From b914a3d0d26ca27d2685053d7d390af4e02eedd9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 19 Jul 2023 06:21:46 +0000 Subject: [PATCH 01/32] chore: bump @npmcli/template-oss from 4.17.0 to 4.18.0 Bumps [@npmcli/template-oss](https://github.com/npm/template-oss) from 4.17.0 to 4.18.0. - [Release notes](https://github.com/npm/template-oss/releases) - [Changelog](https://github.com/npm/template-oss/blob/main/CHANGELOG.md) - [Commits](https://github.com/npm/template-oss/compare/v4.17.0...v4.18.0) --- updated-dependencies: - dependency-name: @npmcli/template-oss dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index c145eca2..3492cffd 100644 --- a/package.json +++ b/package.json @@ -14,7 +14,7 @@ }, "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.17.0", + "@npmcli/template-oss": "4.18.0", "tap": "^16.0.0" }, "license": "ISC", From cce61804ba6f997225a1267135c06676fe0524d2 Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Wed, 19 Jul 2023 08:10:37 -0700 Subject: [PATCH 02/32] chore: postinstall for dependabot template-oss PR --- .github/dependabot.yml | 33 +++++++++++++++++++++++++++ .github/settings.yml | 7 ++++-- .github/workflows/ci.yml | 1 - .github/workflows/codeql-analysis.yml | 2 -- .github/workflows/pull-request.yml | 2 +- .github/workflows/release.yml | 1 - package.json | 2 +- 7 files changed, 40 insertions(+), 8 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 8da2a452..72a05a86 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -7,6 +7,7 @@ updates: directory: / schedule: interval: daily + target-branch: "main" allow: - dependency-type: direct versioning-strategy: increase-if-necessary @@ -15,3 +16,35 @@ updates: prefix-development: chore labels: - "Dependencies" + - package-ecosystem: npm + directory: / + schedule: + interval: daily + target-branch: "release/v5" + allow: + - dependency-type: direct + dependency-name: "@npmcli/template-oss" + versioning-strategy: increase-if-necessary + commit-message: + prefix: deps + prefix-development: chore + labels: + - "Dependencies" + - "Backport" + - "release/v5" + - package-ecosystem: npm + directory: / + schedule: + interval: daily + target-branch: "release/v6" + allow: + - dependency-type: direct + dependency-name: "@npmcli/template-oss" + versioning-strategy: increase-if-necessary + commit-message: + prefix: deps + prefix-development: chore + labels: + - "Dependencies" + - "Backport" + - "release/v6" diff --git a/.github/settings.yml b/.github/settings.yml index adbef7e6..206b6eeb 100644 --- a/.github/settings.yml +++ b/.github/settings.yml @@ -15,6 +15,7 @@ branches: protection: required_status_checks: null enforce_admins: true + block_creations: true required_pull_request_reviews: required_approving_review_count: 1 require_code_owner_reviews: true @@ -24,10 +25,11 @@ branches: apps: [] users: [] teams: [ "cli-team" ] - - name: latest + - name: release/v5 protection: required_status_checks: null enforce_admins: true + block_creations: true required_pull_request_reviews: required_approving_review_count: 1 require_code_owner_reviews: true @@ -37,10 +39,11 @@ branches: apps: [] users: [] teams: [ "cli-team" ] - - name: release/v* + - name: release/v6 protection: required_status_checks: null enforce_admins: true + block_creations: true required_pull_request_reviews: required_approving_review_count: 1 require_code_owner_reviews: true diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index bb473086..225cf35e 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -8,7 +8,6 @@ on: push: branches: - main - - latest - release/v* schedule: # "At 09:00 UTC (02:00 PT) on Monday" https://crontab.guru/#0_9_*_*_1 diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 21244879..9fb3f79a 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -6,12 +6,10 @@ on: push: branches: - main - - latest - release/v* pull_request: branches: - main - - latest - release/v* schedule: # "At 10:00 UTC (03:00 PT) on Monday" https://crontab.guru/#0_10_*_*_1 diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml index da5779df..9c671a38 100644 --- a/.github/workflows/pull-request.yml +++ b/.github/workflows/pull-request.yml @@ -47,4 +47,4 @@ jobs: env: PR_TITLE: ${{ github.event.pull_request.title }} run: | - echo '$PR_TITLE' | npx --offline commitlint -V + echo "$PR_TITLE" | npx --offline commitlint -V diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index b086b0a5..c0624c04 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -11,7 +11,6 @@ on: push: branches: - main - - latest - release/v* permissions: diff --git a/package.json b/package.json index 3492cffd..a932fce8 100644 --- a/package.json +++ b/package.json @@ -53,7 +53,7 @@ "author": "GitHub Inc.", "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.17.0", + "version": "4.18.0", "engines": ">=10", "ciVersions": [ "10.0.0", From 737d5e1cf10e631bab8a28594aa2d5c9d4090814 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 13 Sep 2023 06:20:31 +0000 Subject: [PATCH 03/32] chore: bump @npmcli/template-oss from 4.18.0 to 4.18.1 Bumps [@npmcli/template-oss](https://github.com/npm/template-oss) from 4.18.0 to 4.18.1. - [Release notes](https://github.com/npm/template-oss/releases) - [Changelog](https://github.com/npm/template-oss/blob/main/CHANGELOG.md) - [Commits](https://github.com/npm/template-oss/compare/v4.18.0...v4.18.1) --- updated-dependencies: - dependency-name: @npmcli/template-oss dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index a932fce8..47bd27b0 100644 --- a/package.json +++ b/package.json @@ -14,7 +14,7 @@ }, "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.18.0", + "@npmcli/template-oss": "4.18.1", "tap": "^16.0.0" }, "license": "ISC", From 123e0b03287e1af295ef82d55f55c16805596f35 Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Wed, 13 Sep 2023 07:46:06 -0700 Subject: [PATCH 04/32] chore: postinstall for dependabot template-oss PR --- .github/workflows/audit.yml | 48 +++++++++++++- .github/workflows/ci-release.yml | 94 +++++++++++++++++++++++--- .github/workflows/ci.yml | 94 +++++++++++++++++++++++--- .github/workflows/post-dependabot.yml | 48 +++++++++++++- .github/workflows/pull-request.yml | 48 +++++++++++++- .github/workflows/release.yml | 96 +++++++++++++++++++++++++-- package.json | 2 +- 7 files changed, 399 insertions(+), 31 deletions(-) diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index 8b8f3748..2555c287 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -25,10 +25,54 @@ jobs: git config --global user.name "npm CLI robot" - name: Setup Node uses: actions/setup-node@v3 + id: node with: node-version: 18.x - - name: Install npm@8 - run: npm i --prefer-online --no-fund --no-audit -g npm@8 + check-latest: contains('18.x', '.x') + + # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows + - name: Update Windows npm + if: | + matrix.platform.os == 'windows-latest' && ( + startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') + ) + run: | + curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz + tar xf npm-7.5.4.tgz + cd package + node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz + cd .. + rmdir /s /q package + + # Start on Node 10 because we dont test on anything lower + - name: Install npm@7 on Node 10 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v10.') + id: npm-7 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@7 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@8 on Node 12 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v12.') + id: npm-8 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@8 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@9 on Node 14/16/18.0 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') + id: npm-9 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@9 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@latest on Node + if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} + run: npm i --prefer-online --no-fund --no-audit -g npm@latest + - name: npm Version run: npm -v - name: Install Dependencies diff --git a/.github/workflows/ci-release.yml b/.github/workflows/ci-release.yml index 98b70866..30681367 100644 --- a/.github/workflows/ci-release.yml +++ b/.github/workflows/ci-release.yml @@ -80,10 +80,54 @@ jobs: git config --global user.name "npm CLI robot" - name: Setup Node uses: actions/setup-node@v3 + id: node with: node-version: 18.x - - name: Install npm@8 - run: npm i --prefer-online --no-fund --no-audit -g npm@8 + check-latest: contains('18.x', '.x') + + # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows + - name: Update Windows npm + if: | + matrix.platform.os == 'windows-latest' && ( + startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') + ) + run: | + curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz + tar xf npm-7.5.4.tgz + cd package + node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz + cd .. + rmdir /s /q package + + # Start on Node 10 because we dont test on anything lower + - name: Install npm@7 on Node 10 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v10.') + id: npm-7 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@7 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@8 on Node 12 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v12.') + id: npm-8 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@8 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@9 on Node 14/16/18.0 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') + id: npm-9 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@9 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@latest on Node + if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} + run: npm i --prefer-online --no-fund --no-audit -g npm@latest + - name: npm Version run: npm -v - name: Install Dependencies @@ -181,11 +225,17 @@ jobs: git config --global user.name "npm CLI robot" - name: Setup Node uses: actions/setup-node@v3 + id: node with: node-version: ${{ matrix.node-version }} + check-latest: contains(matrix.node-version, '.x') + + # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows - name: Update Windows npm - # node 12 and 14 ship with npm@6, which is known to fail when updating itself in windows - if: matrix.platform.os == 'windows-latest' && (startsWith(matrix.node-version, '12.') || startsWith(matrix.node-version, '14.')) + if: | + matrix.platform.os == 'windows-latest' && ( + startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') + ) run: | curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz tar xf npm-7.5.4.tgz @@ -193,12 +243,36 @@ jobs: node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz cd .. rmdir /s /q package - - name: Install npm@7 - if: startsWith(matrix.node-version, '10.') - run: npm i --prefer-online --no-fund --no-audit -g npm@7 - - name: Install npm@8 - if: ${{ !startsWith(matrix.node-version, '10.') }} - run: npm i --prefer-online --no-fund --no-audit -g npm@8 + + # Start on Node 10 because we dont test on anything lower + - name: Install npm@7 on Node 10 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v10.') + id: npm-7 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@7 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@8 on Node 12 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v12.') + id: npm-8 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@8 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@9 on Node 14/16/18.0 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') + id: npm-9 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@9 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@latest on Node + if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} + run: npm i --prefer-online --no-fund --no-audit -g npm@latest + - name: npm Version run: npm -v - name: Install Dependencies diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 225cf35e..24cf54f2 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -30,10 +30,54 @@ jobs: git config --global user.name "npm CLI robot" - name: Setup Node uses: actions/setup-node@v3 + id: node with: node-version: 18.x - - name: Install npm@8 - run: npm i --prefer-online --no-fund --no-audit -g npm@8 + check-latest: contains('18.x', '.x') + + # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows + - name: Update Windows npm + if: | + matrix.platform.os == 'windows-latest' && ( + startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') + ) + run: | + curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz + tar xf npm-7.5.4.tgz + cd package + node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz + cd .. + rmdir /s /q package + + # Start on Node 10 because we dont test on anything lower + - name: Install npm@7 on Node 10 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v10.') + id: npm-7 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@7 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@8 on Node 12 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v12.') + id: npm-8 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@8 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@9 on Node 14/16/18.0 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') + id: npm-9 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@9 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@latest on Node + if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} + run: npm i --prefer-online --no-fund --no-audit -g npm@latest + - name: npm Version run: npm -v - name: Install Dependencies @@ -79,11 +123,17 @@ jobs: git config --global user.name "npm CLI robot" - name: Setup Node uses: actions/setup-node@v3 + id: node with: node-version: ${{ matrix.node-version }} + check-latest: contains(matrix.node-version, '.x') + + # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows - name: Update Windows npm - # node 12 and 14 ship with npm@6, which is known to fail when updating itself in windows - if: matrix.platform.os == 'windows-latest' && (startsWith(matrix.node-version, '12.') || startsWith(matrix.node-version, '14.')) + if: | + matrix.platform.os == 'windows-latest' && ( + startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') + ) run: | curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz tar xf npm-7.5.4.tgz @@ -91,12 +141,36 @@ jobs: node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz cd .. rmdir /s /q package - - name: Install npm@7 - if: startsWith(matrix.node-version, '10.') - run: npm i --prefer-online --no-fund --no-audit -g npm@7 - - name: Install npm@8 - if: ${{ !startsWith(matrix.node-version, '10.') }} - run: npm i --prefer-online --no-fund --no-audit -g npm@8 + + # Start on Node 10 because we dont test on anything lower + - name: Install npm@7 on Node 10 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v10.') + id: npm-7 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@7 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@8 on Node 12 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v12.') + id: npm-8 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@8 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@9 on Node 14/16/18.0 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') + id: npm-9 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@9 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@latest on Node + if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} + run: npm i --prefer-online --no-fund --no-audit -g npm@latest + - name: npm Version run: npm -v - name: Install Dependencies diff --git a/.github/workflows/post-dependabot.yml b/.github/workflows/post-dependabot.yml index 03c85681..c8898838 100644 --- a/.github/workflows/post-dependabot.yml +++ b/.github/workflows/post-dependabot.yml @@ -26,10 +26,54 @@ jobs: git config --global user.name "npm CLI robot" - name: Setup Node uses: actions/setup-node@v3 + id: node with: node-version: 18.x - - name: Install npm@8 - run: npm i --prefer-online --no-fund --no-audit -g npm@8 + check-latest: contains('18.x', '.x') + + # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows + - name: Update Windows npm + if: | + matrix.platform.os == 'windows-latest' && ( + startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') + ) + run: | + curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz + tar xf npm-7.5.4.tgz + cd package + node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz + cd .. + rmdir /s /q package + + # Start on Node 10 because we dont test on anything lower + - name: Install npm@7 on Node 10 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v10.') + id: npm-7 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@7 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@8 on Node 12 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v12.') + id: npm-8 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@8 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@9 on Node 14/16/18.0 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') + id: npm-9 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@9 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@latest on Node + if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} + run: npm i --prefer-online --no-fund --no-audit -g npm@latest + - name: npm Version run: npm -v - name: Install Dependencies diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml index 9c671a38..aac7cb6b 100644 --- a/.github/workflows/pull-request.yml +++ b/.github/workflows/pull-request.yml @@ -29,10 +29,54 @@ jobs: git config --global user.name "npm CLI robot" - name: Setup Node uses: actions/setup-node@v3 + id: node with: node-version: 18.x - - name: Install npm@8 - run: npm i --prefer-online --no-fund --no-audit -g npm@8 + check-latest: contains('18.x', '.x') + + # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows + - name: Update Windows npm + if: | + matrix.platform.os == 'windows-latest' && ( + startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') + ) + run: | + curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz + tar xf npm-7.5.4.tgz + cd package + node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz + cd .. + rmdir /s /q package + + # Start on Node 10 because we dont test on anything lower + - name: Install npm@7 on Node 10 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v10.') + id: npm-7 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@7 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@8 on Node 12 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v12.') + id: npm-8 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@8 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@9 on Node 14/16/18.0 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') + id: npm-9 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@9 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@latest on Node + if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} + run: npm i --prefer-online --no-fund --no-audit -g npm@latest + - name: npm Version run: npm -v - name: Install Dependencies diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index c0624c04..31bec5ca 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -43,10 +43,54 @@ jobs: git config --global user.name "npm CLI robot" - name: Setup Node uses: actions/setup-node@v3 + id: node with: node-version: 18.x - - name: Install npm@8 - run: npm i --prefer-online --no-fund --no-audit -g npm@8 + check-latest: contains('18.x', '.x') + + # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows + - name: Update Windows npm + if: | + matrix.platform.os == 'windows-latest' && ( + startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') + ) + run: | + curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz + tar xf npm-7.5.4.tgz + cd package + node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz + cd .. + rmdir /s /q package + + # Start on Node 10 because we dont test on anything lower + - name: Install npm@7 on Node 10 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v10.') + id: npm-7 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@7 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@8 on Node 12 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v12.') + id: npm-8 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@8 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@9 on Node 14/16/18.0 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') + id: npm-9 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@9 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@latest on Node + if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} + run: npm i --prefer-online --no-fund --no-audit -g npm@latest + - name: npm Version run: npm -v - name: Install Dependencies @@ -156,10 +200,54 @@ jobs: git config --global user.name "npm CLI robot" - name: Setup Node uses: actions/setup-node@v3 + id: node with: node-version: 18.x - - name: Install npm@8 - run: npm i --prefer-online --no-fund --no-audit -g npm@8 + check-latest: contains('18.x', '.x') + + # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows + - name: Update Windows npm + if: | + matrix.platform.os == 'windows-latest' && ( + startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') + ) + run: | + curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz + tar xf npm-7.5.4.tgz + cd package + node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz + cd .. + rmdir /s /q package + + # Start on Node 10 because we dont test on anything lower + - name: Install npm@7 on Node 10 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v10.') + id: npm-7 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@7 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@8 on Node 12 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v12.') + id: npm-8 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@8 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@9 on Node 14/16/18.0 + shell: bash + if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') + id: npm-9 + run: | + npm i --prefer-online --no-fund --no-audit -g npm@9 + echo "updated=true" >> "$GITHUB_OUTPUT" + + - name: Install npm@latest on Node + if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} + run: npm i --prefer-online --no-fund --no-audit -g npm@latest + - name: npm Version run: npm -v - name: Install Dependencies diff --git a/package.json b/package.json index 47bd27b0..6426aabf 100644 --- a/package.json +++ b/package.json @@ -53,7 +53,7 @@ "author": "GitHub Inc.", "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.18.0", + "version": "4.18.1", "engines": ">=10", "ciVersions": [ "10.0.0", From 7c34e1ac1bcc0bc6579b30745c96075c69bd0332 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 15 Sep 2023 06:55:54 +0000 Subject: [PATCH 05/32] chore: bump @npmcli/template-oss from 4.18.1 to 4.19.0 Bumps [@npmcli/template-oss](https://github.com/npm/template-oss) from 4.18.1 to 4.19.0. - [Release notes](https://github.com/npm/template-oss/releases) - [Changelog](https://github.com/npm/template-oss/blob/main/CHANGELOG.md) - [Commits](https://github.com/npm/template-oss/compare/v4.18.1...v4.19.0) --- updated-dependencies: - dependency-name: @npmcli/template-oss dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 6426aabf..2850d2c9 100644 --- a/package.json +++ b/package.json @@ -14,7 +14,7 @@ }, "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.18.1", + "@npmcli/template-oss": "4.19.0", "tap": "^16.0.0" }, "license": "ISC", From 14d263faa156e408a033b9b12a2f87735c2df42c Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Fri, 15 Sep 2023 17:48:34 -0700 Subject: [PATCH 06/32] chore: postinstall for dependabot template-oss PR --- .github/workflows/audit.yml | 4 ++-- .github/workflows/ci-release.yml | 5 +++-- .github/workflows/ci.yml | 5 +++-- .github/workflows/post-dependabot.yml | 4 ++-- .github/workflows/pull-request.yml | 4 ++-- .github/workflows/release.yml | 10 +++++----- package.json | 11 +---------- 7 files changed, 18 insertions(+), 25 deletions(-) diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index 2555c287..36f007e8 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -27,8 +27,8 @@ jobs: uses: actions/setup-node@v3 id: node with: - node-version: 18.x - check-latest: contains('18.x', '.x') + node-version: 20.x + check-latest: contains('20.x', '.x') # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows - name: Update Windows npm diff --git a/.github/workflows/ci-release.yml b/.github/workflows/ci-release.yml index 30681367..19cfc229 100644 --- a/.github/workflows/ci-release.yml +++ b/.github/workflows/ci-release.yml @@ -82,8 +82,8 @@ jobs: uses: actions/setup-node@v3 id: node with: - node-version: 18.x - check-latest: contains('18.x', '.x') + node-version: 20.x + check-latest: contains('20.x', '.x') # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows - name: Update Windows npm @@ -167,6 +167,7 @@ jobs: - 14.x - 16.x - 18.x + - 20.x runs-on: ${{ matrix.platform.os }} defaults: run: diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 24cf54f2..3b0abe07 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -32,8 +32,8 @@ jobs: uses: actions/setup-node@v3 id: node with: - node-version: 18.x - check-latest: contains('18.x', '.x') + node-version: 20.x + check-latest: contains('20.x', '.x') # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows - name: Update Windows npm @@ -110,6 +110,7 @@ jobs: - 14.x - 16.x - 18.x + - 20.x runs-on: ${{ matrix.platform.os }} defaults: run: diff --git a/.github/workflows/post-dependabot.yml b/.github/workflows/post-dependabot.yml index c8898838..c144660e 100644 --- a/.github/workflows/post-dependabot.yml +++ b/.github/workflows/post-dependabot.yml @@ -28,8 +28,8 @@ jobs: uses: actions/setup-node@v3 id: node with: - node-version: 18.x - check-latest: contains('18.x', '.x') + node-version: 20.x + check-latest: contains('20.x', '.x') # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows - name: Update Windows npm diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml index aac7cb6b..63a6169f 100644 --- a/.github/workflows/pull-request.yml +++ b/.github/workflows/pull-request.yml @@ -31,8 +31,8 @@ jobs: uses: actions/setup-node@v3 id: node with: - node-version: 18.x - check-latest: contains('18.x', '.x') + node-version: 20.x + check-latest: contains('20.x', '.x') # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows - name: Update Windows npm diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 31bec5ca..65730393 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -45,8 +45,8 @@ jobs: uses: actions/setup-node@v3 id: node with: - node-version: 18.x - check-latest: contains('18.x', '.x') + node-version: 20.x + check-latest: contains('20.x', '.x') # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows - name: Update Windows npm @@ -202,8 +202,8 @@ jobs: uses: actions/setup-node@v3 id: node with: - node-version: 18.x - check-latest: contains('18.x', '.x') + node-version: 20.x + check-latest: contains('20.x', '.x') # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows - name: Update Windows npm @@ -426,7 +426,7 @@ jobs: - name: Publish env: PUBLISH_TOKEN: ${{ secrets.PUBLISH_TOKEN }} - run: npm publish --provenance + run: npm publish --provenance --tag=latest post-release-integration: needs: [ release, release-integration ] diff --git a/package.json b/package.json index 2850d2c9..c4092174 100644 --- a/package.json +++ b/package.json @@ -53,17 +53,8 @@ "author": "GitHub Inc.", "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.18.1", + "version": "4.19.0", "engines": ">=10", - "ciVersions": [ - "10.0.0", - "10.x", - "12.x", - "14.x", - "16.x", - "18.x" - ], - "npmSpec": "8", "distPaths": [ "classes/", "functions/", From 6240d75a7c620b0a222f05969a91fdc3dc2be0fb Mon Sep 17 00:00:00 2001 From: Kevin Z Date: Mon, 20 Nov 2023 14:32:30 -0700 Subject: [PATCH 07/32] chore: add missing quotes in README.md (#656) We don't have `2.1.5` in js, but `'2.1.5'` --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 53ea9b52..f7348a08 100644 --- a/README.md +++ b/README.md @@ -543,7 +543,7 @@ ex. * `s.clean(' = v 2.1.5-foo')`: `null` * `s.clean(' = v 2.1.5-foo', { loose: true })`: `'2.1.5-foo'` * `s.clean('=v2.1.5')`: `'2.1.5'` -* `s.clean(' =v2.1.5')`: `2.1.5` +* `s.clean(' =v2.1.5')`: `'2.1.5'` * `s.clean(' 2.1.5 ')`: `'2.1.5'` * `s.clean('~1.0.0')`: `null` From 7303db1fe54d6905b23ccb0162878e37d73535ef Mon Sep 17 00:00:00 2001 From: Mark Delk Date: Thu, 30 Nov 2023 14:25:49 -0600 Subject: [PATCH 08/32] chore: add clean() test for build metadata (#658) --- test/functions/clean.js | 1 + 1 file changed, 1 insertion(+) diff --git a/test/functions/clean.js b/test/functions/clean.js index 1df155bf..830e824b 100644 --- a/test/functions/clean.js +++ b/test/functions/clean.js @@ -17,6 +17,7 @@ test('clean tests', (t) => { ['~1.2.3', null], ['<=1.2.3', null], ['1.2.x', null], + ['0.12.0-dev.1150+3c22cecee', '0.12.0-dev.1150'], ].forEach(([range, version]) => { const msg = `clean(${range}) = ${version}` t.equal(clean(range), version, msg) From f317dc8689781bcfd98e2c32b46157276acdd47c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 16 Nov 2023 06:14:09 +0000 Subject: [PATCH 09/32] chore: bump @npmcli/template-oss from 4.19.0 to 4.21.0 Bumps [@npmcli/template-oss](https://github.com/npm/template-oss) from 4.19.0 to 4.21.0. - [Release notes](https://github.com/npm/template-oss/releases) - [Changelog](https://github.com/npm/template-oss/blob/main/CHANGELOG.md) - [Commits](https://github.com/npm/template-oss/compare/v4.19.0...v4.21.0) --- updated-dependencies: - dependency-name: @npmcli/template-oss dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index c4092174..1b24b1bb 100644 --- a/package.json +++ b/package.json @@ -14,7 +14,7 @@ }, "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.19.0", + "@npmcli/template-oss": "4.21.0", "tap": "^16.0.0" }, "license": "ISC", From 88739918080debeb239aae840b35c07436148e50 Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Sat, 2 Dec 2023 20:43:19 -0700 Subject: [PATCH 10/32] chore: chore: chore: postinstall for dependabot template-oss PR --- .eslintrc.js | 3 + .github/actions/create-check/action.yml | 52 +++ .github/actions/install-latest-npm/action.yml | 57 +++ .github/workflows/audit.yml | 50 +-- .github/workflows/ci-release.yml | 210 ++------- .github/workflows/ci.yml | 100 +---- .github/workflows/post-dependabot.yml | 50 +-- .github/workflows/pull-request.yml | 56 +-- .github/workflows/release-integration.yml | 76 ++++ .github/workflows/release.yml | 422 +++++------------- .gitignore | 3 + package.json | 6 +- release-please-config.json | 7 +- 13 files changed, 370 insertions(+), 722 deletions(-) create mode 100644 .github/actions/create-check/action.yml create mode 100644 .github/actions/install-latest-npm/action.yml create mode 100644 .github/workflows/release-integration.yml diff --git a/.eslintrc.js b/.eslintrc.js index 5db9f815..f21d26ec 100644 --- a/.eslintrc.js +++ b/.eslintrc.js @@ -10,6 +10,9 @@ const localConfigs = readdir(__dirname) module.exports = { root: true, + ignorePatterns: [ + 'tap-testdir*/', + ], extends: [ '@npmcli', ...localConfigs, diff --git a/.github/actions/create-check/action.yml b/.github/actions/create-check/action.yml new file mode 100644 index 00000000..0e7d6ce0 --- /dev/null +++ b/.github/actions/create-check/action.yml @@ -0,0 +1,52 @@ +# This file is automatically added by @npmcli/template-oss. Do not edit. + +name: 'Create Check' +inputs: + name: + required: true + token: + required: true + sha: + required: true + check-name: + default: '' +outputs: + check-id: + value: ${{ steps.create-check.outputs.check_id }} +runs: + using: "composite" + steps: + - name: Get Workflow Job + uses: actions/github-script@v6 + id: workflow + env: + JOB_NAME: "${{ inputs.name }}" + SHA: "${{ inputs.sha }}" + with: + result-encoding: string + script: | + const { repo: { owner, repo}, runId, serverUrl } = context + const { JOB_NAME, SHA } = process.env + + const job = await github.rest.actions.listJobsForWorkflowRun({ + owner, + repo, + run_id: runId, + per_page: 100 + }).then(r => r.data.jobs.find(j => j.name.endsWith(JOB_NAME))) + + return [ + `This check is assosciated with ${serverUrl}/${owner}/${repo}/commit/${SHA}.`, + 'Run logs:', + job?.html_url || `could not be found for a job ending with: "${JOB_NAME}"`, + ].join(' ') + - name: Create Check + uses: LouisBrunner/checks-action@v1.6.0 + id: create-check + with: + token: ${{ inputs.token }} + sha: ${{ inputs.sha }} + status: in_progress + name: ${{ inputs.check-name || inputs.name }} + output: | + {"summary":"${{ steps.workflow.outputs.result }}"} diff --git a/.github/actions/install-latest-npm/action.yml b/.github/actions/install-latest-npm/action.yml new file mode 100644 index 00000000..f2e86c84 --- /dev/null +++ b/.github/actions/install-latest-npm/action.yml @@ -0,0 +1,57 @@ +# This file is automatically added by @npmcli/template-oss. Do not edit. + +name: 'Install Latest npm' +description: 'Install the latest version of npm compatible with the Node version' +inputs: + node: + description: 'Current Node version' + required: true +runs: + using: "composite" + steps: + # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows + - name: Update Windows npm + if: | + runner.os == 'Windows' && ( + startsWith(inputs.node, 'v10.') || + startsWith(inputs.node, 'v12.') || + startsWith(inputs.node, 'v14.') + ) + shell: cmd + run: | + curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz + tar xf npm-7.5.4.tgz + cd package + node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz + cd .. + rmdir /s /q package + - name: Install Latest npm + shell: bash + env: + NODE_VERSION: ${{ inputs.node }} + run: | + MATCH="" + SPECS=("latest" "next-10" "next-9" "next-8" "next-7" "next-6") + + echo "node@$NODE_VERSION" + + for SPEC in ${SPECS[@]}; do + ENGINES=$(npm view npm@$SPEC --json | jq -r '.engines.node') + echo "Checking if node@$NODE_VERSION satisfies npm@$SPEC ($ENGINES)" + + if npx semver -r "$ENGINES" "$NODE_VERSION" > /dev/null; then + MATCH=$SPEC + echo "Found compatible version: npm@$MATCH" + break + fi + done + + if [ -z $MATCH ]; then + echo "Could not find a compatible version of npm for node@$NODE_VERSION" + exit 1 + fi + + npm i --prefer-online --no-fund --no-audit -g npm@$MATCH + - name: npm Version + shell: bash + run: npm -v diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index 36f007e8..fa3163a8 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -29,52 +29,10 @@ jobs: with: node-version: 20.x check-latest: contains('20.x', '.x') - - # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows - - name: Update Windows npm - if: | - matrix.platform.os == 'windows-latest' && ( - startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') - ) - run: | - curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz - tar xf npm-7.5.4.tgz - cd package - node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz - cd .. - rmdir /s /q package - - # Start on Node 10 because we dont test on anything lower - - name: Install npm@7 on Node 10 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v10.') - id: npm-7 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@7 - echo "updated=true" >> "$GITHUB_OUTPUT" - - - name: Install npm@8 on Node 12 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v12.') - id: npm-8 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@8 - echo "updated=true" >> "$GITHUB_OUTPUT" - - - name: Install npm@9 on Node 14/16/18.0 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') - id: npm-9 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@9 - echo "updated=true" >> "$GITHUB_OUTPUT" - - - name: Install npm@latest on Node - if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} - run: npm i --prefer-online --no-fund --no-audit -g npm@latest - - - name: npm Version - run: npm -v + - name: Install Latest npm + uses: ./.github/actions/install-latest-npm + with: + node: ${{ steps.node.outputs.node-version }} - name: Install Dependencies run: npm i --ignore-scripts --no-audit --no-fund --package-lock - name: Run Production Audit diff --git a/.github/workflows/ci-release.yml b/.github/workflows/ci-release.yml index 19cfc229..9f9c2a2a 100644 --- a/.github/workflows/ci-release.yml +++ b/.github/workflows/ci-release.yml @@ -27,49 +27,6 @@ jobs: run: shell: bash steps: - - name: Get Workflow Job - uses: actions/github-script@v6 - if: inputs.check-sha - id: check-output - env: - JOB_NAME: "Lint All" - MATRIX_NAME: "" - with: - script: | - const { owner, repo } = context.repo - - const { data } = await github.rest.actions.listJobsForWorkflowRun({ - owner, - repo, - run_id: context.runId, - per_page: 100 - }) - - const jobName = process.env.JOB_NAME + process.env.MATRIX_NAME - const job = data.jobs.find(j => j.name.endsWith(jobName)) - const jobUrl = job?.html_url - - const shaUrl = `${context.serverUrl}/${owner}/${repo}/commit/${{ inputs.check-sha }}` - - let summary = `This check is assosciated with ${shaUrl}\n\n` - - if (jobUrl) { - summary += `For run logs, click here: ${jobUrl}` - } else { - summary += `Run logs could not be found for a job with name: "${jobName}"` - } - - return { summary } - - name: Create Check - uses: LouisBrunner/checks-action@v1.6.0 - id: check - if: inputs.check-sha - with: - token: ${{ secrets.GITHUB_TOKEN }} - status: in_progress - name: Lint All - sha: ${{ inputs.check-sha }} - output: ${{ steps.check-output.outputs.result }} - name: Checkout uses: actions/checkout@v3 with: @@ -78,58 +35,24 @@ jobs: run: | git config --global user.email "npm-cli+bot@github.com" git config --global user.name "npm CLI robot" + - name: Create Check + id: create-check + if: ${{ inputs.check-sha }} + uses: ./.github/actions/create-check + with: + name: "Lint All" + token: ${{ secrets.GITHUB_TOKEN }} + sha: ${{ inputs.check-sha }} - name: Setup Node uses: actions/setup-node@v3 id: node with: node-version: 20.x check-latest: contains('20.x', '.x') - - # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows - - name: Update Windows npm - if: | - matrix.platform.os == 'windows-latest' && ( - startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') - ) - run: | - curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz - tar xf npm-7.5.4.tgz - cd package - node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz - cd .. - rmdir /s /q package - - # Start on Node 10 because we dont test on anything lower - - name: Install npm@7 on Node 10 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v10.') - id: npm-7 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@7 - echo "updated=true" >> "$GITHUB_OUTPUT" - - - name: Install npm@8 on Node 12 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v12.') - id: npm-8 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@8 - echo "updated=true" >> "$GITHUB_OUTPUT" - - - name: Install npm@9 on Node 14/16/18.0 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') - id: npm-9 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@9 - echo "updated=true" >> "$GITHUB_OUTPUT" - - - name: Install npm@latest on Node - if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} - run: npm i --prefer-online --no-fund --no-audit -g npm@latest - - - name: npm Version - run: npm -v + - name: Install Latest npm + uses: ./.github/actions/install-latest-npm + with: + node: ${{ steps.node.outputs.node-version }} - name: Install Dependencies run: npm i --ignore-scripts --no-audit --no-fund - name: Lint @@ -138,11 +61,11 @@ jobs: run: npm run postlint --ignore-scripts - name: Conclude Check uses: LouisBrunner/checks-action@v1.6.0 - if: steps.check.outputs.check_id && always() + if: always() with: token: ${{ secrets.GITHUB_TOKEN }} conclusion: ${{ job.status }} - check_id: ${{ steps.check.outputs.check_id }} + check_id: ${{ steps.create-check.outputs.check-id }} test-all: name: Test All - ${{ matrix.platform.name }} - ${{ matrix.node-version }} @@ -173,49 +96,6 @@ jobs: run: shell: ${{ matrix.platform.shell }} steps: - - name: Get Workflow Job - uses: actions/github-script@v6 - if: inputs.check-sha - id: check-output - env: - JOB_NAME: "Test All" - MATRIX_NAME: " - ${{ matrix.platform.name }} - ${{ matrix.node-version }}" - with: - script: | - const { owner, repo } = context.repo - - const { data } = await github.rest.actions.listJobsForWorkflowRun({ - owner, - repo, - run_id: context.runId, - per_page: 100 - }) - - const jobName = process.env.JOB_NAME + process.env.MATRIX_NAME - const job = data.jobs.find(j => j.name.endsWith(jobName)) - const jobUrl = job?.html_url - - const shaUrl = `${context.serverUrl}/${owner}/${repo}/commit/${{ inputs.check-sha }}` - - let summary = `This check is assosciated with ${shaUrl}\n\n` - - if (jobUrl) { - summary += `For run logs, click here: ${jobUrl}` - } else { - summary += `Run logs could not be found for a job with name: "${jobName}"` - } - - return { summary } - - name: Create Check - uses: LouisBrunner/checks-action@v1.6.0 - id: check - if: inputs.check-sha - with: - token: ${{ secrets.GITHUB_TOKEN }} - status: in_progress - name: Test All - ${{ matrix.platform.name }} - ${{ matrix.node-version }} - sha: ${{ inputs.check-sha }} - output: ${{ steps.check-output.outputs.result }} - name: Checkout uses: actions/checkout@v3 with: @@ -224,58 +104,24 @@ jobs: run: | git config --global user.email "npm-cli+bot@github.com" git config --global user.name "npm CLI robot" + - name: Create Check + id: create-check + if: ${{ inputs.check-sha }} + uses: ./.github/actions/create-check + with: + name: "Test All - ${{ matrix.platform.name }} - ${{ matrix.node-version }}" + token: ${{ secrets.GITHUB_TOKEN }} + sha: ${{ inputs.check-sha }} - name: Setup Node uses: actions/setup-node@v3 id: node with: node-version: ${{ matrix.node-version }} check-latest: contains(matrix.node-version, '.x') - - # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows - - name: Update Windows npm - if: | - matrix.platform.os == 'windows-latest' && ( - startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') - ) - run: | - curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz - tar xf npm-7.5.4.tgz - cd package - node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz - cd .. - rmdir /s /q package - - # Start on Node 10 because we dont test on anything lower - - name: Install npm@7 on Node 10 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v10.') - id: npm-7 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@7 - echo "updated=true" >> "$GITHUB_OUTPUT" - - - name: Install npm@8 on Node 12 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v12.') - id: npm-8 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@8 - echo "updated=true" >> "$GITHUB_OUTPUT" - - - name: Install npm@9 on Node 14/16/18.0 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') - id: npm-9 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@9 - echo "updated=true" >> "$GITHUB_OUTPUT" - - - name: Install npm@latest on Node - if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} - run: npm i --prefer-online --no-fund --no-audit -g npm@latest - - - name: npm Version - run: npm -v + - name: Install Latest npm + uses: ./.github/actions/install-latest-npm + with: + node: ${{ steps.node.outputs.node-version }} - name: Install Dependencies run: npm i --ignore-scripts --no-audit --no-fund - name: Add Problem Matcher @@ -284,8 +130,8 @@ jobs: run: npm test --ignore-scripts - name: Conclude Check uses: LouisBrunner/checks-action@v1.6.0 - if: steps.check.outputs.check_id && always() + if: always() with: token: ${{ secrets.GITHUB_TOKEN }} conclusion: ${{ job.status }} - check_id: ${{ steps.check.outputs.check_id }} + check_id: ${{ steps.create-check.outputs.check-id }} diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 3b0abe07..f65f93a6 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -34,52 +34,10 @@ jobs: with: node-version: 20.x check-latest: contains('20.x', '.x') - - # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows - - name: Update Windows npm - if: | - matrix.platform.os == 'windows-latest' && ( - startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') - ) - run: | - curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz - tar xf npm-7.5.4.tgz - cd package - node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz - cd .. - rmdir /s /q package - - # Start on Node 10 because we dont test on anything lower - - name: Install npm@7 on Node 10 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v10.') - id: npm-7 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@7 - echo "updated=true" >> "$GITHUB_OUTPUT" - - - name: Install npm@8 on Node 12 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v12.') - id: npm-8 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@8 - echo "updated=true" >> "$GITHUB_OUTPUT" - - - name: Install npm@9 on Node 14/16/18.0 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') - id: npm-9 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@9 - echo "updated=true" >> "$GITHUB_OUTPUT" - - - name: Install npm@latest on Node - if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} - run: npm i --prefer-online --no-fund --no-audit -g npm@latest - - - name: npm Version - run: npm -v + - name: Install Latest npm + uses: ./.github/actions/install-latest-npm + with: + node: ${{ steps.node.outputs.node-version }} - name: Install Dependencies run: npm i --ignore-scripts --no-audit --no-fund - name: Lint @@ -128,52 +86,10 @@ jobs: with: node-version: ${{ matrix.node-version }} check-latest: contains(matrix.node-version, '.x') - - # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows - - name: Update Windows npm - if: | - matrix.platform.os == 'windows-latest' && ( - startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') - ) - run: | - curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz - tar xf npm-7.5.4.tgz - cd package - node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz - cd .. - rmdir /s /q package - - # Start on Node 10 because we dont test on anything lower - - name: Install npm@7 on Node 10 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v10.') - id: npm-7 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@7 - echo "updated=true" >> "$GITHUB_OUTPUT" - - - name: Install npm@8 on Node 12 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v12.') - id: npm-8 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@8 - echo "updated=true" >> "$GITHUB_OUTPUT" - - - name: Install npm@9 on Node 14/16/18.0 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') - id: npm-9 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@9 - echo "updated=true" >> "$GITHUB_OUTPUT" - - - name: Install npm@latest on Node - if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} - run: npm i --prefer-online --no-fund --no-audit -g npm@latest - - - name: npm Version - run: npm -v + - name: Install Latest npm + uses: ./.github/actions/install-latest-npm + with: + node: ${{ steps.node.outputs.node-version }} - name: Install Dependencies run: npm i --ignore-scripts --no-audit --no-fund - name: Add Problem Matcher diff --git a/.github/workflows/post-dependabot.yml b/.github/workflows/post-dependabot.yml index c144660e..11a7b7c8 100644 --- a/.github/workflows/post-dependabot.yml +++ b/.github/workflows/post-dependabot.yml @@ -30,52 +30,10 @@ jobs: with: node-version: 20.x check-latest: contains('20.x', '.x') - - # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows - - name: Update Windows npm - if: | - matrix.platform.os == 'windows-latest' && ( - startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') - ) - run: | - curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz - tar xf npm-7.5.4.tgz - cd package - node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz - cd .. - rmdir /s /q package - - # Start on Node 10 because we dont test on anything lower - - name: Install npm@7 on Node 10 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v10.') - id: npm-7 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@7 - echo "updated=true" >> "$GITHUB_OUTPUT" - - - name: Install npm@8 on Node 12 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v12.') - id: npm-8 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@8 - echo "updated=true" >> "$GITHUB_OUTPUT" - - - name: Install npm@9 on Node 14/16/18.0 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') - id: npm-9 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@9 - echo "updated=true" >> "$GITHUB_OUTPUT" - - - name: Install npm@latest on Node - if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} - run: npm i --prefer-online --no-fund --no-audit -g npm@latest - - - name: npm Version - run: npm -v + - name: Install Latest npm + uses: ./.github/actions/install-latest-npm + with: + node: ${{ steps.node.outputs.node-version }} - name: Install Dependencies run: npm i --ignore-scripts --no-audit --no-fund - name: Fetch Dependabot Metadata diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml index 63a6169f..0b5789e0 100644 --- a/.github/workflows/pull-request.yml +++ b/.github/workflows/pull-request.yml @@ -33,62 +33,18 @@ jobs: with: node-version: 20.x check-latest: contains('20.x', '.x') - - # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows - - name: Update Windows npm - if: | - matrix.platform.os == 'windows-latest' && ( - startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') - ) - run: | - curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz - tar xf npm-7.5.4.tgz - cd package - node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz - cd .. - rmdir /s /q package - - # Start on Node 10 because we dont test on anything lower - - name: Install npm@7 on Node 10 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v10.') - id: npm-7 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@7 - echo "updated=true" >> "$GITHUB_OUTPUT" - - - name: Install npm@8 on Node 12 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v12.') - id: npm-8 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@8 - echo "updated=true" >> "$GITHUB_OUTPUT" - - - name: Install npm@9 on Node 14/16/18.0 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') - id: npm-9 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@9 - echo "updated=true" >> "$GITHUB_OUTPUT" - - - name: Install npm@latest on Node - if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} - run: npm i --prefer-online --no-fund --no-audit -g npm@latest - - - name: npm Version - run: npm -v + - name: Install Latest npm + uses: ./.github/actions/install-latest-npm + with: + node: ${{ steps.node.outputs.node-version }} - name: Install Dependencies run: npm i --ignore-scripts --no-audit --no-fund - name: Run Commitlint on Commits id: commit continue-on-error: true - run: | - npx --offline commitlint -V --from 'origin/${{ github.base_ref }}' --to ${{ github.event.pull_request.head.sha }} + run: npx --offline commitlint -V --from 'origin/${{ github.base_ref }}' --to ${{ github.event.pull_request.head.sha }} - name: Run Commitlint on PR Title if: steps.commit.outcome == 'failure' env: PR_TITLE: ${{ github.event.pull_request.title }} - run: | - echo "$PR_TITLE" | npx --offline commitlint -V + run: echo "$PR_TITLE" | npx --offline commitlint -V diff --git a/.github/workflows/release-integration.yml b/.github/workflows/release-integration.yml new file mode 100644 index 00000000..36637581 --- /dev/null +++ b/.github/workflows/release-integration.yml @@ -0,0 +1,76 @@ +# This file is automatically added by @npmcli/template-oss. Do not edit. + +name: Release Integration + +on: + workflow_dispatch: + inputs: + releases: + required: true + type: string + description: 'A json array of releases. Required fields: publish: tagName, publishTag. publish check: pkgName, version' + workflow_call: + inputs: + releases: + required: true + type: string + description: 'A json array of releases. Required fields: publish: tagName, publishTag. publish check: pkgName, version' + secrets: + PUBLISH_TOKEN: + required: true + +jobs: + publish: + name: Publish + runs-on: ubuntu-latest + defaults: + run: + shell: bash + permissions: + id-token: write + steps: + - name: Checkout + uses: actions/checkout@v3 + with: + ref: ${{ fromJSON(inputs.releases)[0].tagName }} + - name: Setup Git User + run: | + git config --global user.email "npm-cli+bot@github.com" + git config --global user.name "npm CLI robot" + - name: Setup Node + uses: actions/setup-node@v3 + id: node + with: + node-version: 20.x + check-latest: contains('20.x', '.x') + - name: Install Latest npm + uses: ./.github/actions/install-latest-npm + with: + node: ${{ steps.node.outputs.node-version }} + - name: Install Dependencies + run: npm i --ignore-scripts --no-audit --no-fund + - name: Set npm authToken + run: npm config set '//registry.npmjs.org/:_authToken'=\${PUBLISH_TOKEN} + - name: Publish + env: + PUBLISH_TOKEN: ${{ secrets.PUBLISH_TOKEN }} + run: | + EXIT_CODE=0 + + function each_release { + if npm publish --provenance --tag="$1"; then + echo 0 + else + echo 1 + fi + } + + for release in $(echo '${{ inputs.releases }}' | jq -r '.[] | @base64'); do + PUBLISH_TAG=$(echo "$release" | base64 --decode | jq -r .publishTag) + STATUS=$(each_release "$PUBLISH_TAG") + if [[ "$STATUS" -eq 1 ]]; then + EXIT_CODE=$STATUS + fi + done + + exit $EXIT_CODE diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 65730393..be675916 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -3,11 +3,6 @@ name: Release on: - workflow_dispatch: - inputs: - release-pr: - description: a release PR number to rerun release jobs on - type: string push: branches: - main @@ -22,12 +17,12 @@ jobs: release: outputs: pr: ${{ steps.release.outputs.pr }} - release: ${{ steps.release.outputs.release }} - releases: ${{ steps.release.outputs.releases }} - branch: ${{ steps.release.outputs.pr-branch }} + pr-branch: ${{ steps.release.outputs.pr-branch }} pr-number: ${{ steps.release.outputs.pr-number }} - comment-id: ${{ steps.pr-comment.outputs.result }} - check-id: ${{ steps.check.outputs.check_id }} + pr-sha: ${{ steps.release.outputs.pr-sha }} + releases: ${{ steps.release.outputs.releases }} + comment-id: ${{ steps.create-comment.outputs.comment-id || steps.update-comment.outputs.comment-id }} + check-id: ${{ steps.create-check.outputs.check-id }} name: Release if: github.repository_owner == 'npm' runs-on: ubuntu-latest @@ -47,141 +42,64 @@ jobs: with: node-version: 20.x check-latest: contains('20.x', '.x') - - # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows - - name: Update Windows npm - if: | - matrix.platform.os == 'windows-latest' && ( - startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') - ) - run: | - curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz - tar xf npm-7.5.4.tgz - cd package - node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz - cd .. - rmdir /s /q package - - # Start on Node 10 because we dont test on anything lower - - name: Install npm@7 on Node 10 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v10.') - id: npm-7 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@7 - echo "updated=true" >> "$GITHUB_OUTPUT" - - - name: Install npm@8 on Node 12 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v12.') - id: npm-8 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@8 - echo "updated=true" >> "$GITHUB_OUTPUT" - - - name: Install npm@9 on Node 14/16/18.0 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') - id: npm-9 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@9 - echo "updated=true" >> "$GITHUB_OUTPUT" - - - name: Install npm@latest on Node - if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} - run: npm i --prefer-online --no-fund --no-audit -g npm@latest - - - name: npm Version - run: npm -v + - name: Install Latest npm + uses: ./.github/actions/install-latest-npm + with: + node: ${{ steps.node.outputs.node-version }} - name: Install Dependencies run: npm i --ignore-scripts --no-audit --no-fund - name: Release Please id: release env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: | - npx --offline template-oss-release-please "${{ github.ref_name }}" "${{ inputs.release-pr }}" - - name: Post Pull Request Comment + run: npx --offline template-oss-release-please --branch="${{ github.ref_name }}" --backport="" --defaultTag="latest" + - name: Create Release Manager Comment Text if: steps.release.outputs.pr-number uses: actions/github-script@v6 - id: pr-comment - env: - PR_NUMBER: ${{ steps.release.outputs.pr-number }} - REF_NAME: ${{ github.ref_name }} + id: comment-text with: + result-encoding: string script: | - const { REF_NAME, PR_NUMBER: issue_number } = process.env const { runId, repo: { owner, repo } } = context - const { data: workflow } = await github.rest.actions.getWorkflowRun({ owner, repo, run_id: runId }) - - let body = '## Release Manager\n\n' - - const comments = await github.paginate(github.rest.issues.listComments, { owner, repo, issue_number }) - let commentId = comments.find(c => c.user.login === 'github-actions[bot]' && c.body.startsWith(body))?.id - - body += `Release workflow run: ${workflow.html_url}\n\n#### Force CI to Update This Release\n\n` - body += `This PR will be updated and CI will run for every non-\`chore:\` commit that is pushed to \`${REF_NAME}\`. ` - body += `To force CI to update this PR, run this command:\n\n` - body += `\`\`\`\ngh workflow run release.yml -r ${REF_NAME} -R ${owner}/${repo} -f release-pr=${issue_number}\n\`\`\`` - - if (commentId) { - await github.rest.issues.updateComment({ owner, repo, comment_id: commentId, body }) - } else { - const { data: comment } = await github.rest.issues.createComment({ owner, repo, issue_number, body }) - commentId = comment?.id - } - - return commentId - - name: Get Workflow Job - uses: actions/github-script@v6 - if: steps.release.outputs.pr-sha - id: check-output - env: - JOB_NAME: "Release" - MATRIX_NAME: "" + return['## Release Manager', `Release workflow run: ${workflow.html_url}`].join('\n\n') + - name: Find Release Manager Comment + uses: peter-evans/find-comment@v2 + if: steps.release.outputs.pr-number + id: found-comment with: - script: | - const { owner, repo } = context.repo - - const { data } = await github.rest.actions.listJobsForWorkflowRun({ - owner, - repo, - run_id: context.runId, - per_page: 100 - }) - - const jobName = process.env.JOB_NAME + process.env.MATRIX_NAME - const job = data.jobs.find(j => j.name.endsWith(jobName)) - const jobUrl = job?.html_url - - const shaUrl = `${context.serverUrl}/${owner}/${repo}/commit/${{ steps.release.outputs.pr-sha }}` - - let summary = `This check is assosciated with ${shaUrl}\n\n` - - if (jobUrl) { - summary += `For run logs, click here: ${jobUrl}` - } else { - summary += `Run logs could not be found for a job with name: "${jobName}"` - } - - return { summary } + issue-number: ${{ steps.release.outputs.pr-number }} + comment-author: 'github-actions[bot]' + body-includes: '## Release Manager' + - name: Create Release Manager Comment + id: create-comment + if: steps.release.outputs.pr-number && !steps.found-comment.outputs.comment-id + uses: peter-evans/create-or-update-comment@v3 + with: + issue-number: ${{ steps.release.outputs.pr-number }} + body: ${{ steps.comment-text.outputs.result }} + - name: Update Release Manager Comment + id: update-comment + if: steps.release.outputs.pr-number && steps.found-comment.outputs.comment-id + uses: peter-evans/create-or-update-comment@v3 + with: + comment-id: ${{ steps.found-comment.outputs.comment-id }} + body: ${{ steps.comment-text.outputs.result }} + edit-mode: 'replace' - name: Create Check - uses: LouisBrunner/checks-action@v1.6.0 - id: check + id: create-check + uses: ./.github/actions/create-check if: steps.release.outputs.pr-sha with: + name: "Release" token: ${{ secrets.GITHUB_TOKEN }} - status: in_progress - name: Release sha: ${{ steps.release.outputs.pr-sha }} - output: ${{ steps.check-output.outputs.result }} update: needs: release outputs: sha: ${{ steps.commit.outputs.sha }} - check-id: ${{ steps.check.outputs.check_id }} + check-id: ${{ steps.create-check.outputs.check-id }} name: Update - Release if: github.repository_owner == 'npm' && needs.release.outputs.pr runs-on: ubuntu-latest @@ -193,7 +111,7 @@ jobs: uses: actions/checkout@v3 with: fetch-depth: 0 - ref: ${{ needs.release.outputs.branch }} + ref: ${{ needs.release.outputs.pr-branch }} - name: Setup Git User run: | git config --global user.email "npm-cli+bot@github.com" @@ -204,62 +122,27 @@ jobs: with: node-version: 20.x check-latest: contains('20.x', '.x') - - # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows - - name: Update Windows npm - if: | - matrix.platform.os == 'windows-latest' && ( - startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.') - ) - run: | - curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz - tar xf npm-7.5.4.tgz - cd package - node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz - cd .. - rmdir /s /q package - - # Start on Node 10 because we dont test on anything lower - - name: Install npm@7 on Node 10 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v10.') - id: npm-7 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@7 - echo "updated=true" >> "$GITHUB_OUTPUT" - - - name: Install npm@8 on Node 12 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v12.') - id: npm-8 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@8 - echo "updated=true" >> "$GITHUB_OUTPUT" - - - name: Install npm@9 on Node 14/16/18.0 - shell: bash - if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.') - id: npm-9 - run: | - npm i --prefer-online --no-fund --no-audit -g npm@9 - echo "updated=true" >> "$GITHUB_OUTPUT" - - - name: Install npm@latest on Node - if: ${{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }} - run: npm i --prefer-online --no-fund --no-audit -g npm@latest - - - name: npm Version - run: npm -v + - name: Install Latest npm + uses: ./.github/actions/install-latest-npm + with: + node: ${{ steps.node.outputs.node-version }} - name: Install Dependencies run: npm i --ignore-scripts --no-audit --no-fund + - name: Create Release Manager Checklist Text + id: comment-text + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: npm exec --offline -- template-oss-release-manager --pr="${{ needs.release.outputs.pr-number }}" --backport="" --defaultTag="latest" --publish + - name: Append Release Manager Comment + uses: peter-evans/create-or-update-comment@v3 + with: + comment-id: ${{ needs.release.outputs.comment-id }} + body: ${{ steps.comment-text.outputs.result }} + edit-mode: 'append' - name: Run Post Pull Request Actions env: - RELEASE_PR_NUMBER: ${{ needs.release.outputs.pr-number }} - RELEASE_COMMENT_ID: ${{ needs.release.outputs.comment-id }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: | - npm exec --offline -- template-oss-release-manager --lockfile=false --publish=true - npm run rp-pull-request --ignore-scripts --if-present + run: npm run rp-pull-request --ignore-scripts --if-present -- --pr="${{ needs.release.outputs.pr-number }}" --commentId="${{ needs.release.outputs.comment-id }}" - name: Commit id: commit env: @@ -268,52 +151,16 @@ jobs: git commit --all --amend --no-edit || true git push --force-with-lease echo "sha=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT - - name: Get Workflow Job - uses: actions/github-script@v6 - if: steps.commit.outputs.sha - id: check-output - env: - JOB_NAME: "Update - Release" - MATRIX_NAME: "" - with: - script: | - const { owner, repo } = context.repo - - const { data } = await github.rest.actions.listJobsForWorkflowRun({ - owner, - repo, - run_id: context.runId, - per_page: 100 - }) - - const jobName = process.env.JOB_NAME + process.env.MATRIX_NAME - const job = data.jobs.find(j => j.name.endsWith(jobName)) - const jobUrl = job?.html_url - - const shaUrl = `${context.serverUrl}/${owner}/${repo}/commit/${{ steps.commit.outputs.sha }}` - - let summary = `This check is assosciated with ${shaUrl}\n\n` - - if (jobUrl) { - summary += `For run logs, click here: ${jobUrl}` - } else { - summary += `Run logs could not be found for a job with name: "${jobName}"` - } - - return { summary } - name: Create Check - uses: LouisBrunner/checks-action@v1.6.0 - id: check - if: steps.commit.outputs.sha + id: create-check + uses: ./.github/actions/create-check with: + name: "Update - Release" + check-name: "Release" token: ${{ secrets.GITHUB_TOKEN }} - status: in_progress - name: Release sha: ${{ steps.commit.outputs.sha }} - output: ${{ steps.check-output.outputs.result }} - name: Conclude Check uses: LouisBrunner/checks-action@v1.6.0 - if: needs.release.outputs.check-id && always() with: token: ${{ secrets.GITHUB_TOKEN }} conclusion: ${{ job.status }} @@ -325,7 +172,7 @@ jobs: if: needs.release.outputs.pr uses: ./.github/workflows/ci-release.yml with: - ref: ${{ needs.release.outputs.branch }} + ref: ${{ needs.release.outputs.pr-branch }} check-sha: ${{ needs.update.outputs.sha }} post-ci: @@ -337,8 +184,8 @@ jobs: run: shell: bash steps: - - name: Get Needs Result - id: needs-result + - name: Get CI Conclusion + id: conclusion run: | result="" if [[ "${{ contains(needs.*.result, 'failure') }}" == "true" ]]; then @@ -351,14 +198,15 @@ jobs: echo "result=$result" >> $GITHUB_OUTPUT - name: Conclude Check uses: LouisBrunner/checks-action@v1.6.0 - if: needs.update.outputs.check-id && always() with: token: ${{ secrets.GITHUB_TOKEN }} - conclusion: ${{ steps.needs-result.outputs.result }} + conclusion: ${{ steps.conclusion.outputs.result }} check_id: ${{ needs.update.outputs.check-id }} post-release: needs: release + outputs: + comment-id: ${{ steps.create-comment.outputs.comment-id }} name: Post Release - Release if: github.repository_owner == 'npm' && needs.release.outputs.releases runs-on: ubuntu-latest @@ -366,79 +214,54 @@ jobs: run: shell: bash steps: - - name: Create Release PR Comment + - name: Create Release PR Comment Text + id: comment-text uses: actions/github-script@v6 env: RELEASES: ${{ needs.release.outputs.releases }} with: + result-encoding: string script: | const releases = JSON.parse(process.env.RELEASES) const { runId, repo: { owner, repo } } = context const issue_number = releases[0].prNumber - - let body = '## Release Workflow\n\n' - for (const { pkgName, version, url } of releases) { - body += `- \`${pkgName}@${version}\` ${url}\n` - } - - const comments = await github.paginate(github.rest.issues.listComments, { owner, repo, issue_number }) - .then(cs => cs.map(c => ({ id: c.id, login: c.user.login, body: c.body }))) - console.log(`Found comments: ${JSON.stringify(comments, null, 2)}`) - const releaseComments = comments.filter(c => c.login === 'github-actions[bot]' && c.body.includes('Release is at')) - - for (const comment of releaseComments) { - console.log(`Release comment: ${JSON.stringify(comment, null, 2)}`) - await github.rest.issues.deleteComment({ owner, repo, comment_id: comment.id }) - } - const runUrl = `https://github.com/${owner}/${repo}/actions/runs/${runId}` - await github.rest.issues.createComment({ - owner, - repo, - issue_number, - body: `${body}- Workflow run: :arrows_counterclockwise: ${runUrl}`, - }) + + return [ + '## Release Workflow\n', + ...releases.map(r => `- \`${r.pkgName}@${r.version}\` ${r.url}`), + `- Workflow run: :arrows_counterclockwise: ${runUrl}`, + ].join('\n') + - name: Create Release PR Comment + id: create-comment + uses: peter-evans/create-or-update-comment@v3 + with: + issue-number: ${{ fromJSON(needs.release.outputs.releases)[0].prNumber }} + body: ${{ steps.comment-text.outputs.result }} release-integration: needs: release name: Release Integration - if: needs.release.outputs.release - runs-on: ubuntu-latest - defaults: - run: - shell: bash + if: needs.release.outputs.releases + uses: ./.github/workflows/release-integration.yml permissions: - deployments: write id-token: write - steps: - - name: Checkout - uses: actions/checkout@v3 - with: - ref: ${{ fromJSON(needs.release.outputs.release).tagName }} - - name: Setup Node - uses: actions/setup-node@v3 - with: - node-version: 18.x - - name: Install npm@latest - run: | - npm i --prefer-online --no-fund --no-audit -g npm@latest - npm config set '//registry.npmjs.org/:_authToken'=\${PUBLISH_TOKEN} - - name: Publish - env: - PUBLISH_TOKEN: ${{ secrets.PUBLISH_TOKEN }} - run: npm publish --provenance --tag=latest + secrets: + PUBLISH_TOKEN: ${{ secrets.PUBLISH_TOKEN }} + with: + releases: ${{ needs.release.outputs.releases }} post-release-integration: - needs: [ release, release-integration ] + needs: [ release, release-integration, post-release ] name: Post Release Integration - Release - if: github.repository_owner == 'npm' && needs.release.outputs.release && always() + if: github.repository_owner == 'npm' && needs.release.outputs.releases && always() runs-on: ubuntu-latest defaults: run: shell: bash steps: - - name: Get Needs Result - id: needs-result + - name: Get Post Release Conclusion + id: conclusion run: | if [[ "${{ contains(needs.*.result, 'failure') }}" == "true" ]]; then result="x" @@ -448,39 +271,38 @@ jobs: result="white_check_mark" fi echo "result=$result" >> $GITHUB_OUTPUT - - name: Update Release PR Comment + - name: Find Release PR Comment + uses: peter-evans/find-comment@v2 + id: found-comment + with: + issue-number: ${{ fromJSON(needs.release.outputs.releases)[0].prNumber }} + comment-author: 'github-actions[bot]' + body-includes: '## Release Workflow' + - name: Create Release PR Comment Text + id: comment-text + if: steps.found-comment.outputs.comment-id uses: actions/github-script@v6 env: - PR_NUMBER: ${{ fromJSON(needs.release.outputs.release).prNumber }} - RESULT: ${{ steps.needs-result.outputs.result }} + RESULT: ${{ steps.conclusion.outputs.result }} + BODY: ${{ steps.found-comment.outputs.comment-body }} with: + result-encoding: string script: | - const { PR_NUMBER: issue_number, RESULT } = process.env - const { runId, repo: { owner, repo } } = context - - const comments = await github.paginate(github.rest.issues.listComments, { owner, repo, issue_number }) - const updateComment = comments.find(c => - c.user.login === 'github-actions[bot]' && - c.body.startsWith('## Release Workflow\n\n') && - c.body.includes(runId) - ) - - if (updateComment) { - console.log('Found comment to update:', JSON.stringify(updateComment, null, 2)) - let body = updateComment.body.replace(/Workflow run: :[a-z_]+:/, `Workflow run: :${RESULT}:`) - const tagCodeowner = RESULT !== 'white_check_mark' - if (tagCodeowner) { - body += `\n\n:rotating_light:` - body += ` @npm/cli-team: The post-release workflow failed for this release.` - body += ` Manual steps may need to be taken after examining the workflow output` - body += ` from the above workflow run. :rotating_light:` - } - await github.rest.issues.updateComment({ - owner, - repo, - body, - comment_id: updateComment.id, - }) - } else { - console.log('No matching comments found:', JSON.stringify(comments, null, 2)) + const { RESULT, BODY } = process.env + const body = [BODY.replace(/(Workflow run: :)[a-z_]+(:)/, `$1${RESULT}$2`)] + if (RESULT !== 'white_check_mark') { + body.push(':rotating_light::rotating_light::rotating_light:') + body.push([ + '@npm/cli-team: The post-release workflow failed for this release.', + 'Manual steps may need to be taken after examining the workflow output.' + ].join(' ')) + body.push(':rotating_light::rotating_light::rotating_light:') } + return body.join('\n\n').trim() + - name: Update Release PR Comment + if: steps.comment-text.outputs.result + uses: peter-evans/create-or-update-comment@v3 + with: + comment-id: ${{ steps.found-comment.outputs.comment-id }} + body: ${{ steps.comment-text.outputs.result }} + edit-mode: 'replace' diff --git a/.gitignore b/.gitignore index 00bdaf2b..1bcc5e25 100644 --- a/.gitignore +++ b/.gitignore @@ -2,6 +2,8 @@ # ignore everything in the root /* +# transient test directories +tap-testdir*/ # keep these !**/.gitignore @@ -34,3 +36,4 @@ !/SECURITY.md !/tap-snapshots/ !/test/ +!/tsconfig.json diff --git a/package.json b/package.json index 1b24b1bb..8cef5996 100644 --- a/package.json +++ b/package.json @@ -6,7 +6,7 @@ "scripts": { "test": "tap", "snap": "tap", - "lint": "eslint \"**/*.js\"", + "lint": "eslint \"**/*.{js,cjs,ts,mjs,jsx,tsx}\"", "postlint": "template-oss-check", "lintfix": "npm run lint -- --fix", "posttest": "npm run lint", @@ -14,7 +14,7 @@ }, "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.21.0", + "@npmcli/template-oss": "4.21.1", "tap": "^16.0.0" }, "license": "ISC", @@ -53,7 +53,7 @@ "author": "GitHub Inc.", "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.19.0", + "version": "4.21.0", "engines": ">=10", "distPaths": [ "classes/", diff --git a/release-please-config.json b/release-please-config.json index 73d1e353..bba7c6d8 100644 --- a/release-please-config.json +++ b/release-please-config.json @@ -1,5 +1,4 @@ { - "exclude-packages-from-root": true, "group-pull-request-title-pattern": "chore: release ${version}", "pull-request-title-pattern": "chore: release${component} ${version}", "changelog-sections": [ @@ -25,12 +24,14 @@ }, { "type": "chore", - "hidden": true + "section": "Chores", + "hidden": false } ], "packages": { ".": { "package-name": "" } - } + }, + "prerelease-type": "pre" } From e521932f115a81030f4e7c34e8631cdd3c6a108b Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Mon, 4 Dec 2023 12:17:12 -0700 Subject: [PATCH 11/32] chore: postinstall for dependabot template-oss PR --- .github/actions/install-latest-npm/action.yml | 1 + package.json | 2 +- release-please-config.json | 15 ++++++++++----- 3 files changed, 12 insertions(+), 6 deletions(-) diff --git a/.github/actions/install-latest-npm/action.yml b/.github/actions/install-latest-npm/action.yml index f2e86c84..8339dbf0 100644 --- a/.github/actions/install-latest-npm/action.yml +++ b/.github/actions/install-latest-npm/action.yml @@ -29,6 +29,7 @@ runs: shell: bash env: NODE_VERSION: ${{ inputs.node }} + working-directory: ${{ runner.temp }} run: | MATCH="" SPECS=("latest" "next-10" "next-9" "next-8" "next-7" "next-6") diff --git a/package.json b/package.json index 8cef5996..1d725cfd 100644 --- a/package.json +++ b/package.json @@ -53,7 +53,7 @@ "author": "GitHub Inc.", "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.21.0", + "version": "4.21.1", "engines": ">=10", "distPaths": [ "classes/", diff --git a/release-please-config.json b/release-please-config.json index bba7c6d8..a14c88c0 100644 --- a/release-please-config.json +++ b/release-please-config.json @@ -5,27 +5,32 @@ { "type": "feat", "section": "Features", - "hidden": false + "hidden": false, + "collapse": false }, { "type": "fix", "section": "Bug Fixes", - "hidden": false + "hidden": false, + "collapse": false }, { "type": "docs", "section": "Documentation", - "hidden": false + "hidden": false, + "collapse": false }, { "type": "deps", "section": "Dependencies", - "hidden": false + "hidden": false, + "collapse": false }, { "type": "chore", "section": "Chores", - "hidden": false + "hidden": false, + "collapse": true } ], "packages": { From 0bd24d943cbd1a7f6a2b8d384590bfa98559e1de Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 7 Dec 2023 06:52:00 +0000 Subject: [PATCH 12/32] chore: bump @npmcli/template-oss from 4.21.1 to 4.21.3 Bumps [@npmcli/template-oss](https://github.com/npm/template-oss) from 4.21.1 to 4.21.3. - [Release notes](https://github.com/npm/template-oss/releases) - [Changelog](https://github.com/npm/template-oss/blob/main/CHANGELOG.md) - [Commits](https://github.com/npm/template-oss/compare/v4.21.1...v4.21.3) --- updated-dependencies: - dependency-name: "@npmcli/template-oss" dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 1d725cfd..e95dbc2b 100644 --- a/package.json +++ b/package.json @@ -14,7 +14,7 @@ }, "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.21.1", + "@npmcli/template-oss": "4.21.3", "tap": "^16.0.0" }, "license": "ISC", From 816c7b2cbfcb1986958a290f941eddfd0441139e Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Thu, 7 Dec 2023 08:55:02 -0700 Subject: [PATCH 13/32] chore: postinstall for dependabot template-oss PR --- .github/dependabot.yml | 3 +++ package.json | 2 +- release-please-config.json | 2 +- 3 files changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 72a05a86..d735ccf2 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -16,6 +16,7 @@ updates: prefix-development: chore labels: - "Dependencies" + open-pull-requests-limit: 10 - package-ecosystem: npm directory: / schedule: @@ -32,6 +33,7 @@ updates: - "Dependencies" - "Backport" - "release/v5" + open-pull-requests-limit: 10 - package-ecosystem: npm directory: / schedule: @@ -48,3 +50,4 @@ updates: - "Dependencies" - "Backport" - "release/v6" + open-pull-requests-limit: 10 diff --git a/package.json b/package.json index e95dbc2b..5d9ebb9d 100644 --- a/package.json +++ b/package.json @@ -53,7 +53,7 @@ "author": "GitHub Inc.", "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.21.1", + "version": "4.21.3", "engines": ">=10", "distPaths": [ "classes/", diff --git a/release-please-config.json b/release-please-config.json index a14c88c0..559ef7d8 100644 --- a/release-please-config.json +++ b/release-please-config.json @@ -30,7 +30,7 @@ "type": "chore", "section": "Chores", "hidden": false, - "collapse": true + "collapse": false } ], "packages": { From a7ab13a46201e342d34e84a989632b380f755baf Mon Sep 17 00:00:00 2001 From: madtisa <97251780+madtisa@users.noreply.github.com> Date: Thu, 1 Feb 2024 01:11:54 +0300 Subject: [PATCH 14/32] feat: preserve pre-release and build parts of a version on coerce (#671) # What / Why Introduces the new coerce option `includePrerelease`, if set, allowing to preserve pre-release and build parts of a version. ## References Fixes #592 Fixes #357 --------- Co-authored-by: madtisa Co-authored-by: Gar --- README.md | 4 ++++ functions/coerce.js | 18 +++++++++++++----- internal/re.js | 9 +++++++-- test/functions/coerce.js | 38 ++++++++++++++++++++++++++++++++++++-- 4 files changed, 60 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index f7348a08..a9d3a278 100644 --- a/README.md +++ b/README.md @@ -529,6 +529,10 @@ tuple. For example, `1.2.3.4` will return `2.3.4` in rtl mode, not `4.0.0`. `1.2.3/4` will return `4.0.0`, because the `4` is not a part of any other overlapping SemVer tuple. +If the `options.includePrerelease` flag is set, then the `coerce` result will contain +prerelease and build parts of a version. For example, `1.2.3.4-rc.1+rev.2` +will preserve prerelease `rc.1` and build `rev.2` in the result. + ### Clean * `clean(version)`: Clean a string to be a valid semver if possible diff --git a/functions/coerce.js b/functions/coerce.js index febbff9c..b378dcea 100644 --- a/functions/coerce.js +++ b/functions/coerce.js @@ -19,34 +19,42 @@ const coerce = (version, options) => { let match = null if (!options.rtl) { - match = version.match(re[t.COERCE]) + match = version.match(options.includePrerelease ? re[t.COERCEFULL] : re[t.COERCE]) } else { // Find the right-most coercible string that does not share // a terminus with a more left-ward coercible string. // Eg, '1.2.3.4' wants to coerce '2.3.4', not '3.4' or '4' + // With includePrerelease option set, '1.2.3.4-rc' wants to coerce '2.3.4-rc', not '2.3.4' // // Walk through the string checking with a /g regexp // Manually set the index so as to pick up overlapping matches. // Stop when we get a match that ends at the string end, since no // coercible string can be more right-ward without the same terminus. + const coerceRtlRegex = options.includePrerelease ? re[t.COERCERTLFULL] : re[t.COERCERTL] let next - while ((next = re[t.COERCERTL].exec(version)) && + while ((next = coerceRtlRegex.exec(version)) && (!match || match.index + match[0].length !== version.length) ) { if (!match || next.index + next[0].length !== match.index + match[0].length) { match = next } - re[t.COERCERTL].lastIndex = next.index + next[1].length + next[2].length + coerceRtlRegex.lastIndex = next.index + next[1].length + next[2].length } // leave it in a clean state - re[t.COERCERTL].lastIndex = -1 + coerceRtlRegex.lastIndex = -1 } if (match === null) { return null } - return parse(`${match[2]}.${match[3] || '0'}.${match[4] || '0'}`, options) + const major = match[2] + const minor = match[3] || '0' + const patch = match[4] || '0' + const prerelease = options.includePrerelease && match[5] ? `-${match[5]}` : '' + const build = options.includePrerelease && match[6] ? `+${match[6]}` : '' + + return parse(`${major}.${minor}.${patch}${prerelease}${build}`, options) } module.exports = coerce diff --git a/internal/re.js b/internal/re.js index 21150b3e..fd8920e7 100644 --- a/internal/re.js +++ b/internal/re.js @@ -154,12 +154,17 @@ createToken('XRANGELOOSE', `^${src[t.GTLT]}\\s*${src[t.XRANGEPLAINLOOSE]}$`) // Coercion. // Extract anything that could conceivably be a part of a valid semver -createToken('COERCE', `${'(^|[^\\d])' + +createToken('COERCEPLAIN', `${'(^|[^\\d])' + '(\\d{1,'}${MAX_SAFE_COMPONENT_LENGTH}})` + `(?:\\.(\\d{1,${MAX_SAFE_COMPONENT_LENGTH}}))?` + - `(?:\\.(\\d{1,${MAX_SAFE_COMPONENT_LENGTH}}))?` + + `(?:\\.(\\d{1,${MAX_SAFE_COMPONENT_LENGTH}}))?`) +createToken('COERCE', `${src[t.COERCEPLAIN]}(?:$|[^\\d])`) +createToken('COERCEFULL', src[t.COERCEPLAIN] + + `(?:${src[t.PRERELEASE]})?` + + `(?:${src[t.BUILD]})?` + `(?:$|[^\\d])`) createToken('COERCERTL', src[t.COERCE], true) +createToken('COERCERTLFULL', src[t.COERCEFULL], true) // Tilde ranges. // Meaning is "reasonably at or greater than" diff --git a/test/functions/coerce.js b/test/functions/coerce.js index ad9f199f..24e2ff76 100644 --- a/test/functions/coerce.js +++ b/test/functions/coerce.js @@ -110,13 +110,47 @@ test('coerce tests', (t) => { ['1.2.3/6', '6.0.0', { rtl: true }], ['1.2.3.4', '2.3.4', { rtl: true }], ['1.2.3.4xyz', '2.3.4', { rtl: true }], + + ['1-rc.5', '1.0.0-rc.5', { includePrerelease: true }], + ['1.2-rc.5', '1.2.0-rc.5', { includePrerelease: true }], + ['1.2.3-rc.5', '1.2.3-rc.5', { includePrerelease: true }], + ['1.2.3-rc.5/a', '1.2.3-rc.5', { includePrerelease: true }], + ['1.2.3.4-rc.5', '1.2.3', { includePrerelease: true }], + ['1.2.3.4+rev.6', '1.2.3', { includePrerelease: true }], + + ['1+rev.6', '1.0.0+rev.6', { includePrerelease: true }], + ['1.2+rev.6', '1.2.0+rev.6', { includePrerelease: true }], + ['1.2.3+rev.6', '1.2.3+rev.6', { includePrerelease: true }], + ['1.2.3+rev.6/a', '1.2.3+rev.6', { includePrerelease: true }], + ['1.2.3.4-rc.5', '1.2.3', { includePrerelease: true }], + ['1.2.3.4+rev.6', '1.2.3', { includePrerelease: true }], + + ['1-rc.5+rev.6', '1.0.0-rc.5+rev.6', { includePrerelease: true }], + ['1.2-rc.5+rev.6', '1.2.0-rc.5+rev.6', { includePrerelease: true }], + ['1.2.3-rc.5+rev.6', '1.2.3-rc.5+rev.6', { includePrerelease: true }], + ['1.2.3-rc.5+rev.6/a', '1.2.3-rc.5+rev.6', { includePrerelease: true }], + + ['1.2-rc.5+rev.6', '1.2.0-rc.5+rev.6', { rtl: true, includePrerelease: true }], + ['1.2.3-rc.5+rev.6', '1.2.3-rc.5+rev.6', { rtl: true, includePrerelease: true }], + ['1.2.3.4-rc.5+rev.6', '2.3.4-rc.5+rev.6', { rtl: true, includePrerelease: true }], + ['1.2.3.4-rc.5', '2.3.4-rc.5', { rtl: true, includePrerelease: true }], + ['1.2.3.4+rev.6', '2.3.4+rev.6', { rtl: true, includePrerelease: true }], + ['1.2.3.4-rc.5+rev.6/7', '7.0.0', { rtl: true, includePrerelease: true }], + ['1.2.3.4-rc/7.5+rev.6', '7.5.0+rev.6', { rtl: true, includePrerelease: true }], + ['1.2.3.4/7-rc.5+rev.6', '7.0.0-rc.5+rev.6', { rtl: true, includePrerelease: true }], ] coerceToValid.forEach(([input, expected, options]) => { - const msg = `coerce(${input}) should become ${expected}` - t.same((coerce(input, options) || {}).version, expected, msg) + const coerceExpression = `coerce(${input}, ${JSON.stringify(options)})` + const coercedVersion = coerce(input, options) || {} + const expectedVersion = parse(expected) + t.equal(expectedVersion.compare(coercedVersion), 0, + `${coerceExpression} should be equal to ${expectedVersion}`) + t.equal(expectedVersion.compareBuild(coercedVersion), 0, + `${coerceExpression} build should be equal to ${expectedVersion}`) }) t.same(valid(coerce('42.6.7.9.3-alpha')), '42.6.7') + t.same(valid(coerce('42.6.7-alpha+rev.1', { includePrerelease: true })), '42.6.7-alpha') t.same(valid(coerce('v2')), '2.0.0') t.end() From 377f709718053a477ed717089c4403c4fec332a1 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 5 Feb 2024 09:03:38 -0800 Subject: [PATCH 15/32] chore: release 7.6.0 (#661) :robot: I have created a release *beep* *boop* --- ## [7.6.0](https://github.com/npm/node-semver/compare/v7.5.4...v7.6.0) (2024-01-31) ### Features * [`a7ab13a`](https://github.com/npm/node-semver/commit/a7ab13a46201e342d34e84a989632b380f755baf) [#671](https://github.com/npm/node-semver/pull/671) preserve pre-release and build parts of a version on coerce (#671) (@madtisa, madtisa, @wraithgar) ### Chores * [`816c7b2`](https://github.com/npm/node-semver/commit/816c7b2cbfcb1986958a290f941eddfd0441139e) [#667](https://github.com/npm/node-semver/pull/667) postinstall for dependabot template-oss PR (@lukekarrys) * [`0bd24d9`](https://github.com/npm/node-semver/commit/0bd24d943cbd1a7f6a2b8d384590bfa98559e1de) [#667](https://github.com/npm/node-semver/pull/667) bump @npmcli/template-oss from 4.21.1 to 4.21.3 (@dependabot[bot]) * [`e521932`](https://github.com/npm/node-semver/commit/e521932f115a81030f4e7c34e8631cdd3c6a108b) [#652](https://github.com/npm/node-semver/pull/652) postinstall for dependabot template-oss PR (@lukekarrys) * [`8873991`](https://github.com/npm/node-semver/commit/88739918080debeb239aae840b35c07436148e50) [#652](https://github.com/npm/node-semver/pull/652) chore: chore: postinstall for dependabot template-oss PR (@lukekarrys) * [`f317dc8`](https://github.com/npm/node-semver/commit/f317dc8689781bcfd98e2c32b46157276acdd47c) [#652](https://github.com/npm/node-semver/pull/652) bump @npmcli/template-oss from 4.19.0 to 4.21.0 (@dependabot[bot]) * [`7303db1`](https://github.com/npm/node-semver/commit/7303db1fe54d6905b23ccb0162878e37d73535ef) [#658](https://github.com/npm/node-semver/pull/658) add clean() test for build metadata (#658) (@jethrodaniel) * [`6240d75`](https://github.com/npm/node-semver/commit/6240d75a7c620b0a222f05969a91fdc3dc2be0fb) [#656](https://github.com/npm/node-semver/pull/656) add missing quotes in README.md (#656) (@zyxkad) * [`14d263f`](https://github.com/npm/node-semver/commit/14d263faa156e408a033b9b12a2f87735c2df42c) [#625](https://github.com/npm/node-semver/pull/625) postinstall for dependabot template-oss PR (@lukekarrys) * [`7c34e1a`](https://github.com/npm/node-semver/commit/7c34e1ac1bcc0bc6579b30745c96075c69bd0332) [#625](https://github.com/npm/node-semver/pull/625) bump @npmcli/template-oss from 4.18.1 to 4.19.0 (@dependabot[bot]) * [`123e0b0`](https://github.com/npm/node-semver/commit/123e0b03287e1af295ef82d55f55c16805596f35) [#622](https://github.com/npm/node-semver/pull/622) postinstall for dependabot template-oss PR (@lukekarrys) * [`737d5e1`](https://github.com/npm/node-semver/commit/737d5e1cf10e631bab8a28594aa2d5c9d4090814) [#622](https://github.com/npm/node-semver/pull/622) bump @npmcli/template-oss from 4.18.0 to 4.18.1 (@dependabot[bot]) * [`cce6180`](https://github.com/npm/node-semver/commit/cce61804ba6f997225a1267135c06676fe0524d2) [#598](https://github.com/npm/node-semver/pull/598) postinstall for dependabot template-oss PR (@lukekarrys) * [`b914a3d`](https://github.com/npm/node-semver/commit/b914a3d0d26ca27d2685053d7d390af4e02eedd9) [#598](https://github.com/npm/node-semver/pull/598) bump @npmcli/template-oss from 4.17.0 to 4.18.0 (@dependabot[bot]) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- .release-please-manifest.json | 2 +- CHANGELOG.md | 22 ++++++++++++++++++++++ package.json | 2 +- 3 files changed, 24 insertions(+), 2 deletions(-) diff --git a/.release-please-manifest.json b/.release-please-manifest.json index 92661b3b..4c4a46ef 100644 --- a/.release-please-manifest.json +++ b/.release-please-manifest.json @@ -1,3 +1,3 @@ { - ".": "7.5.4" + ".": "7.6.0" } diff --git a/CHANGELOG.md b/CHANGELOG.md index 232b63ed..451daa10 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,27 @@ # Changelog +## [7.6.0](https://github.com/npm/node-semver/compare/v7.5.4...v7.6.0) (2024-01-31) + +### Features + +* [`a7ab13a`](https://github.com/npm/node-semver/commit/a7ab13a46201e342d34e84a989632b380f755baf) [#671](https://github.com/npm/node-semver/pull/671) preserve pre-release and build parts of a version on coerce (#671) (@madtisa, madtisa, @wraithgar) + +### Chores + +* [`816c7b2`](https://github.com/npm/node-semver/commit/816c7b2cbfcb1986958a290f941eddfd0441139e) [#667](https://github.com/npm/node-semver/pull/667) postinstall for dependabot template-oss PR (@lukekarrys) +* [`0bd24d9`](https://github.com/npm/node-semver/commit/0bd24d943cbd1a7f6a2b8d384590bfa98559e1de) [#667](https://github.com/npm/node-semver/pull/667) bump @npmcli/template-oss from 4.21.1 to 4.21.3 (@dependabot[bot]) +* [`e521932`](https://github.com/npm/node-semver/commit/e521932f115a81030f4e7c34e8631cdd3c6a108b) [#652](https://github.com/npm/node-semver/pull/652) postinstall for dependabot template-oss PR (@lukekarrys) +* [`8873991`](https://github.com/npm/node-semver/commit/88739918080debeb239aae840b35c07436148e50) [#652](https://github.com/npm/node-semver/pull/652) chore: chore: postinstall for dependabot template-oss PR (@lukekarrys) +* [`f317dc8`](https://github.com/npm/node-semver/commit/f317dc8689781bcfd98e2c32b46157276acdd47c) [#652](https://github.com/npm/node-semver/pull/652) bump @npmcli/template-oss from 4.19.0 to 4.21.0 (@dependabot[bot]) +* [`7303db1`](https://github.com/npm/node-semver/commit/7303db1fe54d6905b23ccb0162878e37d73535ef) [#658](https://github.com/npm/node-semver/pull/658) add clean() test for build metadata (#658) (@jethrodaniel) +* [`6240d75`](https://github.com/npm/node-semver/commit/6240d75a7c620b0a222f05969a91fdc3dc2be0fb) [#656](https://github.com/npm/node-semver/pull/656) add missing quotes in README.md (#656) (@zyxkad) +* [`14d263f`](https://github.com/npm/node-semver/commit/14d263faa156e408a033b9b12a2f87735c2df42c) [#625](https://github.com/npm/node-semver/pull/625) postinstall for dependabot template-oss PR (@lukekarrys) +* [`7c34e1a`](https://github.com/npm/node-semver/commit/7c34e1ac1bcc0bc6579b30745c96075c69bd0332) [#625](https://github.com/npm/node-semver/pull/625) bump @npmcli/template-oss from 4.18.1 to 4.19.0 (@dependabot[bot]) +* [`123e0b0`](https://github.com/npm/node-semver/commit/123e0b03287e1af295ef82d55f55c16805596f35) [#622](https://github.com/npm/node-semver/pull/622) postinstall for dependabot template-oss PR (@lukekarrys) +* [`737d5e1`](https://github.com/npm/node-semver/commit/737d5e1cf10e631bab8a28594aa2d5c9d4090814) [#622](https://github.com/npm/node-semver/pull/622) bump @npmcli/template-oss from 4.18.0 to 4.18.1 (@dependabot[bot]) +* [`cce6180`](https://github.com/npm/node-semver/commit/cce61804ba6f997225a1267135c06676fe0524d2) [#598](https://github.com/npm/node-semver/pull/598) postinstall for dependabot template-oss PR (@lukekarrys) +* [`b914a3d`](https://github.com/npm/node-semver/commit/b914a3d0d26ca27d2685053d7d390af4e02eedd9) [#598](https://github.com/npm/node-semver/pull/598) bump @npmcli/template-oss from 4.17.0 to 4.18.0 (@dependabot[bot]) + ## [7.5.4](https://github.com/npm/node-semver/compare/v7.5.3...v7.5.4) (2023-07-07) ### Bug Fixes diff --git a/package.json b/package.json index 5d9ebb9d..f00c6bdd 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "semver", - "version": "7.5.4", + "version": "7.6.0", "description": "The semantic version parser used by npm.", "main": "index.js", "scripts": { From ac9b35769ab0ddfefd5a3af4a3ecaf3da2012352 Mon Sep 17 00:00:00 2001 From: Marc Bernard <59966492+mbtools@users.noreply.github.com> Date: Wed, 7 Feb 2024 19:05:22 +0100 Subject: [PATCH 16/32] fix: typo in compareBuild debug message (#682) Correcting the debug message in `compareBuild` --- classes/semver.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/classes/semver.js b/classes/semver.js index 84e84590..13e66ce4 100644 --- a/classes/semver.js +++ b/classes/semver.js @@ -158,7 +158,7 @@ class SemVer { do { const a = this.build[i] const b = other.build[i] - debug('prerelease compare', i, a, b) + debug('build compare', i, a, b) if (a === undefined && b === undefined) { return 0 } else if (b === undefined) { From 692451bd6f75b38a71a99f39da405c94a5954a22 Mon Sep 17 00:00:00 2001 From: Marc Bernard <59966492+mbtools@users.noreply.github.com> Date: Wed, 20 Mar 2024 15:58:54 +0100 Subject: [PATCH 17/32] chore: various improvements to README (#688) --- README.md | 75 ++++++++++++++++++++++++++++++++----------------------- 1 file changed, 44 insertions(+), 31 deletions(-) diff --git a/README.md b/README.md index a9d3a278..673e9c35 100644 --- a/README.md +++ b/README.md @@ -25,7 +25,7 @@ semver.valid(semver.coerce('v2')) // '2.0.0' semver.valid(semver.coerce('42.6.7.9.3-alpha')) // '42.6.7' ``` -You can also just load the module for the function that you care about, if +You can also just load the module for the function that you care about if you'd like to minimize your footprint. ```js @@ -78,8 +78,8 @@ const semverOutside = require('semver/ranges/outside') const semverGtr = require('semver/ranges/gtr') const semverLtr = require('semver/ranges/ltr') const semverIntersects = require('semver/ranges/intersects') -const simplifyRange = require('semver/ranges/simplify') -const rangeSubset = require('semver/ranges/subset') +const semverSimplifyRange = require('semver/ranges/simplify') +const semverRangeSubset = require('semver/ranges/subset') ``` As a command-line utility: @@ -144,7 +144,7 @@ A leading `"="` or `"v"` character is stripped off and ignored. ## Ranges -A `version range` is a set of `comparators` which specify versions +A `version range` is a set of `comparators` that specify versions that satisfy the range. A `comparator` is composed of an `operator` and a `version`. The set @@ -155,7 +155,7 @@ of primitive `operators` is: * `>` Greater than * `>=` Greater than or equal to * `=` Equal. If no operator is specified, then equality is assumed, - so this operator is optional, but MAY be included. + so this operator is optional but MAY be included. For example, the comparator `>=1.2.7` would match the versions `1.2.7`, `1.2.8`, `2.5.3`, and `1.3.9`, but not the versions `1.2.6` @@ -189,26 +189,26 @@ For example, the range `>1.2.3-alpha.3` would be allowed to match the version `1.2.3-alpha.7`, but it would *not* be satisfied by `3.4.5-alpha.9`, even though `3.4.5-alpha.9` is technically "greater than" `1.2.3-alpha.3` according to the SemVer sort rules. The version -range only accepts prerelease tags on the `1.2.3` version. The -version `3.4.5` *would* satisfy the range, because it does not have a +range only accepts prerelease tags on the `1.2.3` version. +Version `3.4.5` *would* satisfy the range because it does not have a prerelease flag, and `3.4.5` is greater than `1.2.3-alpha.7`. -The purpose for this behavior is twofold. First, prerelease versions +The purpose of this behavior is twofold. First, prerelease versions frequently are updated very quickly, and contain many breaking changes that are (by the author's design) not yet fit for public consumption. -Therefore, by default, they are excluded from range matching +Therefore, by default, they are excluded from range-matching semantics. Second, a user who has opted into using a prerelease version has -clearly indicated the intent to use *that specific* set of +indicated the intent to use *that specific* set of alpha/beta/rc versions. By including a prerelease tag in the range, the user is indicating that they are aware of the risk. However, it is still not appropriate to assume that they have opted into taking a similar risk on the *next* set of prerelease versions. Note that this behavior can be suppressed (treating all prerelease -versions as if they were normal versions, for the purpose of range -matching) by setting the `includePrerelease` flag on the options +versions as if they were normal versions, for range-matching) +by setting the `includePrerelease` flag on the options object to any [functions](https://github.com/npm/node-semver#functions) that do range matching. @@ -401,12 +401,12 @@ All methods and classes take a final `options` object argument. All options in this object are `false` by default. The options supported are: -- `loose` Be more forgiving about not-quite-valid semver strings. +- `loose`: Be more forgiving about not-quite-valid semver strings. (Any resulting output will always be 100% strict compliant, of course.) For backwards compatibility reasons, if the `options` argument is a boolean value instead of an object, it is interpreted to be the `loose` param. -- `includePrerelease` Set to suppress the [default +- `includePrerelease`: Set to suppress the [default behavior](https://github.com/npm/node-semver#prerelease-tags) of excluding prerelease tagged versions from ranges unless they are explicitly opted into. @@ -415,16 +415,20 @@ Strict-mode Comparators and Ranges will be strict about the SemVer strings that they parse. * `valid(v)`: Return the parsed version, or null if it's not valid. -* `inc(v, release)`: Return the version incremented by the release - type (`major`, `premajor`, `minor`, `preminor`, `patch`, +* `inc(v, release, options, identifier, identifierBase)`: + Return the version incremented by the release + type (`major`, `premajor`, `minor`, `preminor`, `patch`, `prepatch`, or `prerelease`), or null if it's not valid * `premajor` in one call will bump the version up to the next major version and down to a prerelease of that major version. `preminor`, and `prepatch` work the same way. - * If called from a non-prerelease version, the `prerelease` will work the - same as `prepatch`. It increments the patch version, then makes a + * If called from a non-prerelease version, `prerelease` will work the + same as `prepatch`. It increments the patch version and then makes a prerelease. If the input version is already a prerelease it simply increments it. + * `identifier` can be used to prefix `premajor`, `preminor`, + `prepatch`, or `prerelease` version increments. `identifierBase` + is the base to be used for the `prerelease` identifier. * `prerelease(v)`: Returns an array of prerelease components, or null if none exist. Example: `prerelease('1.2.3-alpha.1') -> ['alpha', 1]` * `major(v)`: Return the major version number. @@ -442,7 +446,7 @@ strings that they parse. * `lt(v1, v2)`: `v1 < v2` * `lte(v1, v2)`: `v1 <= v2` * `eq(v1, v2)`: `v1 == v2` This is true if they're logically equivalent, - even if they're not the exact same string. You already know how to + even if they're not the same string. You already know how to compare strings. * `neq(v1, v2)`: `v1 != v2` The opposite of `eq`. * `cmp(v1, comparator, v2)`: Pass in a comparison string, and it'll call @@ -451,15 +455,22 @@ strings that they parse. invalid comparison string is provided. * `compare(v1, v2)`: Return `0` if `v1 == v2`, or `1` if `v1` is greater, or `-1` if `v2` is greater. Sorts in ascending order if passed to `Array.sort()`. -* `rcompare(v1, v2)`: The reverse of compare. Sorts an array of versions +* `rcompare(v1, v2)`: The reverse of `compare`. Sorts an array of versions in descending order when passed to `Array.sort()`. * `compareBuild(v1, v2)`: The same as `compare` but considers `build` when two versions are equal. Sorts in ascending order if passed to `Array.sort()`. - `v2` is greater. Sorts in ascending order if passed to `Array.sort()`. -* `diff(v1, v2)`: Returns difference between two versions by the release type +* `compareLoose(v1, v2)`: Short for ``compare(v1, v2, { loose: true })`. +* `diff(v1, v2)`: Returns the difference between two versions by the release type (`major`, `premajor`, `minor`, `preminor`, `patch`, `prepatch`, or `prerelease`), or null if the versions are the same. +### Sorting + +* `sort(versions)`: Returns a sorted array of versions based on the `compareBuild` + function. +* `rsort(versions)`: The reverse of `sort`. Returns an array of versions based on + the `compareBuild` function in descending order. + ### Comparators * `intersects(comparator)`: Return true if the comparators intersect @@ -473,19 +484,19 @@ strings that they parse. that satisfies the range, or `null` if none of them do. * `minSatisfying(versions, range)`: Return the lowest version in the list that satisfies the range, or `null` if none of them do. -* `minVersion(range)`: Return the lowest version that can possibly match +* `minVersion(range)`: Return the lowest version that can match the given range. -* `gtr(version, range)`: Return `true` if version is greater than all the +* `gtr(version, range)`: Return `true` if the version is greater than all the versions possible in the range. -* `ltr(version, range)`: Return `true` if version is less than all the +* `ltr(version, range)`: Return `true` if the version is less than all the versions possible in the range. * `outside(version, range, hilo)`: Return true if the version is outside the bounds of the range in either the high or low direction. The `hilo` argument must be either the string `'>'` or `'<'`. (This is the function called by `gtr` and `ltr`.) -* `intersects(range)`: Return true if any of the ranges comparators intersect +* `intersects(range)`: Return true if any of the range comparators intersect. * `simplifyRange(versions, range)`: Return a "simplified" range that - matches the same items in `versions` list as the range specified. Note + matches the same items in the `versions` list as the range specified. Note that it does *not* guarantee that it would match the same versions in all cases, only for the set of versions provided. This is useful when generating ranges by joining together multiple versions with `||` @@ -498,7 +509,7 @@ strings that they parse. Note that, since ranges may be non-contiguous, a version might not be greater than a range, less than a range, *or* satisfy a range! For example, the range `1.2 <1.2.9 || >2.0.0` would have a hole from `1.2.9` -until `2.0.0`, so the version `1.2.10` would not be greater than the +until `2.0.0`, so version `1.2.10` would not be greater than the range (because `2.0.1` satisfies, which is higher), nor less than the range (since `1.2.8` satisfies, which is lower), and it also does not satisfy the range. @@ -511,13 +522,13 @@ range, use the `satisfies(version, range)` function. * `coerce(version, options)`: Coerces a string to semver if possible This aims to provide a very forgiving translation of a non-semver string to -semver. It looks for the first digit in a string, and consumes all +semver. It looks for the first digit in a string and consumes all remaining characters which satisfy at least a partial semver (e.g., `1`, `1.2`, `1.2.3`) up to the max permitted length (256 characters). Longer versions are simply truncated (`4.6.3.9.2-alpha2` becomes `4.6.3`). All surrounding text is simply ignored (`v3.4 replaces v3.3.1` becomes `3.4.0`). Only text which lacks digits will fail coercion (`version one` -is not valid). The maximum length for any semver component considered for +is not valid). The maximum length for any semver component considered for coercion is 16 characters; longer components will be ignored (`10000000000000000.4.7.4` becomes `4.7.4`). The maximum value for any semver component is `Number.MAX_SAFE_INTEGER || (2**53 - 1)`; higher value @@ -593,7 +604,7 @@ eg), and then pull the module name into the documentation for that specific thing. --> -You may pull in just the part of this semver utility that you need, if you +You may pull in just the part of this semver utility that you need if you are sensitive to packing and tree-shaking concerns. The main `require('semver')` export uses getter functions to lazily load the parts of the API that are used. @@ -636,6 +647,8 @@ The following modules are available: * `require('semver/ranges/min-satisfying')` * `require('semver/ranges/min-version')` * `require('semver/ranges/outside')` +* `require('semver/ranges/simplify')` +* `require('semver/ranges/subset')` * `require('semver/ranges/to-comparators')` * `require('semver/ranges/valid')` From b236c3d2f357a16a733c96ec2ca8c57848b70091 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vinicius=20Louren=C3=A7o?= <12551007+H4ad@users.noreply.github.com> Date: Sun, 7 Apr 2024 19:03:04 -0300 Subject: [PATCH 18/32] chore: add benchmarks (#696) I had these benchmarks from the last time I did some perf research in this repo, so I thought maybe it was a good idea to have them in the repo itself, so other people can use them and you guys can verify if the perf is still good or you had any regression. --- .gitignore | 1 + benchmarks/bench-compare.js | 48 +++++++++++++++++++++++++++++++ benchmarks/bench-diff.js | 21 ++++++++++++++ benchmarks/bench-parse-options.js | 33 +++++++++++++++++++++ benchmarks/bench-parse.js | 25 ++++++++++++++++ benchmarks/bench-satisfies.js | 39 +++++++++++++++++++++++++ benchmarks/bench-subset.js | 25 ++++++++++++++++ package.json | 4 ++- 8 files changed, 195 insertions(+), 1 deletion(-) create mode 100644 benchmarks/bench-compare.js create mode 100644 benchmarks/bench-diff.js create mode 100644 benchmarks/bench-parse-options.js create mode 100644 benchmarks/bench-parse.js create mode 100644 benchmarks/bench-satisfies.js create mode 100644 benchmarks/bench-subset.js diff --git a/.gitignore b/.gitignore index 1bcc5e25..ff56062c 100644 --- a/.gitignore +++ b/.gitignore @@ -14,6 +14,7 @@ tap-testdir*/ !/.gitignore !/.npmrc !/.release-please-manifest.json +!/benchmarks !/bin/ !/CHANGELOG* !/classes/ diff --git a/benchmarks/bench-compare.js b/benchmarks/bench-compare.js new file mode 100644 index 00000000..2dfc0900 --- /dev/null +++ b/benchmarks/bench-compare.js @@ -0,0 +1,48 @@ +const Benchmark = require('benchmark') +const SemVer = require('../classes/semver') +const suite = new Benchmark.Suite() + +const versions = ['1.0.3', '2.2.2', '2.3.0'] +const versionToCompare = '1.0.2' +const option1 = { includePrelease: true } +const option2 = { includePrelease: true, loose: true } +const option3 = { includePrelease: true, loose: true, rtl: true } + +for (const version of versions) { + suite.add(`compare ${version} to ${versionToCompare}`, function () { + const semver = new SemVer(version) + semver.compare(versionToCompare) + }) +} + +for (const version of versions) { + suite.add( + `compare ${version} to ${versionToCompare} with option (${JSON.stringify(option1)})`, + function () { + const semver = new SemVer(version, option1) + semver.compare(versionToCompare) + }) +} + +for (const version of versions) { + suite.add(`compare ${version} to ${versionToCompare} with option (${JSON.stringify(option2)})`, + function () { + const semver = new SemVer(version, option2) + semver.compare(versionToCompare) + }) +} + +for (const version of versions) { + suite.add( + `compare ${version} to ${versionToCompare} with option (${JSON.stringify(option3)})`, + function () { + const semver = new SemVer(version, option3) + semver.compare(versionToCompare) + }) +} + +suite + .on('cycle', function (event) { + console.log(String(event.target)) + }) + .run({ async: false }) diff --git a/benchmarks/bench-diff.js b/benchmarks/bench-diff.js new file mode 100644 index 00000000..97d74441 --- /dev/null +++ b/benchmarks/bench-diff.js @@ -0,0 +1,21 @@ +const Benchmark = require('benchmark') +const diff = require('../functions/diff') +const suite = new Benchmark.Suite() + +const cases = [ + ['0.0.1', '0.0.1-pre', 'patch'], + ['0.0.1', '0.0.1-pre-2', 'patch'], + ['1.1.0', '1.1.0-pre', 'minor'], +] + +for (const [v1, v2] of cases) { + suite.add(`diff(${v1}, ${v2})`, function () { + diff(v1, v2) + }) +} + +suite + .on('cycle', function (event) { + console.log(String(event.target)) + }) + .run({ async: false }) diff --git a/benchmarks/bench-parse-options.js b/benchmarks/bench-parse-options.js new file mode 100644 index 00000000..41ab232c --- /dev/null +++ b/benchmarks/bench-parse-options.js @@ -0,0 +1,33 @@ +const Benchmark = require('benchmark') +const parseOptions = require('../internal/parse-options') +const suite = new Benchmark.Suite() + +const options1 = { + includePrerelease: true, +} + +const options2 = { + includePrerelease: true, + loose: true, +} + +const options3 = { + includePrerelease: true, + loose: true, + rtl: false, +} + +suite + .add('includePrerelease', function () { + parseOptions(options1) + }) + .add('includePrerelease + loose', function () { + parseOptions(options2) + }) + .add('includePrerelease + loose + rtl', function () { + parseOptions(options3) + }) + .on('cycle', function (event) { + console.log(String(event.target)) + }) + .run({ async: false }) diff --git a/benchmarks/bench-parse.js b/benchmarks/bench-parse.js new file mode 100644 index 00000000..e4180c44 --- /dev/null +++ b/benchmarks/bench-parse.js @@ -0,0 +1,25 @@ +const Benchmark = require('benchmark') +const parse = require('../functions/parse') +const { MAX_SAFE_INTEGER } = require('../internal/constants') +const suite = new Benchmark.Suite() + +const cases = ['1.2.1', '1.2.2-4', '1.2.3-pre'] +const invalidCases = [`${MAX_SAFE_INTEGER}0.0.0`, 'hello, world', 'xyz'] + +for (const test of cases) { + suite.add(`parse(${test})`, function () { + parse(test) + }) +} + +for (const test of invalidCases) { + suite.add(`invalid parse(${test})`, function () { + parse(test) + }) +} + +suite + .on('cycle', function (event) { + console.log(String(event.target)) + }) + .run({ async: false }) diff --git a/benchmarks/bench-satisfies.js b/benchmarks/bench-satisfies.js new file mode 100644 index 00000000..a95a2c30 --- /dev/null +++ b/benchmarks/bench-satisfies.js @@ -0,0 +1,39 @@ +const Benchmark = require('benchmark') +const satisfies = require('../functions/satisfies') +const suite = new Benchmark.Suite() + +const versions = ['1.0.3||^2.0.0', '2.2.2||~3.0.0', '2.3.0||<4.0.0'] +const versionToCompare = '1.0.6' +const option1 = { includePrelease: true } +const option2 = { includePrelease: true, loose: true } +const option3 = { includePrelease: true, loose: true, rtl: true } + +for (const version of versions) { + suite.add(`satisfies(${versionToCompare}, ${version})`, function () { + satisfies(versionToCompare, version) + }) +} + +for (const version of versions) { + suite.add(`satisfies(${versionToCompare}, ${version}, ${JSON.stringify(option1)})`, function () { + satisfies(versionToCompare, version, option1) + }) +} + +for (const version of versions) { + suite.add(`satisfies(${versionToCompare}, ${version}, ${JSON.stringify(option2)})`, function () { + satisfies(versionToCompare, version, option2) + }) +} + +for (const version of versions) { + suite.add(`satisfies(${versionToCompare}, ${version}, ${JSON.stringify(option3)})`, function () { + satisfies(versionToCompare, version, option3) + }) +} + +suite + .on('cycle', function (event) { + console.log(String(event.target)) + }) + .run({ async: false }) diff --git a/benchmarks/bench-subset.js b/benchmarks/bench-subset.js new file mode 100644 index 00000000..f8825fae --- /dev/null +++ b/benchmarks/bench-subset.js @@ -0,0 +1,25 @@ +const Benchmark = require('benchmark') +const subset = require('../ranges/subset') +const suite = new Benchmark.Suite() + +// taken from tests +const cases = [ + // everything is a subset of * + ['1.2.3', '*', true], + ['^1.2.3', '*', true], + ['^1.2.3-pre.0', '*', false], + ['^1.2.3-pre.0', '*', true, { includePrerelease: true }], + ['1 || 2 || 3', '*', true], +] + +for (const [sub, dom] of cases) { + suite.add(`subset(${sub}, ${dom})`, function () { + subset(sub, dom) + }) +} + +suite + .on('cycle', function (event) { + console.log(String(event.target)) + }) + .run({ async: false }) diff --git a/package.json b/package.json index f00c6bdd..bec6c7df 100644 --- a/package.json +++ b/package.json @@ -15,6 +15,7 @@ "devDependencies": { "@npmcli/eslint-config": "^4.0.0", "@npmcli/template-oss": "4.21.3", + "benchmark": "^2.1.4", "tap": "^16.0.0" }, "license": "ISC", @@ -71,7 +72,8 @@ "/ranges/", "/index.js", "/preload.js", - "/range.bnf" + "/range.bnf", + "/benchmarks" ], "publish": "true" } From 074156f64fa91723fe1ae6af8cc497014b9b7aff Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 16 Apr 2024 06:45:33 +0000 Subject: [PATCH 19/32] chore: bump @npmcli/template-oss from 4.21.3 to 4.21.4 Bumps [@npmcli/template-oss](https://github.com/npm/template-oss) from 4.21.3 to 4.21.4. - [Release notes](https://github.com/npm/template-oss/releases) - [Changelog](https://github.com/npm/template-oss/blob/main/CHANGELOG.md) - [Commits](https://github.com/npm/template-oss/compare/v4.21.3...v4.21.4) --- updated-dependencies: - dependency-name: @npmcli/template-oss dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index bec6c7df..67c1e86a 100644 --- a/package.json +++ b/package.json @@ -14,7 +14,7 @@ }, "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.21.3", + "@npmcli/template-oss": "4.21.4", "benchmark": "^2.1.4", "tap": "^16.0.0" }, From ec49cdcece9db0020d6829b246681ff65a393644 Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Sat, 20 Apr 2024 15:07:19 -0700 Subject: [PATCH 20/32] chore: chore: chore: postinstall for dependabot template-oss PR --- .commitlintrc.js | 3 ++- .github/workflows/release-integration.yml | 3 ++- package.json | 2 +- 3 files changed, 5 insertions(+), 3 deletions(-) diff --git a/.commitlintrc.js b/.commitlintrc.js index 5b0b1a52..e9c80b92 100644 --- a/.commitlintrc.js +++ b/.commitlintrc.js @@ -5,6 +5,7 @@ module.exports = { rules: { 'type-enum': [2, 'always', ['feat', 'fix', 'docs', 'deps', 'chore']], 'header-max-length': [2, 'always', 80], - 'subject-case': [0, 'always', ['lower-case', 'sentence-case', 'start-case']], + 'subject-case': [0], + 'body-max-line-length': [0], }, } diff --git a/.github/workflows/release-integration.yml b/.github/workflows/release-integration.yml index 36637581..d986e4be 100644 --- a/.github/workflows/release-integration.yml +++ b/.github/workflows/release-integration.yml @@ -54,6 +54,7 @@ jobs: - name: Publish env: PUBLISH_TOKEN: ${{ secrets.PUBLISH_TOKEN }} + RELEASES: ${{ inputs.releases }} run: | EXIT_CODE=0 @@ -65,7 +66,7 @@ jobs: fi } - for release in $(echo '${{ inputs.releases }}' | jq -r '.[] | @base64'); do + for release in $(echo $RELEASES | jq -r '.[] | @base64'); do PUBLISH_TAG=$(echo "$release" | base64 --decode | jq -r .publishTag) STATUS=$(each_release "$PUBLISH_TAG") if [[ "$STATUS" -eq 1 ]]; then diff --git a/package.json b/package.json index 67c1e86a..147c328f 100644 --- a/package.json +++ b/package.json @@ -54,7 +54,7 @@ "author": "GitHub Inc.", "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.21.3", + "version": "4.21.4", "engines": ">=10", "distPaths": [ "classes/", From 3fabe4dbfbd199fdb589c076a7f30bc1f18c6614 Mon Sep 17 00:00:00 2001 From: Marc Bernard Date: Fri, 12 Apr 2024 08:42:30 +0200 Subject: [PATCH 21/32] deps: remove lru-cache --- package.json | 3 --- 1 file changed, 3 deletions(-) diff --git a/package.json b/package.json index 147c328f..0209284a 100644 --- a/package.json +++ b/package.json @@ -48,9 +48,6 @@ "engines": { "node": ">=10" }, - "dependencies": { - "lru-cache": "^6.0.0" - }, "author": "GitHub Inc.", "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", From ad8ff11dd200dac3a05097d9a82d1977ccfa1535 Mon Sep 17 00:00:00 2001 From: Marc Bernard Date: Thu, 11 Apr 2024 21:24:15 +0200 Subject: [PATCH 22/32] fix: use internal cache implementation This change removes the dependency on the `lru-cache` package. It is replaced by a comparable, but much simpler class in this package. --- classes/range.js | 4 ++-- internal/lrucache.js | 45 +++++++++++++++++++++++++++++++++++++++ package.json | 3 +++ test/classes/range.js | 10 +++++++++ test/internal/lrucache.js | 19 +++++++++++++++++ 5 files changed, 79 insertions(+), 2 deletions(-) create mode 100644 internal/lrucache.js create mode 100644 test/internal/lrucache.js diff --git a/classes/range.js b/classes/range.js index 7e7c4141..5ec7daf0 100644 --- a/classes/range.js +++ b/classes/range.js @@ -198,8 +198,8 @@ class Range { module.exports = Range -const LRU = require('lru-cache') -const cache = new LRU({ max: 1000 }) +const LRU = require('../internal/lrucache') +const cache = new LRU() const parseOptions = require('../internal/parse-options') const Comparator = require('./comparator') diff --git a/internal/lrucache.js b/internal/lrucache.js new file mode 100644 index 00000000..f4a97f2e --- /dev/null +++ b/internal/lrucache.js @@ -0,0 +1,45 @@ +class LRUCache { + constructor () { + this.max = 1000 + this.map = new Map() + } + + get (key) { + const value = this.map.get(key) + if (value === undefined) { + return undefined + } else { + // Remove the key from the map and add it to the end + this.map.delete(key) + this.map.set(key, value) + return value + } + } + + delete (key) { + if (this.map.has(key)) { + this.map.delete(key) + return true + } else { + return false + } + } + + set (key, value) { + const deleted = this.delete(key) + + if (!deleted && value !== undefined) { + // If cache is full, delete the least recently used item + if (this.map.size >= this.max) { + const firstKey = this.map.keys().next().value + this.delete(firstKey) + } + + this.map.set(key, value) + } + + return this + } +} + +module.exports = LRUCache diff --git a/package.json b/package.json index 0209284a..147c328f 100644 --- a/package.json +++ b/package.json @@ -48,6 +48,9 @@ "engines": { "node": ">=10" }, + "dependencies": { + "lru-cache": "^6.0.0" + }, "author": "GitHub Inc.", "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", diff --git a/test/classes/range.js b/test/classes/range.js index 24686adf..9547e23a 100644 --- a/test/classes/range.js +++ b/test/classes/range.js @@ -105,3 +105,13 @@ test('missing range parameter in range intersect', (t) => { 'throws type error') t.end() }) + +test('cache', (t) => { + const cached = Symbol('cached') + const r1 = new Range('1.0.0') + r1.set[0][cached] = true + const r2 = new Range('1.0.0') + t.equal(r1.set[0][cached], true) + t.equal(r2.set[0][cached], true) // Will be true, showing it's cached. + t.end() +}) diff --git a/test/internal/lrucache.js b/test/internal/lrucache.js new file mode 100644 index 00000000..83a0e797 --- /dev/null +++ b/test/internal/lrucache.js @@ -0,0 +1,19 @@ +const { test } = require('tap') +const LRUCache = require('../../internal/lrucache') + +test('basic cache operation', t => { + const c = new LRUCache() + const max = 1000 + + for (let i = 0; i < max; i++) { + t.equal(c.set(i, i), c) + } + for (let i = 0; i < max; i++) { + t.equal(c.get(i), i) + } + c.set(1001, 1001) + // lru item should be gone + t.equal(c.get(0), undefined) + c.set(42, undefined) + t.end() +}) From c570a348ffc6612af07fe94fa46b9affa5e4eff0 Mon Sep 17 00:00:00 2001 From: Gar Date: Wed, 1 May 2024 13:26:10 -0700 Subject: [PATCH 23/32] fix(linting): no-unused-vars --- bin/semver.js | 19 +++++-------------- classes/range.js | 3 ++- 2 files changed, 7 insertions(+), 15 deletions(-) diff --git a/bin/semver.js b/bin/semver.js index 242b7ade..f62b566f 100755 --- a/bin/semver.js +++ b/bin/semver.js @@ -119,7 +119,11 @@ const main = () => { return fail() } } - return success(versions) + versions + .sort((a, b) => semver[reverse ? 'rcompare' : 'compare'](a, b, options)) + .map(v => semver.clean(v, options)) + .map(v => inc ? semver.inc(v, inc, options, identifier, identifierBase) : v) + .forEach(v => console.log(v)) } const failInc = () => { @@ -129,19 +133,6 @@ const failInc = () => { const fail = () => process.exit(1) -const success = () => { - const compare = reverse ? 'rcompare' : 'compare' - versions.sort((a, b) => { - return semver[compare](a, b, options) - }).map((v) => { - return semver.clean(v, options) - }).map((v) => { - return inc ? semver.inc(v, inc, options, identifier, identifierBase) : v - }).forEach((v, i, _) => { - console.log(v) - }) -} - const help = () => console.log( `SemVer ${version} diff --git a/classes/range.js b/classes/range.js index 5ec7daf0..117b45a2 100644 --- a/classes/range.js +++ b/classes/range.js @@ -470,9 +470,10 @@ const replaceGTE0 = (comp, options) => { // 1.2 - 3.4.5 => >=1.2.0 <=3.4.5 // 1.2.3 - 3.4 => >=1.2.0 <3.5.0-0 Any 3.4.x will do // 1.2 - 3.4 => >=1.2.0 <3.5.0-0 +// TODO build? const hyphenReplace = incPr => ($0, from, fM, fm, fp, fpr, fb, - to, tM, tm, tp, tpr, tb) => { + to, tM, tm, tp, tpr) => { if (isX(fM)) { from = '' } else if (isX(fm)) { From dd09b60da1e618335d7c269426345b336fd5f63d Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Fri, 3 May 2024 11:46:34 -0700 Subject: [PATCH 24/32] chore: bump @npmcli/template-oss to 4.22.0 --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 147c328f..bf1b3f3e 100644 --- a/package.json +++ b/package.json @@ -14,7 +14,7 @@ }, "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.21.4", + "@npmcli/template-oss": "4.22.0", "benchmark": "^2.1.4", "tap": "^16.0.0" }, From 5feeb7f4f63061e19a29087115b50cb04135b63e Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Fri, 3 May 2024 11:46:40 -0700 Subject: [PATCH 25/32] chore: postinstall for dependabot template-oss PR --- .github/actions/create-check/action.yml | 2 +- .github/workflows/audit.yml | 8 +++--- .github/workflows/ci-release.yml | 33 ++++++++++++++++++----- .github/workflows/ci.yml | 33 ++++++++++++++++++----- .github/workflows/codeql-analysis.yml | 2 +- .github/workflows/post-dependabot.yml | 8 +++--- .github/workflows/pull-request.yml | 8 +++--- .github/workflows/release-integration.yml | 19 +++++-------- .github/workflows/release.yml | 22 +++++++-------- package.json | 4 +-- release-please-config.json | 15 ++++------- 11 files changed, 92 insertions(+), 62 deletions(-) diff --git a/.github/actions/create-check/action.yml b/.github/actions/create-check/action.yml index 0e7d6ce0..aa24a5b0 100644 --- a/.github/actions/create-check/action.yml +++ b/.github/actions/create-check/action.yml @@ -17,7 +17,7 @@ runs: using: "composite" steps: - name: Get Workflow Job - uses: actions/github-script@v6 + uses: actions/github-script@v7 id: workflow env: JOB_NAME: "${{ inputs.name }}" diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index fa3163a8..a3ae7257 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -18,17 +18,17 @@ jobs: shell: bash steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Setup Git User run: | git config --global user.email "npm-cli+bot@github.com" git config --global user.name "npm CLI robot" - name: Setup Node - uses: actions/setup-node@v3 + uses: actions/setup-node@v4 id: node with: - node-version: 20.x - check-latest: contains('20.x', '.x') + node-version: 22.x + check-latest: contains('22.x', '.x') - name: Install Latest npm uses: ./.github/actions/install-latest-npm with: diff --git a/.github/workflows/ci-release.yml b/.github/workflows/ci-release.yml index 9f9c2a2a..24539905 100644 --- a/.github/workflows/ci-release.yml +++ b/.github/workflows/ci-release.yml @@ -28,7 +28,7 @@ jobs: shell: bash steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: ref: ${{ inputs.ref }} - name: Setup Git User @@ -44,11 +44,11 @@ jobs: token: ${{ secrets.GITHUB_TOKEN }} sha: ${{ inputs.check-sha }} - name: Setup Node - uses: actions/setup-node@v3 + uses: actions/setup-node@v4 id: node with: - node-version: 20.x - check-latest: contains('20.x', '.x') + node-version: 22.x + check-latest: contains('22.x', '.x') - name: Install Latest npm uses: ./.github/actions/install-latest-npm with: @@ -80,6 +80,9 @@ jobs: - name: macOS os: macos-latest shell: bash + - name: macOS + os: macos-13 + shell: bash - name: Windows os: windows-latest shell: cmd @@ -91,13 +94,31 @@ jobs: - 16.x - 18.x - 20.x + - 22.x + exclude: + - platform: { name: macOS, os: macos-latest, shell: bash } + node-version: 10.0.0 + - platform: { name: macOS, os: macos-latest, shell: bash } + node-version: 10.x + - platform: { name: macOS, os: macos-latest, shell: bash } + node-version: 12.x + - platform: { name: macOS, os: macos-latest, shell: bash } + node-version: 14.x + - platform: { name: macOS, os: macos-13, shell: bash } + node-version: 16.x + - platform: { name: macOS, os: macos-13, shell: bash } + node-version: 18.x + - platform: { name: macOS, os: macos-13, shell: bash } + node-version: 20.x + - platform: { name: macOS, os: macos-13, shell: bash } + node-version: 22.x runs-on: ${{ matrix.platform.os }} defaults: run: shell: ${{ matrix.platform.shell }} steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: ref: ${{ inputs.ref }} - name: Setup Git User @@ -113,7 +134,7 @@ jobs: token: ${{ secrets.GITHUB_TOKEN }} sha: ${{ inputs.check-sha }} - name: Setup Node - uses: actions/setup-node@v3 + uses: actions/setup-node@v4 id: node with: node-version: ${{ matrix.node-version }} diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index f65f93a6..4a2724b6 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -23,17 +23,17 @@ jobs: shell: bash steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Setup Git User run: | git config --global user.email "npm-cli+bot@github.com" git config --global user.name "npm CLI robot" - name: Setup Node - uses: actions/setup-node@v3 + uses: actions/setup-node@v4 id: node with: - node-version: 20.x - check-latest: contains('20.x', '.x') + node-version: 22.x + check-latest: contains('22.x', '.x') - name: Install Latest npm uses: ./.github/actions/install-latest-npm with: @@ -58,6 +58,9 @@ jobs: - name: macOS os: macos-latest shell: bash + - name: macOS + os: macos-13 + shell: bash - name: Windows os: windows-latest shell: cmd @@ -69,19 +72,37 @@ jobs: - 16.x - 18.x - 20.x + - 22.x + exclude: + - platform: { name: macOS, os: macos-latest, shell: bash } + node-version: 10.0.0 + - platform: { name: macOS, os: macos-latest, shell: bash } + node-version: 10.x + - platform: { name: macOS, os: macos-latest, shell: bash } + node-version: 12.x + - platform: { name: macOS, os: macos-latest, shell: bash } + node-version: 14.x + - platform: { name: macOS, os: macos-13, shell: bash } + node-version: 16.x + - platform: { name: macOS, os: macos-13, shell: bash } + node-version: 18.x + - platform: { name: macOS, os: macos-13, shell: bash } + node-version: 20.x + - platform: { name: macOS, os: macos-13, shell: bash } + node-version: 22.x runs-on: ${{ matrix.platform.os }} defaults: run: shell: ${{ matrix.platform.shell }} steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Setup Git User run: | git config --global user.email "npm-cli+bot@github.com" git config --global user.name "npm CLI robot" - name: Setup Node - uses: actions/setup-node@v3 + uses: actions/setup-node@v4 id: node with: node-version: ${{ matrix.node-version }} diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 9fb3f79a..3741af66 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -25,7 +25,7 @@ jobs: security-events: write steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Setup Git User run: | git config --global user.email "npm-cli+bot@github.com" diff --git a/.github/workflows/post-dependabot.yml b/.github/workflows/post-dependabot.yml index 11a7b7c8..a7ebe12d 100644 --- a/.github/workflows/post-dependabot.yml +++ b/.github/workflows/post-dependabot.yml @@ -17,7 +17,7 @@ jobs: shell: bash steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: ref: ${{ github.event.pull_request.head.ref }} - name: Setup Git User @@ -25,11 +25,11 @@ jobs: git config --global user.email "npm-cli+bot@github.com" git config --global user.name "npm CLI robot" - name: Setup Node - uses: actions/setup-node@v3 + uses: actions/setup-node@v4 id: node with: - node-version: 20.x - check-latest: contains('20.x', '.x') + node-version: 22.x + check-latest: contains('22.x', '.x') - name: Install Latest npm uses: ./.github/actions/install-latest-npm with: diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml index 0b5789e0..7dbdfd41 100644 --- a/.github/workflows/pull-request.yml +++ b/.github/workflows/pull-request.yml @@ -20,7 +20,7 @@ jobs: shell: bash steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 - name: Setup Git User @@ -28,11 +28,11 @@ jobs: git config --global user.email "npm-cli+bot@github.com" git config --global user.name "npm CLI robot" - name: Setup Node - uses: actions/setup-node@v3 + uses: actions/setup-node@v4 id: node with: - node-version: 20.x - check-latest: contains('20.x', '.x') + node-version: 22.x + check-latest: contains('22.x', '.x') - name: Install Latest npm uses: ./.github/actions/install-latest-npm with: diff --git a/.github/workflows/release-integration.yml b/.github/workflows/release-integration.yml index d986e4be..130578e6 100644 --- a/.github/workflows/release-integration.yml +++ b/.github/workflows/release-integration.yml @@ -30,7 +30,7 @@ jobs: id-token: write steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: ref: ${{ fromJSON(inputs.releases)[0].tagName }} - name: Setup Git User @@ -38,11 +38,11 @@ jobs: git config --global user.email "npm-cli+bot@github.com" git config --global user.name "npm CLI robot" - name: Setup Node - uses: actions/setup-node@v3 + uses: actions/setup-node@v4 id: node with: - node-version: 20.x - check-latest: contains('20.x', '.x') + node-version: 22.x + check-latest: contains('22.x', '.x') - name: Install Latest npm uses: ./.github/actions/install-latest-npm with: @@ -58,17 +58,10 @@ jobs: run: | EXIT_CODE=0 - function each_release { - if npm publish --provenance --tag="$1"; then - echo 0 - else - echo 1 - fi - } - for release in $(echo $RELEASES | jq -r '.[] | @base64'); do PUBLISH_TAG=$(echo "$release" | base64 --decode | jq -r .publishTag) - STATUS=$(each_release "$PUBLISH_TAG") + npm publish --provenance --tag="$PUBLISH_TAG" + STATUS=$? if [[ "$STATUS" -eq 1 ]]; then EXIT_CODE=$STATUS fi diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index be675916..e77e76f2 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -31,17 +31,17 @@ jobs: shell: bash steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Setup Git User run: | git config --global user.email "npm-cli+bot@github.com" git config --global user.name "npm CLI robot" - name: Setup Node - uses: actions/setup-node@v3 + uses: actions/setup-node@v4 id: node with: - node-version: 20.x - check-latest: contains('20.x', '.x') + node-version: 22.x + check-latest: contains('22.x', '.x') - name: Install Latest npm uses: ./.github/actions/install-latest-npm with: @@ -55,7 +55,7 @@ jobs: run: npx --offline template-oss-release-please --branch="${{ github.ref_name }}" --backport="" --defaultTag="latest" - name: Create Release Manager Comment Text if: steps.release.outputs.pr-number - uses: actions/github-script@v6 + uses: actions/github-script@v7 id: comment-text with: result-encoding: string @@ -108,7 +108,7 @@ jobs: shell: bash steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 ref: ${{ needs.release.outputs.pr-branch }} @@ -117,11 +117,11 @@ jobs: git config --global user.email "npm-cli+bot@github.com" git config --global user.name "npm CLI robot" - name: Setup Node - uses: actions/setup-node@v3 + uses: actions/setup-node@v4 id: node with: - node-version: 20.x - check-latest: contains('20.x', '.x') + node-version: 22.x + check-latest: contains('22.x', '.x') - name: Install Latest npm uses: ./.github/actions/install-latest-npm with: @@ -216,7 +216,7 @@ jobs: steps: - name: Create Release PR Comment Text id: comment-text - uses: actions/github-script@v6 + uses: actions/github-script@v7 env: RELEASES: ${{ needs.release.outputs.releases }} with: @@ -281,7 +281,7 @@ jobs: - name: Create Release PR Comment Text id: comment-text if: steps.found-comment.outputs.comment-id - uses: actions/github-script@v6 + uses: actions/github-script@v7 env: RESULT: ${{ steps.conclusion.outputs.result }} BODY: ${{ steps.found-comment.outputs.comment-body }} diff --git a/package.json b/package.json index bf1b3f3e..5a84d1c5 100644 --- a/package.json +++ b/package.json @@ -21,7 +21,7 @@ "license": "ISC", "repository": { "type": "git", - "url": "https://github.com/npm/node-semver.git" + "url": "git+https://github.com/npm/node-semver.git" }, "bin": { "semver": "bin/semver.js" @@ -54,7 +54,7 @@ "author": "GitHub Inc.", "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.21.4", + "version": "4.22.0", "engines": ">=10", "distPaths": [ "classes/", diff --git a/release-please-config.json b/release-please-config.json index 559ef7d8..a1676b9c 100644 --- a/release-please-config.json +++ b/release-please-config.json @@ -5,32 +5,27 @@ { "type": "feat", "section": "Features", - "hidden": false, - "collapse": false + "hidden": false }, { "type": "fix", "section": "Bug Fixes", - "hidden": false, - "collapse": false + "hidden": false }, { "type": "docs", "section": "Documentation", - "hidden": false, - "collapse": false + "hidden": false }, { "type": "deps", "section": "Dependencies", - "hidden": false, - "collapse": false + "hidden": false }, { "type": "chore", "section": "Chores", - "hidden": false, - "collapse": false + "hidden": true } ], "packages": { From 988a8deb3ea76b9a314a740e66b5fc2f726822f8 Mon Sep 17 00:00:00 2001 From: Superchupu <53496941+SuperchupuDev@users.noreply.github.com> Date: Sat, 4 May 2024 22:03:06 +0100 Subject: [PATCH 26/32] deps: uninstall `lru-cache` (#709) #704 removed usage of `lru-cache`, but the dependency wasn't removed from `package.json` --- package.json | 3 --- 1 file changed, 3 deletions(-) diff --git a/package.json b/package.json index 5a84d1c5..cccbf8d7 100644 --- a/package.json +++ b/package.json @@ -48,9 +48,6 @@ "engines": { "node": ">=10" }, - "dependencies": { - "lru-cache": "^6.0.0" - }, "author": "GitHub Inc.", "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", From d777418116aeaecca9842b7621dd0ac1a92100bc Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 7 May 2024 08:58:42 -0700 Subject: [PATCH 27/32] chore: release 7.6.1 (#706) :robot: I have created a release *beep* *boop* --- ## [7.6.1](https://github.com/npm/node-semver/compare/v7.6.0...v7.6.1) (2024-05-04) ### Bug Fixes * [`c570a34`](https://github.com/npm/node-semver/commit/c570a348ffc6612af07fe94fa46b9affa5e4eff0) [#704](https://github.com/npm/node-semver/pull/704) linting: no-unused-vars (@wraithgar) * [`ad8ff11`](https://github.com/npm/node-semver/commit/ad8ff11dd200dac3a05097d9a82d1977ccfa1535) [#704](https://github.com/npm/node-semver/pull/704) use internal cache implementation (@mbtools) * [`ac9b357`](https://github.com/npm/node-semver/commit/ac9b35769ab0ddfefd5a3af4a3ecaf3da2012352) [#682](https://github.com/npm/node-semver/pull/682) typo in compareBuild debug message (#682) (@mbtools) ### Dependencies * [`988a8de`](https://github.com/npm/node-semver/commit/988a8deb3ea76b9a314a740e66b5fc2f726822f8) [#709](https://github.com/npm/node-semver/pull/709) uninstall `lru-cache` (#709) * [`3fabe4d`](https://github.com/npm/node-semver/commit/3fabe4dbfbd199fdb589c076a7f30bc1f18c6614) [#704](https://github.com/npm/node-semver/pull/704) remove lru-cache ### Chores * [`dd09b60`](https://github.com/npm/node-semver/commit/dd09b60da1e618335d7c269426345b336fd5f63d) [#705](https://github.com/npm/node-semver/pull/705) bump @npmcli/template-oss to 4.22.0 (@lukekarrys) * [`ec49cdc`](https://github.com/npm/node-semver/commit/ec49cdcece9db0020d6829b246681ff65a393644) [#701](https://github.com/npm/node-semver/pull/701) chore: chore: postinstall for dependabot template-oss PR (@lukekarrys) * [`b236c3d`](https://github.com/npm/node-semver/commit/b236c3d2f357a16a733c96ec2ca8c57848b70091) [#696](https://github.com/npm/node-semver/pull/696) add benchmarks (#696) (@H4ad) * [`692451b`](https://github.com/npm/node-semver/commit/692451bd6f75b38a71a99f39da405c94a5954a22) [#688](https://github.com/npm/node-semver/pull/688) various improvements to README (#688) (@mbtools) * [`5feeb7f`](https://github.com/npm/node-semver/commit/5feeb7f4f63061e19a29087115b50cb04135b63e) [#705](https://github.com/npm/node-semver/pull/705) postinstall for dependabot template-oss PR (@lukekarrys) * [`074156f`](https://github.com/npm/node-semver/commit/074156f64fa91723fe1ae6af8cc497014b9b7aff) [#701](https://github.com/npm/node-semver/pull/701) bump @npmcli/template-oss from 4.21.3 to 4.21.4 (@dependabot[bot]) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- .release-please-manifest.json | 2 +- CHANGELOG.md | 22 ++++++++++++++++++++++ package.json | 2 +- 3 files changed, 24 insertions(+), 2 deletions(-) diff --git a/.release-please-manifest.json b/.release-please-manifest.json index 4c4a46ef..367ddfe0 100644 --- a/.release-please-manifest.json +++ b/.release-please-manifest.json @@ -1,3 +1,3 @@ { - ".": "7.6.0" + ".": "7.6.1" } diff --git a/CHANGELOG.md b/CHANGELOG.md index 451daa10..230a617f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,27 @@ # Changelog +## [7.6.1](https://github.com/npm/node-semver/compare/v7.6.0...v7.6.1) (2024-05-04) + +### Bug Fixes + +* [`c570a34`](https://github.com/npm/node-semver/commit/c570a348ffc6612af07fe94fa46b9affa5e4eff0) [#704](https://github.com/npm/node-semver/pull/704) linting: no-unused-vars (@wraithgar) +* [`ad8ff11`](https://github.com/npm/node-semver/commit/ad8ff11dd200dac3a05097d9a82d1977ccfa1535) [#704](https://github.com/npm/node-semver/pull/704) use internal cache implementation (@mbtools) +* [`ac9b357`](https://github.com/npm/node-semver/commit/ac9b35769ab0ddfefd5a3af4a3ecaf3da2012352) [#682](https://github.com/npm/node-semver/pull/682) typo in compareBuild debug message (#682) (@mbtools) + +### Dependencies + +* [`988a8de`](https://github.com/npm/node-semver/commit/988a8deb3ea76b9a314a740e66b5fc2f726822f8) [#709](https://github.com/npm/node-semver/pull/709) uninstall `lru-cache` (#709) +* [`3fabe4d`](https://github.com/npm/node-semver/commit/3fabe4dbfbd199fdb589c076a7f30bc1f18c6614) [#704](https://github.com/npm/node-semver/pull/704) remove lru-cache + +### Chores + +* [`dd09b60`](https://github.com/npm/node-semver/commit/dd09b60da1e618335d7c269426345b336fd5f63d) [#705](https://github.com/npm/node-semver/pull/705) bump @npmcli/template-oss to 4.22.0 (@lukekarrys) +* [`ec49cdc`](https://github.com/npm/node-semver/commit/ec49cdcece9db0020d6829b246681ff65a393644) [#701](https://github.com/npm/node-semver/pull/701) chore: chore: postinstall for dependabot template-oss PR (@lukekarrys) +* [`b236c3d`](https://github.com/npm/node-semver/commit/b236c3d2f357a16a733c96ec2ca8c57848b70091) [#696](https://github.com/npm/node-semver/pull/696) add benchmarks (#696) (@H4ad) +* [`692451b`](https://github.com/npm/node-semver/commit/692451bd6f75b38a71a99f39da405c94a5954a22) [#688](https://github.com/npm/node-semver/pull/688) various improvements to README (#688) (@mbtools) +* [`5feeb7f`](https://github.com/npm/node-semver/commit/5feeb7f4f63061e19a29087115b50cb04135b63e) [#705](https://github.com/npm/node-semver/pull/705) postinstall for dependabot template-oss PR (@lukekarrys) +* [`074156f`](https://github.com/npm/node-semver/commit/074156f64fa91723fe1ae6af8cc497014b9b7aff) [#701](https://github.com/npm/node-semver/pull/701) bump @npmcli/template-oss from 4.21.3 to 4.21.4 (@dependabot[bot]) + ## [7.6.0](https://github.com/npm/node-semver/compare/v7.5.4...v7.6.0) (2024-01-31) ### Features diff --git a/package.json b/package.json index cccbf8d7..ccf86cd0 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "semver", - "version": "7.6.0", + "version": "7.6.1", "description": "The semantic version parser used by npm.", "main": "index.js", "scripts": { From 6466ba9b540252db405fdd2a289dd4651495beea Mon Sep 17 00:00:00 2001 From: Vlad Date: Thu, 9 May 2024 13:02:38 +1100 Subject: [PATCH 28/32] fix(lru): use map.delete() directly (#713) The default implementation already returns boolean if the value has been deleted. https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Map/delete#return_value It's also faster since we don't double check the hashmap for a value. --------- Co-authored-by: Luke Karrys --- internal/lrucache.js | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/internal/lrucache.js b/internal/lrucache.js index f4a97f2e..6d89ec94 100644 --- a/internal/lrucache.js +++ b/internal/lrucache.js @@ -17,12 +17,7 @@ class LRUCache { } delete (key) { - if (this.map.has(key)) { - this.map.delete(key) - return true - } else { - return false - } + return this.map.delete(key) } set (key, value) { From eb1380b1ecd74f6572831294d55ef4537dfe1a2a Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 9 May 2024 08:59:18 -0700 Subject: [PATCH 29/32] chore: release 7.6.2 (#714) :robot: I have created a release *beep* *boop* --- ## [7.6.2](https://github.com/npm/node-semver/compare/v7.6.1...v7.6.2) (2024-05-09) ### Bug Fixes * [`6466ba9`](https://github.com/npm/node-semver/commit/6466ba9b540252db405fdd2a289dd4651495beea) [#713](https://github.com/npm/node-semver/pull/713) lru: use map.delete() directly (#713) (@negezor, @lukekarrys) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- .release-please-manifest.json | 2 +- CHANGELOG.md | 6 ++++++ package.json | 2 +- 3 files changed, 8 insertions(+), 2 deletions(-) diff --git a/.release-please-manifest.json b/.release-please-manifest.json index 367ddfe0..3734181b 100644 --- a/.release-please-manifest.json +++ b/.release-please-manifest.json @@ -1,3 +1,3 @@ { - ".": "7.6.1" + ".": "7.6.2" } diff --git a/CHANGELOG.md b/CHANGELOG.md index 230a617f..b24f819c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,11 @@ # Changelog +## [7.6.2](https://github.com/npm/node-semver/compare/v7.6.1...v7.6.2) (2024-05-09) + +### Bug Fixes + +* [`6466ba9`](https://github.com/npm/node-semver/commit/6466ba9b540252db405fdd2a289dd4651495beea) [#713](https://github.com/npm/node-semver/pull/713) lru: use map.delete() directly (#713) (@negezor, @lukekarrys) + ## [7.6.1](https://github.com/npm/node-semver/compare/v7.6.0...v7.6.1) (2024-05-04) ### Bug Fixes diff --git a/package.json b/package.json index ccf86cd0..cb8def45 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "semver", - "version": "7.6.1", + "version": "7.6.2", "description": "The semantic version parser used by npm.", "main": "index.js", "scripts": { From 2975ece120e17660c9f1ef517de45c09ff821064 Mon Sep 17 00:00:00 2001 From: Scott Davis Date: Thu, 13 Jun 2024 12:39:32 -0600 Subject: [PATCH 30/32] docs: fix extra backtick typo (#719) --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 673e9c35..ede7b7d0 100644 --- a/README.md +++ b/README.md @@ -459,7 +459,7 @@ strings that they parse. in descending order when passed to `Array.sort()`. * `compareBuild(v1, v2)`: The same as `compare` but considers `build` when two versions are equal. Sorts in ascending order if passed to `Array.sort()`. -* `compareLoose(v1, v2)`: Short for ``compare(v1, v2, { loose: true })`. +* `compareLoose(v1, v2)`: Short for `compare(v1, v2, { loose: true })`. * `diff(v1, v2)`: Returns the difference between two versions by the release type (`major`, `premajor`, `minor`, `preminor`, `patch`, `prepatch`, or `prerelease`), or null if the versions are the same. From 73a3d79c4ec32d5dd62c9d5f64e5af7fbdad9ec0 Mon Sep 17 00:00:00 2001 From: jviide Date: Tue, 16 Jul 2024 18:42:37 +0300 Subject: [PATCH 31/32] fix: optimize Range parsing and formatting (#726) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This pull request optimizes the Range class in the following ways: 1. Produce fewer intermediate objects when reducing a range's space characters to single spaces. This seems to improve bench-subset scores by up to 5%, and bench-satisfies scores to a lesser degree. 2. Optimize Range formatting with explicit for loops instead, avoiding an intermediate array creation. This seems to improve bench-satisfies and bench-subset scores by up to 20%. 3. Calculate Range's `.range` string (used by `.format()` and `.toString()`) lazily. This seems to improve bench-satisfies and bench-subset scores by up to 9%. The external interface for the class stays the same, except for the new internal `.formatted` property used to cache its lazily calculated string. `Range#range` property is now also read-only. There is a new test lazy formatting to ensure full test coverage. The benchmarks bench-satisfies and bench-subset benefit from these changes, sometimes by up to 40%. Other benchmark results seem to stay the same. Here are the affected benchmarks before: ``` $ node benchmarks/bench-satisfies.js satisfies(1.0.6, 1.0.3||^2.0.0) x 695,094 ops/sec ±0.68% (97 runs sampled) satisfies(1.0.6, 2.2.2||~3.0.0) x 764,115 ops/sec ±0.40% (99 runs sampled) satisfies(1.0.6, 2.3.0||<4.0.0) x 805,593 ops/sec ±0.62% (97 runs sampled) satisfies(1.0.6, 1.0.3||^2.0.0, {"includePrelease":true}) x 695,045 ops/sec ±0.73% (95 runs sampled) satisfies(1.0.6, 2.2.2||~3.0.0, {"includePrelease":true}) x 750,433 ops/sec ±0.66% (99 runs sampled) satisfies(1.0.6, 2.3.0||<4.0.0, {"includePrelease":true}) x 787,903 ops/sec ±0.39% (99 runs sampled) satisfies(1.0.6, 1.0.3||^2.0.0, {"includePrelease":true,"loose":true}) x 652,166 ops/sec ±0.34% (99 runs sampled) satisfies(1.0.6, 2.2.2||~3.0.0, {"includePrelease":true,"loose":true}) x 696,377 ops/sec ±0.36% (96 runs sampled) satisfies(1.0.6, 2.3.0||<4.0.0, {"includePrelease":true,"loose":true}) x 721,729 ops/sec ±0.35% (98 runs sampled) satisfies(1.0.6, 1.0.3||^2.0.0, {"includePrelease":true,"loose":true,"rtl":true}) x 585,692 ops/sec ±0.75% (95 runs sampled) satisfies(1.0.6, 2.2.2||~3.0.0, {"includePrelease":true,"loose":true,"rtl":true}) x 631,653 ops/sec ±0.33% (96 runs sampled) satisfies(1.0.6, 2.3.0||<4.0.0, {"includePrelease":true,"loose":true,"rtl":true}) x 650,110 ops/sec ±0.64% (95 runs sampled) $ node benchmarks/bench-subset.js subset(1.2.3, *) x 633,342 ops/sec ±0.61% (95 runs sampled) subset(^1.2.3, *) x 743,036 ops/sec ±0.47% (97 runs sampled) subset(^1.2.3-pre.0, *) x 680,087 ops/sec ±0.76% (98 runs sampled) subset(^1.2.3-pre.0, *) x 680,948 ops/sec ±0.46% (96 runs sampled) subset(1 || 2 || 3, *) x 330,669 ops/sec ±0.53% (98 runs sampled) ``` And after: ``` $ node benchmarks/bench-satisfies.js satisfies(1.0.6, 1.0.3||^2.0.0) x 896,936 ops/sec ±0.53% (94 runs sampled) satisfies(1.0.6, 2.2.2||~3.0.0) x 998,214 ops/sec ±0.40% (95 runs sampled) satisfies(1.0.6, 2.3.0||<4.0.0) x 1,000,593 ops/sec ±0.43% (97 runs sampled) satisfies(1.0.6, 1.0.3||^2.0.0, {"includePrelease":true}) x 890,369 ops/sec ±0.41% (100 runs sampled) satisfies(1.0.6, 2.2.2||~3.0.0, {"includePrelease":true}) x 977,239 ops/sec ±0.48% (97 runs sampled) satisfies(1.0.6, 2.3.0||<4.0.0, {"includePrelease":true}) x 983,682 ops/sec ±0.95% (96 runs sampled) satisfies(1.0.6, 1.0.3||^2.0.0, {"includePrelease":true,"loose":true}) x 805,330 ops/sec ±0.84% (98 runs sampled) satisfies(1.0.6, 2.2.2||~3.0.0, {"includePrelease":true,"loose":true}) x 894,117 ops/sec ±0.43% (99 runs sampled) satisfies(1.0.6, 2.3.0||<4.0.0, {"includePrelease":true,"loose":true}) x 911,742 ops/sec ±0.42% (96 runs sampled) satisfies(1.0.6, 1.0.3||^2.0.0, {"includePrelease":true,"loose":true,"rtl":true}) x 741,254 ops/sec ±0.35% (97 runs sampled) satisfies(1.0.6, 2.2.2||~3.0.0, {"includePrelease":true,"loose":true,"rtl":true}) x 807,380 ops/sec ±0.42% (99 runs sampled) satisfies(1.0.6, 2.3.0||<4.0.0, {"includePrelease":true,"loose":true,"rtl":true}) x 820,390 ops/sec ±0.37% (99 runs sampled) $ node benchmarks/bench-subset.js subset(1.2.3, *) x 905,030 ops/sec ±0.63% (96 runs sampled) subset(^1.2.3, *) x 1,026,457 ops/sec ±0.63% (95 runs sampled) subset(^1.2.3-pre.0, *) x 923,789 ops/sec ±0.41% (97 runs sampled) subset(^1.2.3-pre.0, *) x 923,136 ops/sec ±0.44% (96 runs sampled) subset(1 || 2 || 3, *) x 432,037 ops/sec ±0.67% (96 runs sampled) ``` --- classes/range.js | 34 ++++++++++++++++++++++++---------- test/classes/range.js | 9 +++++++++ 2 files changed, 33 insertions(+), 10 deletions(-) diff --git a/classes/range.js b/classes/range.js index 117b45a2..ceee2314 100644 --- a/classes/range.js +++ b/classes/range.js @@ -1,3 +1,5 @@ +const SPACE_CHARACTERS = /\s+/g + // hoisted class for cyclic dependency class Range { constructor (range, options) { @@ -18,7 +20,7 @@ class Range { // just put it in the set and return this.raw = range.value this.set = [[range]] - this.format() + this.formatted = undefined return this } @@ -29,10 +31,7 @@ class Range { // First reduce all whitespace as much as possible so we do not have to rely // on potentially slow regexes like \s*. This is then stored and used for // future error messages as well. - this.raw = range - .trim() - .split(/\s+/) - .join(' ') + this.raw = range.trim().replace(SPACE_CHARACTERS, ' ') // First, split on || this.set = this.raw @@ -66,14 +65,29 @@ class Range { } } - this.format() + this.formatted = undefined + } + + get range () { + if (this.formatted === undefined) { + this.formatted = '' + for (let i = 0; i < this.set.length; i++) { + if (i > 0) { + this.formatted += '||' + } + const comps = this.set[i] + for (let k = 0; k < comps.length; k++) { + if (k > 0) { + this.formatted += ' ' + } + this.formatted += comps[k].toString().trim() + } + } + } + return this.formatted } format () { - this.range = this.set - .map((comps) => comps.join(' ').trim()) - .join('||') - .trim() return this.range } diff --git a/test/classes/range.js b/test/classes/range.js index 9547e23a..c1e6eb1b 100644 --- a/test/classes/range.js +++ b/test/classes/range.js @@ -82,6 +82,15 @@ test('tostrings', (t) => { t.end() }) +test('formatted value is calculated lazily and cached', (t) => { + const r = new Range('>= v1.2.3') + t.equal(r.formatted, undefined) + t.equal(r.format(), '>=1.2.3') + t.equal(r.formatted, '>=1.2.3') + t.equal(r.format(), '>=1.2.3') + t.end() +}) + test('ranges intersect', (t) => { rangeIntersection.forEach(([r0, r1, expect]) => { t.test(`${r0} <~> ${r1}`, t => { From 0a12d6c7debb1dc82d8645c770e77c47bac5e1ea Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 16 Jul 2024 18:24:00 -0400 Subject: [PATCH 32/32] chore: release 7.6.3 (#720) :robot: I have created a release *beep* *boop* --- ## [7.6.3](https://github.com/npm/node-semver/compare/v7.6.2...v7.6.3) (2024-07-16) ### Bug Fixes * [`73a3d79`](https://github.com/npm/node-semver/commit/73a3d79c4ec32d5dd62c9d5f64e5af7fbdad9ec0) [#726](https://github.com/npm/node-semver/pull/726) optimize Range parsing and formatting (#726) (@jviide) ### Documentation * [`2975ece`](https://github.com/npm/node-semver/commit/2975ece120e17660c9f1ef517de45c09ff821064) [#719](https://github.com/npm/node-semver/pull/719) fix extra backtick typo (#719) (@stdavis) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- .release-please-manifest.json | 2 +- CHANGELOG.md | 10 ++++++++++ package.json | 2 +- 3 files changed, 12 insertions(+), 2 deletions(-) diff --git a/.release-please-manifest.json b/.release-please-manifest.json index 3734181b..b637db6f 100644 --- a/.release-please-manifest.json +++ b/.release-please-manifest.json @@ -1,3 +1,3 @@ { - ".": "7.6.2" + ".": "7.6.3" } diff --git a/CHANGELOG.md b/CHANGELOG.md index b24f819c..4910123d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,15 @@ # Changelog +## [7.6.3](https://github.com/npm/node-semver/compare/v7.6.2...v7.6.3) (2024-07-16) + +### Bug Fixes + +* [`73a3d79`](https://github.com/npm/node-semver/commit/73a3d79c4ec32d5dd62c9d5f64e5af7fbdad9ec0) [#726](https://github.com/npm/node-semver/pull/726) optimize Range parsing and formatting (#726) (@jviide) + +### Documentation + +* [`2975ece`](https://github.com/npm/node-semver/commit/2975ece120e17660c9f1ef517de45c09ff821064) [#719](https://github.com/npm/node-semver/pull/719) fix extra backtick typo (#719) (@stdavis) + ## [7.6.2](https://github.com/npm/node-semver/compare/v7.6.1...v7.6.2) (2024-05-09) ### Bug Fixes diff --git a/package.json b/package.json index cb8def45..663d3701 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "semver", - "version": "7.6.2", + "version": "7.6.3", "description": "The semantic version parser used by npm.", "main": "index.js", "scripts": {