diff --git a/.github/workflows/post-dependabot.yml b/.github/workflows/post-dependabot.yml index 19902bdc..ce383405 100644 --- a/.github/workflows/post-dependabot.yml +++ b/.github/workflows/post-dependabot.yml @@ -48,11 +48,11 @@ jobs: run: | dependabot_dir="${{ steps.metadata.outputs.directory }}" if [[ "$dependabot_dir" == "/" ]]; then - echo "::set-output name=workspace::-iwr" + echo "workspace=-iwr" >> $GITHUB_OUTPUT else # strip leading slash from directory so it works as a # a path to the workspace flag - echo "::set-output name=workspace::-w ${dependabot_dir#/}" + echo "workspace=-w ${dependabot_dir#/}" >> $GITHUB_OUTPUT fi - name: Apply Changes @@ -61,7 +61,7 @@ jobs: run: | npm run template-oss-apply ${{ steps.flags.outputs.workspace }} if [[ `git status --porcelain` ]]; then - echo "::set-output name=changes::true" + echo "changes=true" >> $GITHUB_OUTPUT fi # This only sets the conventional commit prefix. This workflow can't reliably determine # what the breaking change is though. If a BREAKING CHANGE message is required then @@ -71,7 +71,7 @@ jobs: else prefix='chore' fi - echo "::set-output name=message::$prefix: postinstall for dependabot template-oss PR" + echo "message=$prefix: postinstall for dependabot template-oss PR" >> $GITHUB_OUTPUT # This step will fail if template-oss has made any workflow updates. It is impossible # for a workflow to update other workflows. In the case it does fail, we continue diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index ddde4c37..84fd7d17 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -180,7 +180,7 @@ jobs: run: | git commit --all --amend --no-edit || true git push --force-with-lease - echo "::set-output name=sha::$(git rev-parse HEAD)" + echo "sha=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT - name: Get Workflow Job uses: actions/github-script@v6 if: steps.commit.outputs.sha @@ -261,7 +261,7 @@ jobs: else result="success" fi - echo "::set-output name=result::$result" + echo "result=$result" >> $GITHUB_OUTPUT - name: Conclude Check uses: LouisBrunner/checks-action@v1.3.1 if: needs.update.outputs.check-id && always() @@ -368,7 +368,6 @@ jobs: - name: Get Needs Result id: needs-result run: | - result="" if [[ "${{ contains(needs.*.result, 'failure') }}" == "true" ]]; then result="x" elif [[ "${{ contains(needs.*.result, 'cancelled') }}" == "true" ]]; then @@ -376,7 +375,7 @@ jobs: else result="white_check_mark" fi - echo "::set-output name=result::$result" + echo "result=$result" >> $GITHUB_OUTPUT - name: Update Release PR Comment uses: actions/github-script@v6 env: @@ -397,7 +396,8 @@ jobs: if (updateComment) { console.log('Found comment to update:', JSON.stringify(updateComment, null, 2)) let body = updateComment.body.replace(/Workflow run: :[a-z_]+:/, `Workflow run: :${RESULT}:`) - if (RESULT === 'x') { + const tagCodeowner = RESULT !== 'white_check_mark' + if (tagCodeowner) { body += `\n\n:rotating_light:` body += ` @npm/cli-team: The post-release workflow failed for this release.` body += ` Manual steps may need to be taken after examining the workflow output` diff --git a/.release-please-manifest.json b/.release-please-manifest.json index 2ca41352..81675064 100644 --- a/.release-please-manifest.json +++ b/.release-please-manifest.json @@ -1,3 +1,3 @@ { - ".": "4.11.4" + ".": "4.12.0" } diff --git a/CHANGELOG.md b/CHANGELOG.md index a0d00ee3..2ccdbbb9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,17 @@ # Changelog +## [4.12.0](https://github.com/npm/template-oss/compare/v4.11.4...v4.12.0) (2023-02-13) + +### Features + +* [`6984cbd`](https://github.com/npm/template-oss/commit/6984cbdeafcc118824b4400729e4f308bf5dc18d) [#285](https://github.com/npm/template-oss/pull/285) update SECURITY.md (#285) (@lukekarrys) + +### Bug Fixes + +* [`241dbf2`](https://github.com/npm/template-oss/commit/241dbf27d7df953839de7a7ed128facf55b2464d) [#282](https://github.com/npm/template-oss/pull/282) tag codeowner for all release ci runs that are not success (#282) (@lukekarrys) +* [`dc73ffe`](https://github.com/npm/template-oss/commit/dc73ffe1748397d600b385a3fbde23d790f6f1ff) [#281](https://github.com/npm/template-oss/pull/281) remove deprecated set-output in favor of GITHUB_OUTPUT (#281) (@lukekarrys) +* [`f283d4a`](https://github.com/npm/template-oss/commit/f283d4a99bf9c22bd66fce327cd5665d0406bb5d) [#279](https://github.com/npm/template-oss/pull/279) add pull request numbers to all rebased commits (#279) (@lukekarrys) + ## [4.11.4](https://github.com/npm/template-oss/compare/v4.11.3...v4.11.4) (2023-02-07) ### Bug Fixes diff --git a/SECURITY.md b/SECURITY.md index 4e7c26c6..9cd2deaf 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -4,11 +4,10 @@ GitHub takes the security of our software products and services seriously, inclu If you believe you have found a security vulnerability in this GitHub-owned open source repository, you can report it to us in one of two ways. -If the vulnerability you have found is *not* [in scope for the GitHub Bug Bounty Program](https://bounty.github.com/#scope) or if you do not wish to be considered for a bounty reward, please report the issue to us directly using [private vulnerability reporting](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability). +If the vulnerability you have found is *not* [in scope for the GitHub Bug Bounty Program](https://bounty.github.com/#scope) or if you do not wish to be considered for a bounty reward, please report the issue to us directly through [opensource-security@github.com](mailto:opensource-security@github.com). If the vulnerability you have found is [in scope for the GitHub Bug Bounty Program](https://bounty.github.com/#scope) and you would like for your finding to be considered for a bounty reward, please submit the vulnerability to us through [HackerOne](https://hackerone.com/github) in order to be eligible to receive a bounty award. **Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests.** Thanks for helping make GitHub safe for everyone. - diff --git a/lib/content/SECURITY.md b/lib/content/SECURITY.md index e7ff2b0e..2a877aa8 100644 --- a/lib/content/SECURITY.md +++ b/lib/content/SECURITY.md @@ -2,11 +2,10 @@ GitHub takes the security of our software products and services seriously, inclu If you believe you have found a security vulnerability in this GitHub-owned open source repository, you can report it to us in one of two ways. -If the vulnerability you have found is *not* [in scope for the GitHub Bug Bounty Program](https://bounty.github.com/#scope) or if you do not wish to be considered for a bounty reward, please report the issue to us directly using [private vulnerability reporting](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability). +If the vulnerability you have found is *not* [in scope for the GitHub Bug Bounty Program](https://bounty.github.com/#scope) or if you do not wish to be considered for a bounty reward, please report the issue to us directly through [opensource-security@github.com](mailto:opensource-security@github.com). If the vulnerability you have found is [in scope for the GitHub Bug Bounty Program](https://bounty.github.com/#scope) and you would like for your finding to be considered for a bounty reward, please submit the vulnerability to us through [HackerOne](https://hackerone.com/github) in order to be eligible to receive a bounty award. **Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests.** Thanks for helping make GitHub safe for everyone. - diff --git a/lib/content/post-dependabot.yml b/lib/content/post-dependabot.yml index 02e90022..fe7526c4 100644 --- a/lib/content/post-dependabot.yml +++ b/lib/content/post-dependabot.yml @@ -27,11 +27,11 @@ jobs: run: | dependabot_dir="$\{{ steps.metadata.outputs.directory }}" if [[ "$dependabot_dir" == "/" ]]; then - echo "::set-output name=workspace::-iwr" + echo "workspace=-iwr" >> $GITHUB_OUTPUT else # strip leading slash from directory so it works as a # a path to the workspace flag - echo "::set-output name=workspace::-w ${dependabot_dir#/}" + echo "workspace=-w ${dependabot_dir#/}" >> $GITHUB_OUTPUT fi - name: Apply Changes @@ -40,7 +40,7 @@ jobs: run: | {{ rootNpmPath }} run template-oss-apply $\{{ steps.flags.outputs.workspace }} if [[ `git status --porcelain` ]]; then - echo "::set-output name=changes::true" + echo "changes=true" >> $GITHUB_OUTPUT fi # This only sets the conventional commit prefix. This workflow can't reliably determine # what the breaking change is though. If a BREAKING CHANGE message is required then @@ -50,7 +50,7 @@ jobs: else prefix='chore' fi - echo "::set-output name=message::$prefix: postinstall for dependabot template-oss PR" + echo "message=$prefix: postinstall for dependabot template-oss PR" >> $GITHUB_OUTPUT # This step will fail if template-oss has made any workflow updates. It is impossible # for a workflow to update other workflows. In the case it does fail, we continue diff --git a/lib/content/release.yml b/lib/content/release.yml index 0b3478a4..9bb7a94b 100644 --- a/lib/content/release.yml +++ b/lib/content/release.yml @@ -94,7 +94,7 @@ jobs: run: | git commit --all --amend --no-edit || true git push --force-with-lease - echo "::set-output name=sha::$(git rev-parse HEAD)" + echo "sha=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT {{> stepChecks jobName="Update - Release" jobCheck=(obj sha="steps.commit.outputs.sha" name="Release" )}} {{> stepChecks jobCheck=(obj id="needs.release.outputs.check-id" )}} @@ -121,7 +121,7 @@ jobs: else result="success" fi - echo "::set-output name=result::$result" + echo "result=$result" >> $GITHUB_OUTPUT {{> stepChecks jobCheck=(obj id="needs.update.outputs.check-id" status="steps.needs-result.outputs.result") }} post-release: @@ -172,7 +172,6 @@ jobs: - name: Get Needs Result id: needs-result run: | - result="" if [[ "$\{{ contains(needs.*.result, 'failure') }}" == "true" ]]; then result="x" elif [[ "$\{{ contains(needs.*.result, 'cancelled') }}" == "true" ]]; then @@ -180,7 +179,7 @@ jobs: else result="white_check_mark" fi - echo "::set-output name=result::$result" + echo "result=$result" >> $GITHUB_OUTPUT - name: Update Release PR Comment uses: actions/github-script@v6 env: @@ -201,7 +200,8 @@ jobs: if (updateComment) { console.log('Found comment to update:', JSON.stringify(updateComment, null, 2)) let body = updateComment.body.replace(/Workflow run: :[a-z_]+:/, `Workflow run: :${RESULT}:`) - if (RESULT === 'x') { + const tagCodeowner = RESULT !== 'white_check_mark' + if (tagCodeowner) { body += `\n\n:rotating_light:` body += ` {{ codeowner }}: The post-release workflow failed for this release.` body += ` Manual steps may need to be taken after examining the workflow output` diff --git a/lib/release-please/changelog.js b/lib/release-please/changelog.js index 766abeaf..3d40862b 100644 --- a/lib/release-please/changelog.js +++ b/lib/release-please/changelog.js @@ -19,7 +19,7 @@ module.exports = class ChangelogNotes { } // A link to the pull request if the commit has one - const prNumber = commit.pullRequest && commit.pullRequest.number + const prNumber = commit.pullRequest?.number if (prNumber) { entry.push(link(`#${prNumber}`, this.gh.pull(prNumber))) } @@ -63,7 +63,16 @@ module.exports = class ChangelogNotes { // Group commits by type for (const commit of commits) { - const { entry, breaking } = this.buildEntry(commit, authorsByCommit[commit.sha]) + // when rebase merging multiple commits with a single PR, only the first commit + // will have a pr number when coming from release-please. this check will manually + // lookup commits without a pr number and find one if it exists + if (!commit.pullRequest?.number) { + commit.pullRequest = { number: await this.gh.commitPrNumber(commit) } + } + const { entry, breaking } = this.buildEntry( + commit, + authorsByCommit[commit.sha] + ) // Collect commits by type changelog[commit.type].entries.push(entry) diff --git a/lib/release-please/github.js b/lib/release-please/github.js index 136dcd91..07b2f28e 100644 --- a/lib/release-please/github.js +++ b/lib/release-please/github.js @@ -45,10 +45,25 @@ module.exports = (gh) => { } } + const commitPrNumber = async (commit) => { + try { + const res = await gh.octokit.rest.repos.listPullRequestsAssociatedWithCommit({ + owner, + repo, + commit_sha: commit.sha, + per_page: 1, + }) + return res.data[0].number + } catch { + return null + } + } + const url = (...p) => `https://github.com/${owner}/${repo}/${p.join('/')}` return { authors, + commitPrNumber, pull: (number) => url('pull', number), commit: (sha) => url('commit', sha), compare: (a, b) => a ? url('compare', `${a.toString()}...${b.toString()}`) : null, diff --git a/package.json b/package.json index 4fc56507..84439383 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@npmcli/template-oss", - "version": "4.11.4", + "version": "4.12.0", "description": "templated files used in npm CLI team oss projects", "main": "lib/content/index.js", "bin": { diff --git a/tap-snapshots/test/apply/source-snapshots.js.test.cjs b/tap-snapshots/test/apply/source-snapshots.js.test.cjs index a938c24f..04e46bc1 100644 --- a/tap-snapshots/test/apply/source-snapshots.js.test.cjs +++ b/tap-snapshots/test/apply/source-snapshots.js.test.cjs @@ -627,11 +627,11 @@ jobs: run: | dependabot_dir="\${{ steps.metadata.outputs.directory }}" if [[ "$dependabot_dir" == "/" ]]; then - echo "::set-output name=workspace::-iwr" + echo "workspace=-iwr" >> $GITHUB_OUTPUT else # strip leading slash from directory so it works as a # a path to the workspace flag - echo "::set-output name=workspace::-w \${dependabot_dir#/}" + echo "workspace=-w \${dependabot_dir#/}" >> $GITHUB_OUTPUT fi - name: Apply Changes @@ -640,7 +640,7 @@ jobs: run: | npm run template-oss-apply \${{ steps.flags.outputs.workspace }} if [[ \`git status --porcelain\` ]]; then - echo "::set-output name=changes::true" + echo "changes=true" >> $GITHUB_OUTPUT fi # This only sets the conventional commit prefix. This workflow can't reliably determine # what the breaking change is though. If a BREAKING CHANGE message is required then @@ -650,7 +650,7 @@ jobs: else prefix='chore' fi - echo "::set-output name=message::$prefix: postinstall for dependabot template-oss PR" + echo "message=$prefix: postinstall for dependabot template-oss PR" >> $GITHUB_OUTPUT # This step will fail if template-oss has made any workflow updates. It is impossible # for a workflow to update other workflows. In the case it does fail, we continue @@ -934,7 +934,7 @@ jobs: run: | git commit --all --amend --no-edit || true git push --force-with-lease - echo "::set-output name=sha::$(git rev-parse HEAD)" + echo "sha=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT - name: Get Workflow Job uses: actions/github-script@v6 if: steps.commit.outputs.sha @@ -1015,7 +1015,7 @@ jobs: else result="success" fi - echo "::set-output name=result::$result" + echo "result=$result" >> $GITHUB_OUTPUT - name: Conclude Check uses: LouisBrunner/checks-action@v1.3.1 if: needs.update.outputs.check-id && always() @@ -1122,7 +1122,6 @@ jobs: - name: Get Needs Result id: needs-result run: | - result="" if [[ "\${{ contains(needs.*.result, 'failure') }}" == "true" ]]; then result="x" elif [[ "\${{ contains(needs.*.result, 'cancelled') }}" == "true" ]]; then @@ -1130,7 +1129,7 @@ jobs: else result="white_check_mark" fi - echo "::set-output name=result::$result" + echo "result=$result" >> $GITHUB_OUTPUT - name: Update Release PR Comment uses: actions/github-script@v6 env: @@ -1151,7 +1150,8 @@ jobs: if (updateComment) { console.log('Found comment to update:', JSON.stringify(updateComment, null, 2)) let body = updateComment.body.replace(/Workflow run: :[a-z_]+:/, \`Workflow run: :\${RESULT}:\`) - if (RESULT === 'x') { + const tagCodeowner = RESULT !== 'white_check_mark' + if (tagCodeowner) { body += \`/n/n:rotating_light:\` body += \` @npm/cli-team: The post-release workflow failed for this release.\` body += \` Manual steps may need to be taken after examining the workflow output\` @@ -1301,7 +1301,7 @@ GitHub takes the security of our software products and services seriously, inclu If you believe you have found a security vulnerability in this GitHub-owned open source repository, you can report it to us in one of two ways. -If the vulnerability you have found is *not* [in scope for the GitHub Bug Bounty Program](https://bounty.github.com/#scope) or if you do not wish to be considered for a bounty reward, please report the issue to us directly using [private vulnerability reporting](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability). +If the vulnerability you have found is *not* [in scope for the GitHub Bug Bounty Program](https://bounty.github.com/#scope) or if you do not wish to be considered for a bounty reward, please report the issue to us directly through [opensource-security@github.com](mailto:opensource-security@github.com). If the vulnerability you have found is [in scope for the GitHub Bug Bounty Program](https://bounty.github.com/#scope) and you would like for your finding to be considered for a bounty reward, please submit the vulnerability to us through [HackerOne](https://hackerone.com/github) in order to be eligible to receive a bounty award. @@ -2212,11 +2212,11 @@ jobs: run: | dependabot_dir="\${{ steps.metadata.outputs.directory }}" if [[ "$dependabot_dir" == "/" ]]; then - echo "::set-output name=workspace::-iwr" + echo "workspace=-iwr" >> $GITHUB_OUTPUT else # strip leading slash from directory so it works as a # a path to the workspace flag - echo "::set-output name=workspace::-w \${dependabot_dir#/}" + echo "workspace=-w \${dependabot_dir#/}" >> $GITHUB_OUTPUT fi - name: Apply Changes @@ -2225,7 +2225,7 @@ jobs: run: | npm run template-oss-apply \${{ steps.flags.outputs.workspace }} if [[ \`git status --porcelain\` ]]; then - echo "::set-output name=changes::true" + echo "changes=true" >> $GITHUB_OUTPUT fi # This only sets the conventional commit prefix. This workflow can't reliably determine # what the breaking change is though. If a BREAKING CHANGE message is required then @@ -2235,7 +2235,7 @@ jobs: else prefix='chore' fi - echo "::set-output name=message::$prefix: postinstall for dependabot template-oss PR" + echo "message=$prefix: postinstall for dependabot template-oss PR" >> $GITHUB_OUTPUT # This step will fail if template-oss has made any workflow updates. It is impossible # for a workflow to update other workflows. In the case it does fail, we continue @@ -2519,7 +2519,7 @@ jobs: run: | git commit --all --amend --no-edit || true git push --force-with-lease - echo "::set-output name=sha::$(git rev-parse HEAD)" + echo "sha=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT - name: Get Workflow Job uses: actions/github-script@v6 if: steps.commit.outputs.sha @@ -2600,7 +2600,7 @@ jobs: else result="success" fi - echo "::set-output name=result::$result" + echo "result=$result" >> $GITHUB_OUTPUT - name: Conclude Check uses: LouisBrunner/checks-action@v1.3.1 if: needs.update.outputs.check-id && always() @@ -2707,7 +2707,6 @@ jobs: - name: Get Needs Result id: needs-result run: | - result="" if [[ "\${{ contains(needs.*.result, 'failure') }}" == "true" ]]; then result="x" elif [[ "\${{ contains(needs.*.result, 'cancelled') }}" == "true" ]]; then @@ -2715,7 +2714,7 @@ jobs: else result="white_check_mark" fi - echo "::set-output name=result::$result" + echo "result=$result" >> $GITHUB_OUTPUT - name: Update Release PR Comment uses: actions/github-script@v6 env: @@ -2736,7 +2735,8 @@ jobs: if (updateComment) { console.log('Found comment to update:', JSON.stringify(updateComment, null, 2)) let body = updateComment.body.replace(/Workflow run: :[a-z_]+:/, \`Workflow run: :\${RESULT}:\`) - if (RESULT === 'x') { + const tagCodeowner = RESULT !== 'white_check_mark' + if (tagCodeowner) { body += \`/n/n:rotating_light:\` body += \` @npm/cli-team: The post-release workflow failed for this release.\` body += \` Manual steps may need to be taken after examining the workflow output\` @@ -2908,7 +2908,7 @@ GitHub takes the security of our software products and services seriously, inclu If you believe you have found a security vulnerability in this GitHub-owned open source repository, you can report it to us in one of two ways. -If the vulnerability you have found is *not* [in scope for the GitHub Bug Bounty Program](https://bounty.github.com/#scope) or if you do not wish to be considered for a bounty reward, please report the issue to us directly using [private vulnerability reporting](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability). +If the vulnerability you have found is *not* [in scope for the GitHub Bug Bounty Program](https://bounty.github.com/#scope) or if you do not wish to be considered for a bounty reward, please report the issue to us directly through [opensource-security@github.com](mailto:opensource-security@github.com). If the vulnerability you have found is [in scope for the GitHub Bug Bounty Program](https://bounty.github.com/#scope) and you would like for your finding to be considered for a bounty reward, please submit the vulnerability to us through [HackerOne](https://hackerone.com/github) in order to be eligible to receive a bounty award. @@ -3640,11 +3640,11 @@ jobs: run: | dependabot_dir="\${{ steps.metadata.outputs.directory }}" if [[ "$dependabot_dir" == "/" ]]; then - echo "::set-output name=workspace::-iwr" + echo "workspace=-iwr" >> $GITHUB_OUTPUT else # strip leading slash from directory so it works as a # a path to the workspace flag - echo "::set-output name=workspace::-w \${dependabot_dir#/}" + echo "workspace=-w \${dependabot_dir#/}" >> $GITHUB_OUTPUT fi - name: Apply Changes @@ -3653,7 +3653,7 @@ jobs: run: | npm run template-oss-apply \${{ steps.flags.outputs.workspace }} if [[ \`git status --porcelain\` ]]; then - echo "::set-output name=changes::true" + echo "changes=true" >> $GITHUB_OUTPUT fi # This only sets the conventional commit prefix. This workflow can't reliably determine # what the breaking change is though. If a BREAKING CHANGE message is required then @@ -3663,7 +3663,7 @@ jobs: else prefix='chore' fi - echo "::set-output name=message::$prefix: postinstall for dependabot template-oss PR" + echo "message=$prefix: postinstall for dependabot template-oss PR" >> $GITHUB_OUTPUT # This step will fail if template-oss has made any workflow updates. It is impossible # for a workflow to update other workflows. In the case it does fail, we continue @@ -3947,7 +3947,7 @@ jobs: run: | git commit --all --amend --no-edit || true git push --force-with-lease - echo "::set-output name=sha::$(git rev-parse HEAD)" + echo "sha=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT - name: Get Workflow Job uses: actions/github-script@v6 if: steps.commit.outputs.sha @@ -4028,7 +4028,7 @@ jobs: else result="success" fi - echo "::set-output name=result::$result" + echo "result=$result" >> $GITHUB_OUTPUT - name: Conclude Check uses: LouisBrunner/checks-action@v1.3.1 if: needs.update.outputs.check-id && always() @@ -4135,7 +4135,6 @@ jobs: - name: Get Needs Result id: needs-result run: | - result="" if [[ "\${{ contains(needs.*.result, 'failure') }}" == "true" ]]; then result="x" elif [[ "\${{ contains(needs.*.result, 'cancelled') }}" == "true" ]]; then @@ -4143,7 +4142,7 @@ jobs: else result="white_check_mark" fi - echo "::set-output name=result::$result" + echo "result=$result" >> $GITHUB_OUTPUT - name: Update Release PR Comment uses: actions/github-script@v6 env: @@ -4164,7 +4163,8 @@ jobs: if (updateComment) { console.log('Found comment to update:', JSON.stringify(updateComment, null, 2)) let body = updateComment.body.replace(/Workflow run: :[a-z_]+:/, \`Workflow run: :\${RESULT}:\`) - if (RESULT === 'x') { + const tagCodeowner = RESULT !== 'white_check_mark' + if (tagCodeowner) { body += \`/n/n:rotating_light:\` body += \` @npm/cli-team: The post-release workflow failed for this release.\` body += \` Manual steps may need to be taken after examining the workflow output\` diff --git a/test/release-please/changelog.js b/test/release-please/changelog.js index 4350cfcb..dee6f118 100644 --- a/test/release-please/changelog.js +++ b/test/release-please/changelog.js @@ -46,7 +46,21 @@ const mockChangelog = async ({ shas = true, authors = true, previousTag = true } return acc }, {}), }), - + octokit: { + rest: { + repos: { + listPullRequestsAssociatedWithCommit: async (commit) => { + if (commit.commit_sha === 'd') { + return { + data: [{ + number: 50, + }], + } + } + }, + }, + }, + }, } const changelog = new ChangelogNotes({ github }) @@ -75,7 +89,8 @@ t.test('changelog', async t => { // eslint-disable-next-line max-len '* [`b`](https://github.com/npm/cli/commit/b) [#100](https://github.com/npm/cli/pull/100) b (@username)', '### Bug Fixes', - '* [`d`](https://github.com/npm/cli/commit/d) this fixes it', + // eslint-disable-next-line max-len + '* [`d`](https://github.com/npm/cli/commit/d) [#50](https://github.com/npm/cli/pull/50) this fixes it', '### Dependencies', '* [`c`](https://github.com/npm/cli/commit/c) `test@1.2.3`', ])