@ const workspaceModule = { rm: [ '.npmrc', '.eslintrc.!(js|local.*)', + 'SECURITY.md', ], } From bd24358330d9c7ab672acccf5d9167bd62a11ee6 Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Mon, 28 Mar 2022 22:54:21 -0700 Subject: [PATCH 03/29] fix: add root: true to eslint configs --- .eslintrc.js | 1 + lib/content/eslintrc.js | 1 + tap-snapshots/test/apply/full-content.js.test.cjs | 4 ++++ 3 files changed, 6 insertions(+) diff --git a/.eslintrc.js b/.eslintrc.js index 8204f234..0e8ad007 100644 --- a/.eslintrc.js +++ b/.eslintrc.js @@ -7,6 +7,7 @@ const localConfigs = readdir(__dirname) .map((file) => `./${file}`) module.exports = { + root: true, extends: [ '@npmcli', ...localConfigs, diff --git a/lib/content/eslintrc.js b/lib/content/eslintrc.js index 7e95cd4f..1718f033 100644 --- a/lib/content/eslintrc.js +++ b/lib/content/eslintrc.js @@ -5,6 +5,7 @@ const localConfigs = readdir(__dirname) .map((file) => `./${file}`) module.exports = { + root: true, extends: [ '@npmcli', ...localConfigs, diff --git a/tap-snapshots/test/apply/full-content.js.test.cjs b/tap-snapshots/test/apply/full-content.js.test.cjs index 85953af4..ed035f84 100644 --- a/tap-snapshots/test/apply/full-content.js.test.cjs +++ b/tap-snapshots/test/apply/full-content.js.test.cjs @@ -30,6 +30,7 @@ const localConfigs = readdir(__dirname) .map((file) => \`./\${file}\`) module.exports = { + root: true, extends: [ '@npmcli', ...localConfigs, @@ -503,6 +504,7 @@ const localConfigs = readdir(__dirname) .map((file) => \`./\${file}\`) module.exports = { + root: true, extends: [ '@npmcli', ...localConfigs, @@ -1222,6 +1224,7 @@ const localConfigs = readdir(__dirname) .map((file) => \`./\${file}\`) module.exports = { + root: true, extends: [ '@npmcli', ...localConfigs, @@ -1297,6 +1300,7 @@ const localConfigs = readdir(__dirname) .map((file) => \`./\${file}\`) module.exports = { + root: true, extends: [ '@npmcli', ...localConfigs, From 1a01cf43c9a5c3053d248731d918e6222244ace5 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 29 Mar 2022 16:14:19 +0000 Subject: [PATCH 04/29] chore(main): release 3.2.1 --- CHANGELOG.md | 9 +++++++++ package.json | 2 +- 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index c1c306a0..23379360 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,14 @@ # Changelog +### [3.2.1](https://github.com/npm/template-oss/compare/v3.2.0...v3.2.1) (2022-03-29) + + +### Bug Fixes + +* add root: true to eslint configs ([bd24358](https://github.com/npm/template-oss/commit/bd24358330d9c7ab672acccf5d9167bd62a11ee6)) +* properly apply file changes and version update ([fa0b173](https://github.com/npm/template-oss/commit/fa0b1739bfd61c4911aac2a9888888a44e5be15c)) +* rm security.md files from workspaces ([43f0d25](https://github.com/npm/template-oss/commit/43f0d259ec2013725adb88a061bcfd1fc7dcc070)) + ## [3.2.0](https://github.com/npm/template-oss/compare/v3.1.1...v3.2.0) (2022-03-25) diff --git a/package.json b/package.json index 2a04060e..2cba836f 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@npmcli/template-oss", - "version": "3.2.0", + "version": "3.2.1", "description": "templated files used in npm CLI team oss projects", "main": "lib/content/index.js", "bin": { From da74ad966ec5d0d000014258738772d3074d82f5 Mon Sep 17 00:00:00 2001 From: Gar Date: Tue, 29 Mar 2022 13:47:25 -0700 Subject: [PATCH 05/29] fix: lint after post dependabot install --- .github/workflows/post-dependabot.yml | 1 + lib/content/post-dependabot.yml | 1 + tap-snapshots/test/apply/full-content.js.test.cjs | 14 ++++++++------ tap-snapshots/test/check/diffs.js.test.cjs | 2 +- 4 files changed, 11 insertions(+), 7 deletions(-) diff --git a/.github/workflows/post-dependabot.yml b/.github/workflows/post-dependabot.yml index bae1d8d2..dde84863 100644 --- a/.github/workflows/post-dependabot.yml +++ b/.github/workflows/post-dependabot.yml @@ -41,3 +41,4 @@ jobs: git add . git commit -am "chore: postinstall for dependabot template-oss PR" git push + npm run lint diff --git a/lib/content/post-dependabot.yml b/lib/content/post-dependabot.yml index ad8b3d42..b46379df 100644 --- a/lib/content/post-dependabot.yml +++ b/lib/content/post-dependabot.yml @@ -31,3 +31,4 @@ jobs: git add . git commit -am "chore: postinstall for dependabot template-oss PR" git push + npm run lint diff --git a/tap-snapshots/test/apply/full-content.js.test.cjs b/tap-snapshots/test/apply/full-content.js.test.cjs index ed035f84..ec27ed5d 100644 --- a/tap-snapshots/test/apply/full-content.js.test.cjs +++ b/tap-snapshots/test/apply/full-content.js.test.cjs @@ -133,7 +133,7 @@ updates: name: Audit on: - workflow_dispatch: + workflow_dispatch: null schedule: # "At 01:00 on Monday" https://crontab.guru/#0_1_*_*_1 - cron: "0 1 * * 1" @@ -163,7 +163,7 @@ jobs: name: CI on: - workflow_dispatch: + workflow_dispatch: null pull_request: branches: - '*' @@ -337,6 +337,7 @@ jobs: git add . git commit -am "chore: postinstall for dependabot template-oss PR" git push + npm run lint .github/workflows/pull-request.yml ======================================== @@ -611,7 +612,7 @@ updates: name: Audit on: - workflow_dispatch: + workflow_dispatch: null schedule: # "At 01:00 on Monday" https://crontab.guru/#0_1_*_*_1 - cron: "0 1 * * 1" @@ -641,7 +642,7 @@ jobs: name: CI - bbb on: - workflow_dispatch: + workflow_dispatch: null pull_request: branches: - '*' @@ -734,7 +735,7 @@ jobs: name: CI - @name/aaaa on: - workflow_dispatch: + workflow_dispatch: null pull_request: branches: - '*' @@ -827,7 +828,7 @@ jobs: name: CI on: - workflow_dispatch: + workflow_dispatch: null pull_request: branches: - '*' @@ -1001,6 +1002,7 @@ jobs: git add . git commit -am "chore: postinstall for dependabot template-oss PR" git push + npm run lint .github/workflows/pull-request.yml ======================================== diff --git a/tap-snapshots/test/check/diffs.js.test.cjs b/tap-snapshots/test/check/diffs.js.test.cjs index 73f61c5f..7dd543a6 100644 --- a/tap-snapshots/test/check/diffs.js.test.cjs +++ b/tap-snapshots/test/check/diffs.js.test.cjs @@ -353,7 +353,7 @@ The repo file audit.yml needs to be updated: name: Audit on: - workflow_dispatch: + workflow_dispatch: null schedule: # "At 01:00 on Monday" https://crontab.guru/#0_1_*_*_1 - cron: "0 1 * * 1" From a1e3c57a146238bda04ee80f50c8306b4aab36c3 Mon Sep 17 00:00:00 2001 From: Gar Date: Tue, 29 Mar 2022 14:04:59 -0700 Subject: [PATCH 06/29] deps: yaml@2.0.0-11 Fixes `null` bug in generating yaml --- package.json | 2 +- tap-snapshots/test/apply/full-content.js.test.cjs | 12 ++++++------ tap-snapshots/test/check/diffs.js.test.cjs | 2 +- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/package.json b/package.json index 2cba836f..0a05bfd4 100644 --- a/package.json +++ b/package.json @@ -44,7 +44,7 @@ "npm-package-arg": "^9.0.1", "proc-log": "^2.0.0", "semver": "^7.3.5", - "yaml": "^2.0.0-10" + "yaml": "^2.0.0-11" }, "files": [ "bin/", diff --git a/tap-snapshots/test/apply/full-content.js.test.cjs b/tap-snapshots/test/apply/full-content.js.test.cjs index ec27ed5d..0fbc9a25 100644 --- a/tap-snapshots/test/apply/full-content.js.test.cjs +++ b/tap-snapshots/test/apply/full-content.js.test.cjs @@ -133,7 +133,7 @@ updates: name: Audit on: - workflow_dispatch: null + workflow_dispatch: schedule: # "At 01:00 on Monday" https://crontab.guru/#0_1_*_*_1 - cron: "0 1 * * 1" @@ -163,7 +163,7 @@ jobs: name: CI on: - workflow_dispatch: null + workflow_dispatch: pull_request: branches: - '*' @@ -612,7 +612,7 @@ updates: name: Audit on: - workflow_dispatch: null + workflow_dispatch: schedule: # "At 01:00 on Monday" https://crontab.guru/#0_1_*_*_1 - cron: "0 1 * * 1" @@ -642,7 +642,7 @@ jobs: name: CI - bbb on: - workflow_dispatch: null + workflow_dispatch: pull_request: branches: - '*' @@ -735,7 +735,7 @@ jobs: name: CI - @name/aaaa on: - workflow_dispatch: null + workflow_dispatch: pull_request: branches: - '*' @@ -828,7 +828,7 @@ jobs: name: CI on: - workflow_dispatch: null + workflow_dispatch: pull_request: branches: - '*' diff --git a/tap-snapshots/test/check/diffs.js.test.cjs b/tap-snapshots/test/check/diffs.js.test.cjs index 7dd543a6..73f61c5f 100644 --- a/tap-snapshots/test/check/diffs.js.test.cjs +++ b/tap-snapshots/test/check/diffs.js.test.cjs @@ -353,7 +353,7 @@ The repo file audit.yml needs to be updated: name: Audit on: - workflow_dispatch: null + workflow_dispatch: schedule: # "At 01:00 on Monday" https://crontab.guru/#0_1_*_*_1 - cron: "0 1 * * 1" From 15c19c179a79a79e9785bfcf5818cd4f6631480a Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Tue, 29 Mar 2022 14:13:02 -0700 Subject: [PATCH 07/29] fix: dont write release please file for private workspace --- lib/config.js | 1 + lib/content/index.js | 5 ++++- lib/content/pkg.json | 4 ++++ lib/util/files.js | 19 ++++++++++++++++--- test/apply/index.js | 29 +++++++++++++++++++++++++++++ 5 files changed, 54 insertions(+), 4 deletions(-) diff --git a/lib/config.js b/lib/config.js index aa8e8224..338c7949 100644 --- a/lib/config.js +++ b/lib/config.js @@ -112,6 +112,7 @@ const getConfig = async ({ pkgName: pkg.name, pkgNameFs: pkg.name.replace(/\//g, '-').replace(/@/g, ''), pkgRelPath: pkgRelPath, + pkgPrivate: !!pkg.private, // booleans to control application of updates isForce, isDogFood, diff --git a/lib/content/index.js b/lib/content/index.js index 55aeb1e8..a80d2ee6 100644 --- a/lib/content/index.js +++ b/lib/content/index.js @@ -38,7 +38,10 @@ const rootModule = { // Changes for each workspace but applied to the root of the repo const workspaceRepo = { add: { - '.github/workflows/release-please-{{pkgNameFs}}.yml': 'release-please.yml', + '.github/workflows/release-please-{{pkgNameFs}}.yml': { + file: 'release-please.yml', + filter: (o) => !o.pkg.private, + }, '.github/workflows/ci-{{pkgNameFs}}.yml': 'ci.yml', }, } diff --git a/lib/content/pkg.json b/lib/content/pkg.json index ad5852a6..06ac6e8f 100644 --- a/lib/content/pkg.json +++ b/lib/content/pkg.json @@ -7,8 +7,12 @@ "template-oss-apply": "template-oss-apply --force", "lintfix": "npm run lint -- --fix", "preversion": "npm test", + {{#if pkgPrivate}} + "postversion": "git push origin --follow-tags", + {{else}} "postversion": "npm publish", "prepublishOnly": "git push origin --follow-tags", + {{/if}} "snap": "tap", "test": "tap", "posttest": "npm run lint", diff --git a/lib/util/files.js b/lib/util/files.js index 8dd0698a..32dd9124 100644 --- a/lib/util/files.js +++ b/lib/util/files.js @@ -9,13 +9,24 @@ const fullTarget = (dir, file, options) => join(dir, template(file, options)) // given an obj of files, return the full target/source paths and associated parser const getParsers = (dir, files, options) => Object.entries(files).map(([t, s]) => { - let { file, parser: fileParser } = typeof s === 'string' ? { file: s } : s - const target = fullTarget(dir, t, options) + let { + file, + parser: fileParser, + filter, + } = typeof s === 'string' ? { file: s } : s + file = join(options.config.sourceDir, file) + const target = fullTarget(dir, t, options) + + if (typeof filter === 'function' && !filter(options)) { + return null + } + if (fileParser) { // allow files to extend base parsers or create new ones return new (fileParser(Parser.Parsers))(target, file, options) } + return new (Parser(file))(target, file, options) }) @@ -32,7 +43,9 @@ const rmEach = async (dir, files, options, fn) => { const parseEach = async (dir, files, options, fn) => { const res = [] for (const parser of getParsers(dir, files, options)) { - res.push(await fn(parser)) + if (parser) { + res.push(await fn(parser)) + } } return res.filter(Boolean) } diff --git a/test/apply/index.js b/test/apply/index.js index 9e37407b..2f03dce2 100644 --- a/test/apply/index.js +++ b/test/apply/index.js @@ -1,4 +1,6 @@ const t = require('tap') +const fs = require('fs') +const { join } = require('path') const setup = require('../setup.js') t.cleanSnapshot = setup.clean @@ -71,3 +73,30 @@ t.test('workspaces', async (t) => { await s.apply() await t.resolveMatchSnapshot(s.readdir()) }) + +t.test('private workspace', async (t) => { + const s = await setup(t, { + package: {}, + workspaces: { + a: { private: true }, + b: {}, + }, + }) + await s.apply() + + const pkg = await s.readJson(join('workspaces', 'b', 'package.json')) + const privatePkg = await s.readJson(join('workspaces', 'a', 'package.json')) + + t.ok(pkg.scripts.prepublishOnly) + t.ok(pkg.scripts.postversion) + + t.notOk(privatePkg.scripts.prepublishOnly) + t.ok(privatePkg.scripts.postversion) + + t.equal(pkg.scripts.prepublishOnly, privatePkg.scripts.postversion) + + const rp = s.join('.github', 'workflows') + t.ok(fs.existsSync(join(rp, 'release-please.yml'))) + t.ok(fs.existsSync(join(rp, 'release-please-b.yml'))) + t.notOk(fs.existsSync(join(rp, 'release-please-a.yml'))) +}) From a4ae34f85500747e66666891dde8c3e9acf5485c Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Tue, 29 Mar 2022 15:27:11 -0700 Subject: [PATCH 08/29] fix: correct path key for workspace release --- lib/content/release-please.yml | 2 +- tap-snapshots/test/apply/full-content.js.test.cjs | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/content/release-please.yml b/lib/content/release-please.yml index e08655ea..bd15b111 100644 --- a/lib/content/release-please.yml +++ b/lib/content/release-please.yml @@ -21,7 +21,7 @@ jobs: release-type: node {{#if pkgRelPath}} monorepo-tags: true - paths: {{pkgRelPath}} + path: {{pkgRelPath}} {{/if}} changelog-types: > [ diff --git a/tap-snapshots/test/apply/full-content.js.test.cjs b/tap-snapshots/test/apply/full-content.js.test.cjs index 0fbc9a25..2c6d3851 100644 --- a/tap-snapshots/test/apply/full-content.js.test.cjs +++ b/tap-snapshots/test/apply/full-content.js.test.cjs @@ -1068,7 +1068,7 @@ jobs: with: release-type: node monorepo-tags: true - paths: workspaces/b + path: workspaces/b changelog-types: > [ {"type":"feat","section":"Features","hidden":false}, @@ -1101,7 +1101,7 @@ jobs: with: release-type: node monorepo-tags: true - paths: workspaces/a + path: workspaces/a changelog-types: > [ {"type":"feat","section":"Features","hidden":false}, From cd3fee91d8bf54d6bd9b71406b9282c19aae0689 Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Tue, 29 Mar 2022 15:27:33 -0700 Subject: [PATCH 09/29] fix: race conditiion when saving package.json --- lib/util/parser.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/util/parser.js b/lib/util/parser.js index e1c7f56a..f4117280 100644 --- a/lib/util/parser.js +++ b/lib/util/parser.js @@ -249,7 +249,7 @@ class PackageJson extends JsonMerge { return unset(pkg.content, keys) } }) - pkg.save() + await pkg.save() } } From 85fb1c90f062e88ae5decc3a846f9eaa54335cd3 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 29 Mar 2022 22:40:27 +0000 Subject: [PATCH 10/29] chore(main): release 3.2.2 --- CHANGELOG.md | 15 +++++++++++++++ package.json | 2 +- 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 23379360..0687fbd3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,20 @@ # Changelog +### [3.2.2](https://github.com/npm/template-oss/compare/v3.2.1...v3.2.2) (2022-03-29) + + +### Bug Fixes + +* correct path key for workspace release ([a4ae34f](https://github.com/npm/template-oss/commit/a4ae34f85500747e66666891dde8c3e9acf5485c)) +* dont write release please file for private workspace ([15c19c1](https://github.com/npm/template-oss/commit/15c19c179a79a79e9785bfcf5818cd4f6631480a)) +* lint after post dependabot install ([da74ad9](https://github.com/npm/template-oss/commit/da74ad966ec5d0d000014258738772d3074d82f5)) +* race conditiion when saving package.json ([cd3fee9](https://github.com/npm/template-oss/commit/cd3fee91d8bf54d6bd9b71406b9282c19aae0689)) + + +### Dependencies + +* yaml@2.0.0-11 ([a1e3c57](https://github.com/npm/template-oss/commit/a1e3c57a146238bda04ee80f50c8306b4aab36c3)) + ### [3.2.1](https://github.com/npm/template-oss/compare/v3.2.0...v3.2.1) (2022-03-29) diff --git a/package.json b/package.json index 0a05bfd4..1bd85326 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@npmcli/template-oss", - "version": "3.2.1", + "version": "3.2.2", "description": "templated files used in npm CLI team oss projects", "main": "lib/content/index.js", "bin": { From ba5907b96343bec8059544736fa154c951353de5 Mon Sep 17 00:00:00 2001 From: Gar Date: Wed, 30 Mar 2022 08:59:56 -0700 Subject: [PATCH 11/29] fix: update comment link to github permissions (#117) --- .github/workflows/post-dependabot.yml | 2 +- lib/content/post-dependabot.yml | 2 +- tap-snapshots/test/apply/full-content.js.test.cjs | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/post-dependabot.yml b/.github/workflows/post-dependabot.yml index dde84863..3327db21 100644 --- a/.github/workflows/post-dependabot.yml +++ b/.github/workflows/post-dependabot.yml @@ -4,7 +4,7 @@ name: Post Dependabot Actions on: pull_request -# https://docs.github.com/en/rest/overview/permissions-required-for-github-apps +# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions permissions: actions: write contents: write diff --git a/lib/content/post-dependabot.yml b/lib/content/post-dependabot.yml index b46379df..e1c0325a 100644 --- a/lib/content/post-dependabot.yml +++ b/lib/content/post-dependabot.yml @@ -3,7 +3,7 @@ name: Post Dependabot Actions on: pull_request -# https://docs.github.com/en/rest/overview/permissions-required-for-github-apps +# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions permissions: actions: write contents: write diff --git a/tap-snapshots/test/apply/full-content.js.test.cjs b/tap-snapshots/test/apply/full-content.js.test.cjs index 2c6d3851..94fe8015 100644 --- a/tap-snapshots/test/apply/full-content.js.test.cjs +++ b/tap-snapshots/test/apply/full-content.js.test.cjs @@ -300,7 +300,7 @@ name: Post Dependabot Actions on: pull_request -# https://docs.github.com/en/rest/overview/permissions-required-for-github-apps +# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions permissions: actions: write contents: write @@ -965,7 +965,7 @@ name: Post Dependabot Actions on: pull_request -# https://docs.github.com/en/rest/overview/permissions-required-for-github-apps +# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions permissions: actions: write contents: write From 0555d670b6f4ebc5929e65af28daae1e34599369 Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Tue, 29 Mar 2022 21:45:28 -0700 Subject: [PATCH 12/29] feat: add audit and fund flags to install Closes #108 --- .github/workflows/audit.yml | 2 +- .github/workflows/ci.yml | 4 ++-- .github/workflows/post-dependabot.yml | 2 +- lib/content/audit.yml | 2 +- lib/content/ci.yml | 4 ++-- lib/content/post-dependabot.yml | 2 +- .../test/apply/full-content.js.test.cjs | 24 +++++++++---------- tap-snapshots/test/check/diffs.js.test.cjs | 4 ++-- 8 files changed, 22 insertions(+), 22 deletions(-) diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index 549243ae..03dcd937 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -23,5 +23,5 @@ jobs: - name: Update npm to latest run: npm i --prefer-online --no-fund --no-audit -g npm@latest - run: npm -v - - run: npm i --ignore-scripts --package-lock + - run: npm i --ignore-scripts --no-audit --no-fund --package-lock - run: npm audit diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 8067c86d..c04f4181 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -30,7 +30,7 @@ jobs: - name: Update npm to latest run: npm i --prefer-online --no-fund --no-audit -g npm@latest - run: npm -v - - run: npm i --ignore-scripts + - run: npm i --ignore-scripts --no-audit --no-fund - run: npm run lint test: @@ -82,5 +82,5 @@ jobs: if: ${{ !startsWith(matrix.node-version, '10.') }} run: npm i --prefer-online --no-fund --no-audit -g npm@latest - run: npm -v - - run: npm i --ignore-scripts + - run: npm i --ignore-scripts --no-audit --no-fund - run: npm test --ignore-scripts diff --git a/.github/workflows/post-dependabot.yml b/.github/workflows/post-dependabot.yml index 3327db21..7ad2555d 100644 --- a/.github/workflows/post-dependabot.yml +++ b/.github/workflows/post-dependabot.yml @@ -36,7 +36,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | gh pr checkout ${{ github.event.pull_request.number }} - npm install --ignore-scripts + npm install --ignore-scripts --no-audit --no-fund npm run template-oss-apply git add . git commit -am "chore: postinstall for dependabot template-oss PR" diff --git a/lib/content/audit.yml b/lib/content/audit.yml index 3680e102..0bd4c704 100644 --- a/lib/content/audit.yml +++ b/lib/content/audit.yml @@ -12,5 +12,5 @@ jobs: steps: {{> setupGit}} {{> setupNode}} - - run: npm i --ignore-scripts --package-lock + - run: npm i --ignore-scripts --no-audit --no-fund --package-lock - run: npm audit diff --git a/lib/content/ci.yml b/lib/content/ci.yml index 74a05f82..bc62aff3 100644 --- a/lib/content/ci.yml +++ b/lib/content/ci.yml @@ -28,7 +28,7 @@ jobs: steps: {{> setupGit}} {{> setupNode}} - - run: npm i --ignore-scripts + - run: npm i --ignore-scripts --no-audit --no-fund - run: npm run lint {{~#if isWorkspace}} -w {{pkgName}}{{/if}} test: @@ -55,5 +55,5 @@ jobs: steps: {{> setupGit}} {{> setupNode useMatrix=true}} - - run: npm i --ignore-scripts + - run: npm i --ignore-scripts --no-audit --no-fund - run: npm test --ignore-scripts {{~#if isWorkspace}} -w {{pkgName}}{{/if}} diff --git a/lib/content/post-dependabot.yml b/lib/content/post-dependabot.yml index e1c0325a..81a58021 100644 --- a/lib/content/post-dependabot.yml +++ b/lib/content/post-dependabot.yml @@ -26,7 +26,7 @@ jobs: GITHUB_TOKEN: $\{{ secrets.GITHUB_TOKEN }} run: | gh pr checkout $\{{ github.event.pull_request.number }} - npm install --ignore-scripts + npm install --ignore-scripts --no-audit --no-fund npm run template-oss-apply git add . git commit -am "chore: postinstall for dependabot template-oss PR" diff --git a/tap-snapshots/test/apply/full-content.js.test.cjs b/tap-snapshots/test/apply/full-content.js.test.cjs index 94fe8015..33d01fdf 100644 --- a/tap-snapshots/test/apply/full-content.js.test.cjs +++ b/tap-snapshots/test/apply/full-content.js.test.cjs @@ -153,7 +153,7 @@ jobs: - name: Update npm to latest run: npm i --prefer-online --no-fund --no-audit -g npm@latest - run: npm -v - - run: npm i --ignore-scripts --package-lock + - run: npm i --ignore-scripts --no-audit --no-fund --package-lock - run: npm audit .github/workflows/ci.yml @@ -190,7 +190,7 @@ jobs: - name: Update npm to latest run: npm i --prefer-online --no-fund --no-audit -g npm@latest - run: npm -v - - run: npm i --ignore-scripts + - run: npm i --ignore-scripts --no-audit --no-fund - run: npm run lint test: @@ -242,7 +242,7 @@ jobs: if: \${{ !startsWith(matrix.node-version, '10.') }} run: npm i --prefer-online --no-fund --no-audit -g npm@latest - run: npm -v - - run: npm i --ignore-scripts + - run: npm i --ignore-scripts --no-audit --no-fund - run: npm test --ignore-scripts .github/workflows/codeql-analysis.yml @@ -332,7 +332,7 @@ jobs: GITHUB_TOKEN: \${{ secrets.GITHUB_TOKEN }} run: | gh pr checkout \${{ github.event.pull_request.number }} - npm install --ignore-scripts + npm install --ignore-scripts --no-audit --no-fund npm run template-oss-apply git add . git commit -am "chore: postinstall for dependabot template-oss PR" @@ -632,7 +632,7 @@ jobs: - name: Update npm to latest run: npm i --prefer-online --no-fund --no-audit -g npm@latest - run: npm -v - - run: npm i --ignore-scripts --package-lock + - run: npm i --ignore-scripts --no-audit --no-fund --package-lock - run: npm audit .github/workflows/ci-bbb.yml @@ -673,7 +673,7 @@ jobs: - name: Update npm to latest run: npm i --prefer-online --no-fund --no-audit -g npm@latest - run: npm -v - - run: npm i --ignore-scripts + - run: npm i --ignore-scripts --no-audit --no-fund - run: npm run lint -w bbb test: @@ -725,7 +725,7 @@ jobs: if: \${{ !startsWith(matrix.node-version, '10.') }} run: npm i --prefer-online --no-fund --no-audit -g npm@latest - run: npm -v - - run: npm i --ignore-scripts + - run: npm i --ignore-scripts --no-audit --no-fund - run: npm test --ignore-scripts -w bbb .github/workflows/ci-name-aaaa.yml @@ -766,7 +766,7 @@ jobs: - name: Update npm to latest run: npm i --prefer-online --no-fund --no-audit -g npm@latest - run: npm -v - - run: npm i --ignore-scripts + - run: npm i --ignore-scripts --no-audit --no-fund - run: npm run lint -w @name/aaaa test: @@ -818,7 +818,7 @@ jobs: if: \${{ !startsWith(matrix.node-version, '10.') }} run: npm i --prefer-online --no-fund --no-audit -g npm@latest - run: npm -v - - run: npm i --ignore-scripts + - run: npm i --ignore-scripts --no-audit --no-fund - run: npm test --ignore-scripts -w @name/aaaa .github/workflows/ci.yml @@ -855,7 +855,7 @@ jobs: - name: Update npm to latest run: npm i --prefer-online --no-fund --no-audit -g npm@latest - run: npm -v - - run: npm i --ignore-scripts + - run: npm i --ignore-scripts --no-audit --no-fund - run: npm run lint test: @@ -907,7 +907,7 @@ jobs: if: \${{ !startsWith(matrix.node-version, '10.') }} run: npm i --prefer-online --no-fund --no-audit -g npm@latest - run: npm -v - - run: npm i --ignore-scripts + - run: npm i --ignore-scripts --no-audit --no-fund - run: npm test --ignore-scripts .github/workflows/codeql-analysis.yml @@ -997,7 +997,7 @@ jobs: GITHUB_TOKEN: \${{ secrets.GITHUB_TOKEN }} run: | gh pr checkout \${{ github.event.pull_request.number }} - npm install --ignore-scripts + npm install --ignore-scripts --no-audit --no-fund npm run template-oss-apply git add . git commit -am "chore: postinstall for dependabot template-oss PR" diff --git a/tap-snapshots/test/check/diffs.js.test.cjs b/tap-snapshots/test/check/diffs.js.test.cjs index 73f61c5f..83abafbc 100644 --- a/tap-snapshots/test/check/diffs.js.test.cjs +++ b/tap-snapshots/test/check/diffs.js.test.cjs @@ -333,7 +333,7 @@ The repo file ci.yml needs to be updated: + if: \${{ !startsWith(matrix.node-version, '10.') }} + run: npm i --prefer-online --no-fund --no-audit -g npm@latest + - run: npm -v - + - run: npm i --ignore-scripts + + - run: npm i --ignore-scripts --no-audit --no-fund + - run: npm test --ignore-scripts To correct it: npx template-oss-apply --force @@ -373,7 +373,7 @@ The repo file audit.yml needs to be updated: - name: Update npm to latest run: npm i --prefer-online --no-fund --no-audit -g npm@latest - run: npm -v - - run: npm i --ignore-scripts --package-lock + - run: npm i --ignore-scripts --no-audit --no-fund --package-lock - run: npm audit From 9ab449797deda9d3c02d582def9c8eaec342e943 Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Wed, 30 Mar 2022 08:48:37 -0700 Subject: [PATCH 13/29] feat: add lockfile option to control npmrc and ci cache --- lib/content/index.js | 1 + lib/content/npmrc | 2 +- lib/content/setup-node.yml | 3 +++ 3 files changed, 5 insertions(+), 1 deletion(-) diff --git a/lib/content/index.js b/lib/content/index.js index a80d2ee6..dcd26b4f 100644 --- a/lib/content/index.js +++ b/lib/content/index.js @@ -69,6 +69,7 @@ module.exports = { branches: ['main', 'latest'], distPaths: ['bin/', 'lib/'], ciVersions: ['12.13.0', '12.x', '14.15.0', '14.x', '16.0.0', '16.x'], + lockfile: false, unwantedPackages: [ 'eslint', 'eslint-plugin-node', diff --git a/lib/content/npmrc b/lib/content/npmrc index 43c97e71..239fb98e 100644 --- a/lib/content/npmrc +++ b/lib/content/npmrc @@ -1 +1 @@ -package-lock=false +package-lock={{lockfile}} diff --git a/lib/content/setup-node.yml b/lib/content/setup-node.yml index 5b393d33..7516e63b 100644 --- a/lib/content/setup-node.yml +++ b/lib/content/setup-node.yml @@ -1,6 +1,9 @@ - uses: actions/setup-node@v3 with: node-version: {{#if useMatrix}}$\{{ matrix.node-version }}{{else}}{{#each ciVersions}}{{#if @last}}{{.}}{{/if}}{{/each}}{{/if}} + {{#if lockfile}} + cache: npm + {{/if}} {{#if useMatrix}} - name: Update to workable npm (windows) # node 12 and 14 ship with npm@6, which is known to fail when updating itself in windows From afe6fb17c31629751dfa512767a7a84739a2511c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 5 Apr 2022 08:27:40 -0700 Subject: [PATCH 14/29] deps: bump @npmcli/package-json from 1.0.1 to 2.0.0 (#122) Bumps [@npmcli/package-json](https://github.com/npm/package-json) from 1.0.1 to 2.0.0. - [Release notes](https://github.com/npm/package-json/releases) - [Changelog](https://github.com/npm/package-json/blob/main/CHANGELOG.md) - [Commits](https://github.com/npm/package-json/compare/v1.0.1...v2.0.0) --- updated-dependencies: - dependency-name: "@npmcli/package-json" dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 1bd85326..4b10cd4b 100644 --- a/package.json +++ b/package.json @@ -34,7 +34,7 @@ "@npmcli/fs": "^2.0.1", "@npmcli/git": "^3.0.0", "@npmcli/map-workspaces": "^2.0.2", - "@npmcli/package-json": "^1.0.1", + "@npmcli/package-json": "^2.0.0", "diff": "^5.0.0", "handlebars": "^4.7.7", "hosted-git-info": "^5.0.0", From a245bbcb0f476b7e4426387af4e453c91e2ff97e Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Tue, 5 Apr 2022 17:23:45 +0000 Subject: [PATCH 15/29] fix: remove actions permission from post-dependabot --- .github/workflows/post-dependabot.yml | 3 +-- lib/content/post-dependabot.yml | 3 +-- tap-snapshots/test/apply/full-content.js.test.cjs | 6 ++---- 3 files changed, 4 insertions(+), 8 deletions(-) diff --git a/.github/workflows/post-dependabot.yml b/.github/workflows/post-dependabot.yml index 7ad2555d..0372a7a9 100644 --- a/.github/workflows/post-dependabot.yml +++ b/.github/workflows/post-dependabot.yml @@ -6,11 +6,10 @@ on: pull_request # https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions permissions: - actions: write contents: write jobs: - Install: + template-oss-apply: runs-on: ubuntu-latest if: github.actor == 'dependabot[bot]' steps: diff --git a/lib/content/post-dependabot.yml b/lib/content/post-dependabot.yml index 81a58021..8d77bdee 100644 --- a/lib/content/post-dependabot.yml +++ b/lib/content/post-dependabot.yml @@ -5,11 +5,10 @@ on: # https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions permissions: - actions: write contents: write jobs: - Install: + template-oss-apply: runs-on: ubuntu-latest if: github.actor == 'dependabot[bot]' steps: diff --git a/tap-snapshots/test/apply/full-content.js.test.cjs b/tap-snapshots/test/apply/full-content.js.test.cjs index 33d01fdf..8a1cbf01 100644 --- a/tap-snapshots/test/apply/full-content.js.test.cjs +++ b/tap-snapshots/test/apply/full-content.js.test.cjs @@ -302,11 +302,10 @@ on: pull_request # https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions permissions: - actions: write contents: write jobs: - Install: + template-oss-apply: runs-on: ubuntu-latest if: github.actor == 'dependabot[bot]' steps: @@ -967,11 +966,10 @@ on: pull_request # https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions permissions: - actions: write contents: write jobs: - Install: + template-oss-apply: runs-on: ubuntu-latest if: github.actor == 'dependabot[bot]' steps: From f6aa84473c2fc70676ea4b2da356ea9e5a23d5b5 Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Wed, 6 Apr 2022 10:21:17 -0700 Subject: [PATCH 16/29] fix: explicitly set package-name for release please workspaces --- lib/content/release-please.yml | 3 +++ tap-snapshots/test/apply/full-content.js.test.cjs | 6 ++++++ 2 files changed, 9 insertions(+) diff --git a/lib/content/release-please.yml b/lib/content/release-please.yml index bd15b111..f34a7410 100644 --- a/lib/content/release-please.yml +++ b/lib/content/release-please.yml @@ -22,6 +22,9 @@ jobs: {{#if pkgRelPath}} monorepo-tags: true path: {{pkgRelPath}} + # name can be removed after this is merged + # https://github.com/google-github-actions/release-please-action/pull/459 + package-name: "{{pkgName}}" {{/if}} changelog-types: > [ diff --git a/tap-snapshots/test/apply/full-content.js.test.cjs b/tap-snapshots/test/apply/full-content.js.test.cjs index 8a1cbf01..efa26c96 100644 --- a/tap-snapshots/test/apply/full-content.js.test.cjs +++ b/tap-snapshots/test/apply/full-content.js.test.cjs @@ -1067,6 +1067,9 @@ jobs: release-type: node monorepo-tags: true path: workspaces/b + # name can be removed after this is merged + # https://github.com/google-github-actions/release-please-action/pull/459 + package-name: "bbb" changelog-types: > [ {"type":"feat","section":"Features","hidden":false}, @@ -1100,6 +1103,9 @@ jobs: release-type: node monorepo-tags: true path: workspaces/a + # name can be removed after this is merged + # https://github.com/google-github-actions/release-please-action/pull/459 + package-name: "@name/aaaa" changelog-types: > [ {"type":"feat","section":"Features","hidden":false}, From bd3da0ebda3f7fa7c424379e07aa2863fc831feb Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Wed, 6 Apr 2022 14:17:57 -0700 Subject: [PATCH 17/29] feat: update root package-lock after workspace releases (#125) --- lib/content/release-please.yml | 21 ++++++++ .../test/apply/full-content.js.test.cjs | 52 ++++++++++++++++++- 2 files changed, 71 insertions(+), 2 deletions(-) diff --git a/lib/content/release-please.yml b/lib/content/release-please.yml index f34a7410..79f87b78 100644 --- a/lib/content/release-please.yml +++ b/lib/content/release-please.yml @@ -11,6 +11,11 @@ on: - {{.}} {{/each}} +{{~#if isWorkspace}} +permissions: + contents: write +{{/if}} + jobs: release-please: runs-on: ubuntu-latest @@ -32,3 +37,19 @@ jobs: {{{json .}}}{{#unless @last}},{{/unless}} {{/each}} ] + {{~#if isWorkspace}} + {{> setupGit}} + {{> setupNode}} + - name: Update package-lock.json and commit + if: steps.release.outputs.pr + env: + GITHUB_TOKEN: $\{{ secrets.GITHUB_TOKEN }} + run: | + gh pr checkout $\{{ fromJSON(steps.release.outputs.pr).number }} + npm run resetdeps + title="$\{{ fromJSON(steps.release.outputs.pr).title }}" + # get the version from the pr title + # get everything after the last space + git commit -am "deps: {{pkgName}}@${title##* }" + git push + {{/if}} diff --git a/tap-snapshots/test/apply/full-content.js.test.cjs b/tap-snapshots/test/apply/full-content.js.test.cjs index efa26c96..6dfadd9b 100644 --- a/tap-snapshots/test/apply/full-content.js.test.cjs +++ b/tap-snapshots/test/apply/full-content.js.test.cjs @@ -1056,6 +1056,8 @@ on: branches: - main - latest +permissions: + contents: write jobs: release-please: @@ -1077,7 +1079,29 @@ jobs: {"type":"docs","section":"Documentation","hidden":false}, {"type":"deps","section":"Dependencies","hidden":false}, {"type":"chore","hidden":true} - ] + ] - uses: actions/checkout@v3 + - name: Setup git user + run: | + git config --global user.email "ops+npm-cli@npmjs.com" + git config --global user.name "npm cli ops bot" + - uses: actions/setup-node@v3 + with: + node-version: 16.x + - name: Update npm to latest + run: npm i --prefer-online --no-fund --no-audit -g npm@latest + - run: npm -v + - name: Update package-lock.json and commit + if: steps.release.outputs.pr + env: + GITHUB_TOKEN: \${{ secrets.GITHUB_TOKEN }} + run: | + gh pr checkout \${{ fromJSON(steps.release.outputs.pr).number }} + npm run resetdeps + title="\${{ fromJSON(steps.release.outputs.pr).title }}" + # get the version from the pr title + # get everything after the last space + git commit -am "deps: bbb@\${title##* }" + git push .github/workflows/release-please-name-aaaa.yml ======================================== @@ -1092,6 +1116,8 @@ on: branches: - main - latest +permissions: + contents: write jobs: release-please: @@ -1113,7 +1139,29 @@ jobs: {"type":"docs","section":"Documentation","hidden":false}, {"type":"deps","section":"Dependencies","hidden":false}, {"type":"chore","hidden":true} - ] + ] - uses: actions/checkout@v3 + - name: Setup git user + run: | + git config --global user.email "ops+npm-cli@npmjs.com" + git config --global user.name "npm cli ops bot" + - uses: actions/setup-node@v3 + with: + node-version: 16.x + - name: Update npm to latest + run: npm i --prefer-online --no-fund --no-audit -g npm@latest + - run: npm -v + - name: Update package-lock.json and commit + if: steps.release.outputs.pr + env: + GITHUB_TOKEN: \${{ secrets.GITHUB_TOKEN }} + run: | + gh pr checkout \${{ fromJSON(steps.release.outputs.pr).number }} + npm run resetdeps + title="\${{ fromJSON(steps.release.outputs.pr).title }}" + # get the version from the pr title + # get everything after the last space + git commit -am "deps: @name/aaaa@\${title##* }" + git push .github/workflows/release-please.yml ======================================== From 9856718fb6763158de646635f642e1c5ec98639c Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Wed, 6 Apr 2022 14:21:04 -0700 Subject: [PATCH 18/29] chore(main): release 3.3.0 (#121) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- CHANGELOG.md | 21 +++++++++++++++++++++ package.json | 2 +- 2 files changed, 22 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0687fbd3..87eb73a4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,26 @@ # Changelog +## [3.3.0](https://github.com/npm/template-oss/compare/v3.2.2...v3.3.0) (2022-04-06) + + +### Features + +* add audit and fund flags to install ([0555d67](https://github.com/npm/template-oss/commit/0555d670b6f4ebc5929e65af28daae1e34599369)), closes [#108](https://github.com/npm/template-oss/issues/108) +* add lockfile option to control npmrc and ci cache ([9ab4497](https://github.com/npm/template-oss/commit/9ab449797deda9d3c02d582def9c8eaec342e943)) +* update root package-lock after workspace releases ([#125](https://github.com/npm/template-oss/issues/125)) ([bd3da0e](https://github.com/npm/template-oss/commit/bd3da0ebda3f7fa7c424379e07aa2863fc831feb)) + + +### Bug Fixes + +* explicitly set package-name for release please workspaces ([f6aa844](https://github.com/npm/template-oss/commit/f6aa84473c2fc70676ea4b2da356ea9e5a23d5b5)) +* remove actions permission from post-dependabot ([a245bbc](https://github.com/npm/template-oss/commit/a245bbcb0f476b7e4426387af4e453c91e2ff97e)) +* update comment link to github permissions ([#117](https://github.com/npm/template-oss/issues/117)) ([ba5907b](https://github.com/npm/template-oss/commit/ba5907b96343bec8059544736fa154c951353de5)) + + +### Dependencies + +* bump @npmcli/package-json from 1.0.1 to 2.0.0 ([#122](https://github.com/npm/template-oss/issues/122)) ([afe6fb1](https://github.com/npm/template-oss/commit/afe6fb17c31629751dfa512767a7a84739a2511c)) + ### [3.2.2](https://github.com/npm/template-oss/compare/v3.2.1...v3.2.2) (2022-03-29) diff --git a/package.json b/package.json index 4b10cd4b..97aaacfc 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@npmcli/template-oss", - "version": "3.2.2", + "version": "3.3.0", "description": "templated files used in npm CLI team oss projects", "main": "lib/content/index.js", "bin": { From a64af5de1e340ff12ce833b9b0cf6b06615ec6cd Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Wed, 6 Apr 2022 14:41:26 -0700 Subject: [PATCH 19/29] fix: yaml newlines in release please action (#127) --- lib/content/release-please.yml | 4 ++-- tap-snapshots/test/apply/full-content.js.test.cjs | 8 ++++++-- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/lib/content/release-please.yml b/lib/content/release-please.yml index 79f87b78..9d4e350c 100644 --- a/lib/content/release-please.yml +++ b/lib/content/release-please.yml @@ -11,7 +11,7 @@ on: - {{.}} {{/each}} -{{~#if isWorkspace}} +{{#if isWorkspace}} permissions: contents: write {{/if}} @@ -37,7 +37,7 @@ jobs: {{{json .}}}{{#unless @last}},{{/unless}} {{/each}} ] - {{~#if isWorkspace}} + {{#if isWorkspace}} {{> setupGit}} {{> setupNode}} - name: Update package-lock.json and commit diff --git a/tap-snapshots/test/apply/full-content.js.test.cjs b/tap-snapshots/test/apply/full-content.js.test.cjs index 6dfadd9b..587ddeb3 100644 --- a/tap-snapshots/test/apply/full-content.js.test.cjs +++ b/tap-snapshots/test/apply/full-content.js.test.cjs @@ -1056,6 +1056,7 @@ on: branches: - main - latest + permissions: contents: write @@ -1079,7 +1080,8 @@ jobs: {"type":"docs","section":"Documentation","hidden":false}, {"type":"deps","section":"Dependencies","hidden":false}, {"type":"chore","hidden":true} - ] - uses: actions/checkout@v3 + ] + - uses: actions/checkout@v3 - name: Setup git user run: | git config --global user.email "ops+npm-cli@npmjs.com" @@ -1116,6 +1118,7 @@ on: branches: - main - latest + permissions: contents: write @@ -1139,7 +1142,8 @@ jobs: {"type":"docs","section":"Documentation","hidden":false}, {"type":"deps","section":"Dependencies","hidden":false}, {"type":"chore","hidden":true} - ] - uses: actions/checkout@v3 + ] + - uses: actions/checkout@v3 - name: Setup git user run: | git config --global user.email "ops+npm-cli@npmjs.com" From 0658299e59878074ca9830660469d891df6c917d Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Wed, 6 Apr 2022 14:43:41 -0700 Subject: [PATCH 20/29] chore(main): release 3.3.1 (#128) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- CHANGELOG.md | 7 +++++++ package.json | 2 +- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 87eb73a4..728dc4d1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,12 @@ # Changelog +### [3.3.1](https://github.com/npm/template-oss/compare/v3.3.0...v3.3.1) (2022-04-06) + + +### Bug Fixes + +* yaml newlines in release please action ([#127](https://github.com/npm/template-oss/issues/127)) ([a64af5d](https://github.com/npm/template-oss/commit/a64af5de1e340ff12ce833b9b0cf6b06615ec6cd)) + ## [3.3.0](https://github.com/npm/template-oss/compare/v3.2.2...v3.3.0) (2022-04-06) diff --git a/package.json b/package.json index 97aaacfc..e792cc46 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@npmcli/template-oss", - "version": "3.3.0", + "version": "3.3.1", "description": "templated files used in npm CLI team oss projects", "main": "lib/content/index.js", "bin": { From 82064ff6f7cacaa2c5fb9ebad0eaee1209963f8e Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Wed, 6 Apr 2022 15:11:42 -0700 Subject: [PATCH 21/29] fix: add pull requests permissions to release please (#129) --- lib/content/release-please.yml | 1 + tap-snapshots/test/apply/full-content.js.test.cjs | 2 ++ 2 files changed, 3 insertions(+) diff --git a/lib/content/release-please.yml b/lib/content/release-please.yml index 9d4e350c..ac0e801c 100644 --- a/lib/content/release-please.yml +++ b/lib/content/release-please.yml @@ -14,6 +14,7 @@ on: {{#if isWorkspace}} permissions: contents: write + pull-requests: write {{/if}} jobs: diff --git a/tap-snapshots/test/apply/full-content.js.test.cjs b/tap-snapshots/test/apply/full-content.js.test.cjs index 587ddeb3..97ff50bc 100644 --- a/tap-snapshots/test/apply/full-content.js.test.cjs +++ b/tap-snapshots/test/apply/full-content.js.test.cjs @@ -1059,6 +1059,7 @@ on: permissions: contents: write + pull-requests: write jobs: release-please: @@ -1121,6 +1122,7 @@ on: permissions: contents: write + pull-requests: write jobs: release-please: From 27983a8d1c7a256b2a84c0edac8295f59fbaeda2 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Wed, 6 Apr 2022 15:13:08 -0700 Subject: [PATCH 22/29] chore(main): release 3.3.2 (#130) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- CHANGELOG.md | 7 +++++++ package.json | 2 +- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 728dc4d1..d662b55f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,12 @@ # Changelog +### [3.3.2](https://github.com/npm/template-oss/compare/v3.3.1...v3.3.2) (2022-04-06) + + +### Bug Fixes + +* add pull requests permissions to release please ([#129](https://github.com/npm/template-oss/issues/129)) ([82064ff](https://github.com/npm/template-oss/commit/82064ff6f7cacaa2c5fb9ebad0eaee1209963f8e)) + ### [3.3.1](https://github.com/npm/template-oss/compare/v3.3.0...v3.3.1) (2022-04-06) diff --git a/package.json b/package.json index e792cc46..09e42b0f 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@npmcli/template-oss", - "version": "3.3.1", + "version": "3.3.2", "description": "templated files used in npm CLI team oss projects", "main": "lib/content/index.js", "bin": { From aeb0162f68358f5783f63868a0c7c79d327f87fe Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Sat, 9 Apr 2022 14:38:34 -0700 Subject: [PATCH 23/29] fix: use ops+robot as git user for all ci --- .github/workflows/audit.yml | 4 +- .github/workflows/ci.yml | 8 +-- .github/workflows/codeql-analysis.yml | 4 +- .github/workflows/post-dependabot.yml | 4 +- .github/workflows/pull-request.yml | 4 +- lib/content/setup-git.yml | 4 +- .../test/apply/full-content.js.test.cjs | 72 +++++++++---------- tap-snapshots/test/check/diffs.js.test.cjs | 6 +- 8 files changed, 53 insertions(+), 53 deletions(-) diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index 03dcd937..7f48d351 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -15,8 +15,8 @@ jobs: - uses: actions/checkout@v3 - name: Setup git user run: | - git config --global user.email "ops+npm-cli@npmjs.com" - git config --global user.name "npm cli ops bot" + git config --global user.email "npm team" + git config --global user.name "ops+robot@npmjs.com" - uses: actions/setup-node@v3 with: node-version: 16.x diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index c04f4181..287a8696 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -22,8 +22,8 @@ jobs: - uses: actions/checkout@v3 - name: Setup git user run: | - git config --global user.email "ops+npm-cli@npmjs.com" - git config --global user.name "npm cli ops bot" + git config --global user.email "npm team" + git config --global user.name "ops+robot@npmjs.com" - uses: actions/setup-node@v3 with: node-version: 16.x @@ -59,8 +59,8 @@ jobs: - uses: actions/checkout@v3 - name: Setup git user run: | - git config --global user.email "ops+npm-cli@npmjs.com" - git config --global user.name "npm cli ops bot" + git config --global user.email "npm team" + git config --global user.name "ops+robot@npmjs.com" - uses: actions/setup-node@v3 with: node-version: ${{ matrix.node-version }} diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 56cd7b9c..0067fc1b 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -34,8 +34,8 @@ jobs: - uses: actions/checkout@v3 - name: Setup git user run: | - git config --global user.email "ops+npm-cli@npmjs.com" - git config --global user.name "npm cli ops bot" + git config --global user.email "npm team" + git config --global user.name "ops+robot@npmjs.com" - name: Initialize CodeQL uses: github/codeql-action/init@v1 with: diff --git a/.github/workflows/post-dependabot.yml b/.github/workflows/post-dependabot.yml index 0372a7a9..4dd83131 100644 --- a/.github/workflows/post-dependabot.yml +++ b/.github/workflows/post-dependabot.yml @@ -16,8 +16,8 @@ jobs: - uses: actions/checkout@v3 - name: Setup git user run: | - git config --global user.email "ops+npm-cli@npmjs.com" - git config --global user.name "npm cli ops bot" + git config --global user.email "npm team" + git config --global user.name "ops+robot@npmjs.com" - uses: actions/setup-node@v3 with: node-version: 16.x diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml index 93a5c3c9..bf86a7da 100644 --- a/.github/workflows/pull-request.yml +++ b/.github/workflows/pull-request.yml @@ -20,8 +20,8 @@ jobs: fetch-depth: 0 - name: Setup git user run: | - git config --global user.email "ops+npm-cli@npmjs.com" - git config --global user.name "npm cli ops bot" + git config --global user.email "npm team" + git config --global user.name "ops+robot@npmjs.com" - uses: actions/setup-node@v3 with: node-version: 16.x diff --git a/lib/content/setup-git.yml b/lib/content/setup-git.yml index 4ecd4697..8c148e97 100644 --- a/lib/content/setup-git.yml +++ b/lib/content/setup-git.yml @@ -7,5 +7,5 @@ {{/if}} - name: Setup git user run: | - git config --global user.email "ops+npm-cli@npmjs.com" - git config --global user.name "npm cli ops bot" + git config --global user.email "npm team" + git config --global user.name "ops+robot@npmjs.com" diff --git a/tap-snapshots/test/apply/full-content.js.test.cjs b/tap-snapshots/test/apply/full-content.js.test.cjs index 97ff50bc..5eb207e2 100644 --- a/tap-snapshots/test/apply/full-content.js.test.cjs +++ b/tap-snapshots/test/apply/full-content.js.test.cjs @@ -145,8 +145,8 @@ jobs: - uses: actions/checkout@v3 - name: Setup git user run: | - git config --global user.email "ops+npm-cli@npmjs.com" - git config --global user.name "npm cli ops bot" + git config --global user.email "npm team" + git config --global user.name "ops+robot@npmjs.com" - uses: actions/setup-node@v3 with: node-version: 16.x @@ -182,8 +182,8 @@ jobs: - uses: actions/checkout@v3 - name: Setup git user run: | - git config --global user.email "ops+npm-cli@npmjs.com" - git config --global user.name "npm cli ops bot" + git config --global user.email "npm team" + git config --global user.name "ops+robot@npmjs.com" - uses: actions/setup-node@v3 with: node-version: 16.x @@ -219,8 +219,8 @@ jobs: - uses: actions/checkout@v3 - name: Setup git user run: | - git config --global user.email "ops+npm-cli@npmjs.com" - git config --global user.name "npm cli ops bot" + git config --global user.email "npm team" + git config --global user.name "ops+robot@npmjs.com" - uses: actions/setup-node@v3 with: node-version: \${{ matrix.node-version }} @@ -283,8 +283,8 @@ jobs: - uses: actions/checkout@v3 - name: Setup git user run: | - git config --global user.email "ops+npm-cli@npmjs.com" - git config --global user.name "npm cli ops bot" + git config --global user.email "npm team" + git config --global user.name "ops+robot@npmjs.com" - name: Initialize CodeQL uses: github/codeql-action/init@v1 with: @@ -312,8 +312,8 @@ jobs: - uses: actions/checkout@v3 - name: Setup git user run: | - git config --global user.email "ops+npm-cli@npmjs.com" - git config --global user.name "npm cli ops bot" + git config --global user.email "npm team" + git config --global user.name "ops+robot@npmjs.com" - uses: actions/setup-node@v3 with: node-version: 16.x @@ -362,8 +362,8 @@ jobs: fetch-depth: 0 - name: Setup git user run: | - git config --global user.email "ops+npm-cli@npmjs.com" - git config --global user.name "npm cli ops bot" + git config --global user.email "npm team" + git config --global user.name "ops+robot@npmjs.com" - uses: actions/setup-node@v3 with: node-version: 16.x @@ -623,8 +623,8 @@ jobs: - uses: actions/checkout@v3 - name: Setup git user run: | - git config --global user.email "ops+npm-cli@npmjs.com" - git config --global user.name "npm cli ops bot" + git config --global user.email "npm team" + git config --global user.name "ops+robot@npmjs.com" - uses: actions/setup-node@v3 with: node-version: 16.x @@ -664,8 +664,8 @@ jobs: - uses: actions/checkout@v3 - name: Setup git user run: | - git config --global user.email "ops+npm-cli@npmjs.com" - git config --global user.name "npm cli ops bot" + git config --global user.email "npm team" + git config --global user.name "ops+robot@npmjs.com" - uses: actions/setup-node@v3 with: node-version: 16.x @@ -701,8 +701,8 @@ jobs: - uses: actions/checkout@v3 - name: Setup git user run: | - git config --global user.email "ops+npm-cli@npmjs.com" - git config --global user.name "npm cli ops bot" + git config --global user.email "npm team" + git config --global user.name "ops+robot@npmjs.com" - uses: actions/setup-node@v3 with: node-version: \${{ matrix.node-version }} @@ -757,8 +757,8 @@ jobs: - uses: actions/checkout@v3 - name: Setup git user run: | - git config --global user.email "ops+npm-cli@npmjs.com" - git config --global user.name "npm cli ops bot" + git config --global user.email "npm team" + git config --global user.name "ops+robot@npmjs.com" - uses: actions/setup-node@v3 with: node-version: 16.x @@ -794,8 +794,8 @@ jobs: - uses: actions/checkout@v3 - name: Setup git user run: | - git config --global user.email "ops+npm-cli@npmjs.com" - git config --global user.name "npm cli ops bot" + git config --global user.email "npm team" + git config --global user.name "ops+robot@npmjs.com" - uses: actions/setup-node@v3 with: node-version: \${{ matrix.node-version }} @@ -846,8 +846,8 @@ jobs: - uses: actions/checkout@v3 - name: Setup git user run: | - git config --global user.email "ops+npm-cli@npmjs.com" - git config --global user.name "npm cli ops bot" + git config --global user.email "npm team" + git config --global user.name "ops+robot@npmjs.com" - uses: actions/setup-node@v3 with: node-version: 16.x @@ -883,8 +883,8 @@ jobs: - uses: actions/checkout@v3 - name: Setup git user run: | - git config --global user.email "ops+npm-cli@npmjs.com" - git config --global user.name "npm cli ops bot" + git config --global user.email "npm team" + git config --global user.name "ops+robot@npmjs.com" - uses: actions/setup-node@v3 with: node-version: \${{ matrix.node-version }} @@ -947,8 +947,8 @@ jobs: - uses: actions/checkout@v3 - name: Setup git user run: | - git config --global user.email "ops+npm-cli@npmjs.com" - git config --global user.name "npm cli ops bot" + git config --global user.email "npm team" + git config --global user.name "ops+robot@npmjs.com" - name: Initialize CodeQL uses: github/codeql-action/init@v1 with: @@ -976,8 +976,8 @@ jobs: - uses: actions/checkout@v3 - name: Setup git user run: | - git config --global user.email "ops+npm-cli@npmjs.com" - git config --global user.name "npm cli ops bot" + git config --global user.email "npm team" + git config --global user.name "ops+robot@npmjs.com" - uses: actions/setup-node@v3 with: node-version: 16.x @@ -1026,8 +1026,8 @@ jobs: fetch-depth: 0 - name: Setup git user run: | - git config --global user.email "ops+npm-cli@npmjs.com" - git config --global user.name "npm cli ops bot" + git config --global user.email "npm team" + git config --global user.name "ops+robot@npmjs.com" - uses: actions/setup-node@v3 with: node-version: 16.x @@ -1085,8 +1085,8 @@ jobs: - uses: actions/checkout@v3 - name: Setup git user run: | - git config --global user.email "ops+npm-cli@npmjs.com" - git config --global user.name "npm cli ops bot" + git config --global user.email "npm team" + git config --global user.name "ops+robot@npmjs.com" - uses: actions/setup-node@v3 with: node-version: 16.x @@ -1148,8 +1148,8 @@ jobs: - uses: actions/checkout@v3 - name: Setup git user run: | - git config --global user.email "ops+npm-cli@npmjs.com" - git config --global user.name "npm cli ops bot" + git config --global user.email "npm team" + git config --global user.name "ops+robot@npmjs.com" - uses: actions/setup-node@v3 with: node-version: 16.x diff --git a/tap-snapshots/test/check/diffs.js.test.cjs b/tap-snapshots/test/check/diffs.js.test.cjs index 83abafbc..d834a2d8 100644 --- a/tap-snapshots/test/check/diffs.js.test.cjs +++ b/tap-snapshots/test/check/diffs.js.test.cjs @@ -311,7 +311,7 @@ The repo file ci.yml needs to be updated: .github/workflows/ci.yml ======================================== @@ -63,4 +63,24 @@ - git config --global user.name "npm cli ops bot" + git config --global user.name "ops+robot@npmjs.com" - uses: actions/setup-node@v3 with: node-version: \${{ matrix.node-version }} @@ -365,8 +365,8 @@ The repo file audit.yml needs to be updated: - uses: actions/checkout@v3 - name: Setup git user run: | - git config --global user.email "ops+npm-cli@npmjs.com" - git config --global user.name "npm cli ops bot" + git config --global user.email "npm team" + git config --global user.name "ops+robot@npmjs.com" - uses: actions/setup-node@v3 with: node-version: 16.x From c808c4ffd8ed7d1c198736a815df15e9a68ebb9c Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Fri, 15 Apr 2022 11:56:27 -0700 Subject: [PATCH 24/29] fix: lockfile setting adds lockfile to allowed gitignore --- lib/content/gitignore | 3 +++ test/apply/lockfile.js | 28 ++++++++++++++++++++++++++++ 2 files changed, 31 insertions(+) create mode 100644 test/apply/lockfile.js diff --git a/lib/content/gitignore b/lib/content/gitignore index f1cbf0fe..39fbb90d 100644 --- a/lib/content/gitignore +++ b/lib/content/gitignore @@ -12,6 +12,9 @@ !/README* !/LICENSE* !/CHANGELOG* +{{#if lockfile}} +package-lock.json +{{/if}} {{#each ignorePaths}} {{.}} {{/each}} diff --git a/test/apply/lockfile.js b/test/apply/lockfile.js new file mode 100644 index 00000000..3ffeba99 --- /dev/null +++ b/test/apply/lockfile.js @@ -0,0 +1,28 @@ +const t = require('tap') +const setup = require('../setup.js') + +t.test('lockfile', async (t) => { + const s = await setup(t, { + package: { + templateOSS: { + lockfile: true, + }, + }, + }) + await s.apply() + const gitignore = await s.readFile('.gitignore') + t.ok(gitignore.includes('package-lock.json')) + + const npmrc = await s.readFile('.npmrc') + t.ok(npmrc.includes('package-lock=true')) +}) + +t.test('no lockfile by default', async (t) => { + const s = await setup(t) + await s.apply() + const gitignore = await s.readFile('.gitignore') + t.ok(!gitignore.includes('package-lock.json')) + + const npmrc = await s.readFile('.npmrc') + t.ok(npmrc.includes('package-lock=false')) +}) From 2f7dcfa8c8f00677ad24ad15dd059556f1dfa1e8 Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Fri, 15 Apr 2022 11:44:11 -0700 Subject: [PATCH 25/29] fix: dont create release please for private root pkg --- lib/content/index.js | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/lib/content/index.js b/lib/content/index.js index dcd26b4f..5977dff1 100644 --- a/lib/content/index.js +++ b/lib/content/index.js @@ -13,7 +13,10 @@ const rootRepo = { '.github/workflows/codeql-analysis.yml': 'codeql-analysis.yml', '.github/workflows/post-dependabot.yml': 'post-dependabot.yml', '.github/workflows/pull-request.yml': 'pull-request.yml', - '.github/workflows/release-please.yml': 'release-please.yml', + '.github/workflows/release-please.yml': { + file: 'release-please.yml', + filter: (o) => !o.pkg.private, + }, }, } From 32f7f7c3df80b40a7536182e72b883d77ba46e64 Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Wed, 13 Apr 2022 20:41:43 -0700 Subject: [PATCH 26/29] feat: allow option to set npm bin in package.json --- lib/config.js | 20 ++++++-- lib/content/index.js | 1 + lib/content/pkg.json | 8 ++-- test/apply/npm-bin.js | 104 ++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 126 insertions(+), 7 deletions(-) create mode 100644 test/apply/npm-bin.js diff --git a/lib/config.js b/lib/config.js index 338c7949..2c18e604 100644 --- a/lib/config.js +++ b/lib/config.js @@ -1,4 +1,4 @@ -const { relative, dirname, posix, win32 } = require('path') +const { relative, dirname, join, posix, win32 } = require('path') const log = require('proc-log') const { uniq, defaults } = require('lodash') const parseCIVersions = require('./util/parse-ci-versions.js') @@ -50,13 +50,14 @@ const getConfig = async ({ workspaceRepo, workspaceModule, version, - ...pkgContent + ...pkgConfig // this includes config merged in from root }, }) => { const isRoot = root === path const isLatest = version === LATEST_VERSION const isDogFood = pkg.name === NAME const isForce = process.argv.includes('--force') + const rawPkgConfig = getPkgConfig(pkg) // this is written to ci yml files so it needs to always use posix const pkgRelPath = makePosix(relative(root, path)) @@ -128,12 +129,25 @@ const getConfig = async ({ // merge the rest of base and pkg content to make the // full content object - const content = { ...baseContent, ...pkgContent } + const content = { ...baseContent, ...pkgConfig } // set some defaults on content that can be overwritten unlike // derived values which are calculated from other config const contentDefaults = {} + if (content.npmBin && content.npmBin !== baseContent.npmBin) { + // make it relative to each workspace if they did not set the config themselves + if (!rawPkgConfig.npmBin) { + content.npmBin = makePosix(join(relative(path, root), content.npmBin)) + } + // a bit of a hack but allow custom node paths or no node path at all + // checks if the first thing has node somewhere in it and if it doesnt + // puts a system node in front of the script + const execPaths = content.npmBin.split(' ')[0].split(posix.sep) + if (execPaths.every(p => p !== 'node')) { + content.npmBin = `node ${content.npmBin}` + } + } if (Array.isArray(content.ciVersions)) { const parsed = parseCIVersions(content.ciVersions) contentDefaults.engines = parsed.engines diff --git a/lib/content/index.js b/lib/content/index.js index 5977dff1..e76fac65 100644 --- a/lib/content/index.js +++ b/lib/content/index.js @@ -73,6 +73,7 @@ module.exports = { distPaths: ['bin/', 'lib/'], ciVersions: ['12.13.0', '12.x', '14.15.0', '14.x', '16.0.0', '16.x'], lockfile: false, + npmBin: 'npm', unwantedPackages: [ 'eslint', 'eslint-plugin-node', diff --git a/lib/content/pkg.json b/lib/content/pkg.json index 06ac6e8f..ce0d9571 100644 --- a/lib/content/pkg.json +++ b/lib/content/pkg.json @@ -5,17 +5,17 @@ "lint": "eslint \"**/*.js\"", "postlint": "template-oss-check", "template-oss-apply": "template-oss-apply --force", - "lintfix": "npm run lint -- --fix", - "preversion": "npm test", + "lintfix": "{{npmBin}} run lint -- --fix", + "preversion": "{{npmBin}} test", {{#if pkgPrivate}} "postversion": "git push origin --follow-tags", {{else}} - "postversion": "npm publish", + "postversion": "{{npmBin}} publish", "prepublishOnly": "git push origin --follow-tags", {{/if}} "snap": "tap", "test": "tap", - "posttest": "npm run lint", + "posttest": "{{npmBin}} run lint", "template-copy": {{{del}}}, "lint:fix": {{{del}}} }, diff --git a/test/apply/npm-bin.js b/test/apply/npm-bin.js new file mode 100644 index 00000000..33854cb3 --- /dev/null +++ b/test/apply/npm-bin.js @@ -0,0 +1,104 @@ +const t = require('tap') +const { join } = require('path') +const setup = require('../setup.js') + +t.test('custom node', async (t) => { + const s = await setup(t, { + ok: true, + package: { + templateOSS: { + npmBin: 'node /path/to/npm', + }, + }, + }) + await s.apply() + const { scripts } = await s.readJson('package.json') + t.equal(scripts.posttest, 'node /path/to/npm run lint') +}) + +t.test('custom node', async (t) => { + const s = await setup(t, { + ok: true, + package: { + templateOSS: { + npmBin: 'node /path/to/npm', + }, + }, + }) + await s.apply() + const { scripts } = await s.readJson('package.json') + t.equal(scripts.posttest, 'node /path/to/npm run lint') +}) + +t.test('relative npm bin with workspaces', async (t) => { + const s = await setup(t, { + ok: true, + package: { + templateOSS: { + npmBin: 'cli.js', + }, + }, + workspaces: { a: '@name/aaaa', b: 'bbb' }, + }) + await s.apply() + const { scripts } = await s.readJson('package.json') + const { scripts: scriptsA } = await s.readJson(join(s.workspaces.a, 'package.json')) + const { scripts: scriptsB } = await s.readJson(join(s.workspaces.b, 'package.json')) + t.equal(scripts.posttest, 'node cli.js run lint') + t.equal(scriptsA.posttest, 'node ../../cli.js run lint') + t.equal(scriptsB.posttest, 'node ../../cli.js run lint') +}) + +t.test('npm bin workspaces only with root config', async (t) => { + const s = await setup(t, { + ok: true, + package: { + templateOSS: { + rootRepo: false, + rootModule: false, + npmBin: './cli.js', + }, + }, + workspaces: { a: '@name/aaaa', b: 'bbb' }, + }) + await s.apply() + const { scripts } = await s.readJson('package.json') + const { scripts: scriptsA } = await s.readJson(join(s.workspaces.a, 'package.json')) + const { scripts: scriptsB } = await s.readJson(join(s.workspaces.b, 'package.json')) + t.equal(scripts, undefined) + t.equal(scriptsA.posttest, 'node ../../cli.js run lint') + t.equal(scriptsB.posttest, 'node ../../cli.js run lint') +}) + +t.test('separate workspace configs', async (t) => { + const s = await setup(t, { + ok: true, + package: { + templateOSS: { + rootRepo: false, + rootModule: false, + }, + }, + workspaces: { + a: { + name: 'a', + templateOSS: { + npmBin: 'bin_a.js', + }, + }, + b: { + name: 'b', + templateOSS: { + npmBin: 'bin_b.js', + }, + }, + }, + }) + await s.apply() + const { scripts } = await s.readJson('package.json') + const { scripts: scriptsA } = await s.readJson(join(s.workspaces.a, 'package.json')) + const { scripts: scriptsB } = await s.readJson(join(s.workspaces.b, 'package.json')) + t.equal(scripts, undefined) + t.equal(scriptsA.posttest, 'node bin_a.js run lint') + t.equal(scriptsB.posttest, 'node bin_b.js run lint') +}) From 996e0c5029fe8d519daee29b3241033400debac2 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 15 Apr 2022 22:10:00 +0000 Subject: [PATCH 27/29] chore(main): release 3.4.0 --- CHANGELOG.md | 14 ++++++++++++++ package.json | 2 +- 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index d662b55f..6e478e07 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,19 @@ # Changelog +## [3.4.0](https://github.com/npm/template-oss/compare/v3.3.2...v3.4.0) (2022-04-15) + + +### Features + +* allow option to set npm bin in package.json ([32f7f7c](https://github.com/npm/template-oss/commit/32f7f7c3df80b40a7536182e72b883d77ba46e64)) + + +### Bug Fixes + +* dont create release please for private root pkg ([2f7dcfa](https://github.com/npm/template-oss/commit/2f7dcfa8c8f00677ad24ad15dd059556f1dfa1e8)) +* lockfile setting adds lockfile to allowed gitignore ([c808c4f](https://github.com/npm/template-oss/commit/c808c4ffd8ed7d1c198736a815df15e9a68ebb9c)) +* use ops+robot as git user for all ci ([aeb0162](https://github.com/npm/template-oss/commit/aeb0162f68358f5783f63868a0c7c79d327f87fe)) + ### [3.3.2](https://github.com/npm/template-oss/compare/v3.3.1...v3.3.2) (2022-04-06) diff --git a/package.json b/package.json index 09e42b0f..6a338bfc 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@npmcli/template-oss", - "version": "3.3.2", + "version": "3.4.0", "description": "templated files used in npm CLI team oss projects", "main": "lib/content/index.js", "bin": { From c613429d2b46d94561aa20a8d39ca969a30f4391 Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Fri, 15 Apr 2022 15:33:21 -0700 Subject: [PATCH 28/29] fix: properly allow package-lock when lockfile=true --- lib/content/gitignore | 6 +- tap-snapshots/test/apply/lockfile.js.test.cjs | 79 +++++++++++++++++++ .../test/check/gitignore.js.test.cjs | 1 + test/apply/lockfile.js | 10 +++ test/check/gitignore.js | 18 +++++ 5 files changed, 111 insertions(+), 3 deletions(-) create mode 100644 tap-snapshots/test/apply/lockfile.js.test.cjs diff --git a/lib/content/gitignore b/lib/content/gitignore index 39fbb90d..01684a6e 100644 --- a/lib/content/gitignore +++ b/lib/content/gitignore @@ -12,9 +12,9 @@ !/README* !/LICENSE* !/CHANGELOG* -{{#if lockfile}} -package-lock.json -{{/if}} {{#each ignorePaths}} {{.}} {{/each}} +{{#if lockfile}} +!/package-lock.json +{{/if}} diff --git a/tap-snapshots/test/apply/lockfile.js.test.cjs b/tap-snapshots/test/apply/lockfile.js.test.cjs new file mode 100644 index 00000000..d9316652 --- /dev/null +++ b/tap-snapshots/test/apply/lockfile.js.test.cjs @@ -0,0 +1,79 @@ +/* IMPORTANT + * This snapshot file is auto-generated, but designed for humans. + * It should be checked into source control and tracked carefully. + * Re-generate by setting TAP_SNAPSHOT=1 and running tests. + * Make sure to inspect the output below. Do not ignore changes! + */ +'use strict' +exports[`test/apply/lockfile.js TAP lockfile > expect resolving Promise 1`] = ` +.gitignore +======================================== +# This file is automatically added by @npmcli/template-oss. Do not edit. + +# ignore everything in the root +/* + +# keep these +!/.eslintrc.local.* +!**/.gitignore +!/docs/ +!/tap-snapshots/ +!/test/ +!/map.js +!/scripts/ +!/README* +!/LICENSE* +!/CHANGELOG* +!/.commitlintrc.js +!/.eslintrc.js +!/.github/ +!/.gitignore +!/.npmrc +!/SECURITY.md +!/bin/ +!/lib/ +!/package.json +!/package-lock.json + +.npmrc +======================================== +; This file is automatically added by @npmcli/template-oss. Do not edit. + +package-lock=true +` + +exports[`test/apply/lockfile.js TAP no lockfile by default > expect resolving Promise 1`] = ` +.gitignore +======================================== +# This file is automatically added by @npmcli/template-oss. Do not edit. + +# ignore everything in the root +/* + +# keep these +!/.eslintrc.local.* +!**/.gitignore +!/docs/ +!/tap-snapshots/ +!/test/ +!/map.js +!/scripts/ +!/README* +!/LICENSE* +!/CHANGELOG* +!/.commitlintrc.js +!/.eslintrc.js +!/.github/ +!/.gitignore +!/.npmrc +!/SECURITY.md +!/bin/ +!/lib/ +!/package.json + +.npmrc +======================================== +; This file is automatically added by @npmcli/template-oss. Do not edit. + +package-lock=false +` diff --git a/tap-snapshots/test/check/gitignore.js.test.cjs b/tap-snapshots/test/check/gitignore.js.test.cjs index 89e415f5..4cbbbf2c 100644 --- a/tap-snapshots/test/check/gitignore.js.test.cjs +++ b/tap-snapshots/test/check/gitignore.js.test.cjs @@ -13,6 +13,7 @@ Some problems were detected: The following files are tracked by git but matching a pattern in .gitignore: ignorethis + package-lock.json To correct it: move files to not match one of the following patterns: diff --git a/test/apply/lockfile.js b/test/apply/lockfile.js index 3ffeba99..53cb800c 100644 --- a/test/apply/lockfile.js +++ b/test/apply/lockfile.js @@ -1,6 +1,12 @@ const t = require('tap') const setup = require('../setup.js') +t.cleanSnapshot = setup.clean +t.formatSnapshot = (obj) => setup.format.readdirSource({ + '.gitignore': obj['.gitignore'], + '.npmrc': obj['.npmrc'], +}) + t.test('lockfile', async (t) => { const s = await setup(t, { package: { @@ -15,6 +21,8 @@ t.test('lockfile', async (t) => { const npmrc = await s.readFile('.npmrc') t.ok(npmrc.includes('package-lock=true')) + + await t.resolveMatchSnapshot(s.readdirSource()) }) t.test('no lockfile by default', async (t) => { @@ -25,4 +33,6 @@ t.test('no lockfile by default', async (t) => { const npmrc = await s.readFile('.npmrc') t.ok(npmrc.includes('package-lock=false')) + + await t.resolveMatchSnapshot(s.readdirSource()) }) diff --git a/test/check/gitignore.js b/test/check/gitignore.js index bd5f249d..113be47a 100644 --- a/test/check/gitignore.js +++ b/test/check/gitignore.js @@ -9,6 +9,7 @@ t.test('will report tracked files in gitignore', async (t) => { const s = await setup.git(t, { ok: true }) await s.writeFile('ignorethis', 'empty') + await s.writeFile('package-lock.json', '{}') await s.gca() await s.apply() @@ -63,3 +64,20 @@ t.test('works with workspaces in separate dirs', async (t) => { await s.apply() await t.resolveMatchSnapshot(s.check()) }) + +t.test('allow package-lock', async (t) => { + const s = await setup.git(t, { + ok: true, + package: { + templateOSS: { + lockfile: true, + }, + }, + }) + + await s.writeFile('package-lock.json', '{}') + + await s.gca() + await s.apply() + t.strictSame(await s.check(), []) +}) From 124406e9cad0e54b053e95ea15f260dabb85be10 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 15 Apr 2022 22:33:52 +0000 Subject: [PATCH 29/29] chore(main): release 3.4.1 --- CHANGELOG.md | 7 +++++++ package.json | 2 +- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 6e478e07..a6d7c65e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,12 @@ # Changelog +### [3.4.1](https://github.com/npm/template-oss/compare/v3.4.0...v3.4.1) (2022-04-15) + + +### Bug Fixes + +* properly allow package-lock when lockfile=true ([c613429](https://github.com/npm/template-oss/commit/c613429d2b46d94561aa20a8d39ca969a30f4391)) + ## [3.4.0](https://github.com/npm/template-oss/compare/v3.3.2...v3.4.0) (2022-04-15) diff --git a/package.json b/package.json index 6a338bfc..99dab9ba 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@npmcli/template-oss", - "version": "3.4.0", + "version": "3.4.1", "description": "templated files used in npm CLI team oss projects", "main": "lib/content/index.js", "bin": {