@metasession.co/devaudit-cli 0.1.5 → 0.1.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@metasession.co/devaudit-cli",
|
|
3
|
-
"version": "0.1.
|
|
3
|
+
"version": "0.1.6",
|
|
4
4
|
"description": "DevAudit CLI — installs, syncs, and operates the Metasession SDLC across consumer projects.",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"bin": {
|
|
@@ -33,7 +33,7 @@
|
|
|
33
33
|
},
|
|
34
34
|
"dependencies": {
|
|
35
35
|
"@clack/prompts": "^0.8.2",
|
|
36
|
-
"@metasession.co/devaudit-plugin-sdk": "^0.1.
|
|
36
|
+
"@metasession.co/devaudit-plugin-sdk": "^0.1.6",
|
|
37
37
|
"commander": "^12.1.0",
|
|
38
38
|
"consola": "^3.2.3",
|
|
39
39
|
"env-paths": "^3.0.0",
|
|
@@ -33,6 +33,8 @@ jobs:
|
|
|
33
33
|
|
|
34
34
|
steps:
|
|
35
35
|
- uses: actions/checkout@v4
|
|
36
|
+
with:
|
|
37
|
+
fetch-depth: 0 # full history so the merged commits' REQ tags are readable
|
|
36
38
|
|
|
37
39
|
- name: Resolve DevAudit base URL and post-deploy terminal status
|
|
38
40
|
run: |
|
|
@@ -76,12 +78,29 @@ jobs:
|
|
|
76
78
|
- name: Resolve current release
|
|
77
79
|
id: release
|
|
78
80
|
run: |
|
|
79
|
-
|
|
81
|
+
# Resolve the release being PROMOTED — the same REQ the dev/UAT
|
|
82
|
+
# pipeline versioned (ci.yml / compliance-evidence.yml use
|
|
83
|
+
# derive-release-version.sh → REQ-XXX). The merge commit itself
|
|
84
|
+
# carries no REQ tag, so derive it from the commits merged into
|
|
85
|
+
# this push ([REQ-XXX] subject tags / Ref: lines), and only fall
|
|
86
|
+
# back to a bare date when the consumer uses date-versioned
|
|
87
|
+
# releases. Without this, a REQ-versioned release never converges:
|
|
88
|
+
# production evidence + the prod-review advance land on a phantom
|
|
89
|
+
# date release while the real REQ release stays uat_approved.
|
|
90
|
+
REQ=$(git log "${{ github.event.before }}..${{ github.sha }}" --format='%s%n%b' 2>/dev/null \
|
|
91
|
+
| grep -oiE '\[REQ-[0-9]+\]|Ref:[[:space:]]*REQ-[0-9]+' \
|
|
92
|
+
| grep -oiE 'REQ-[0-9]+' | head -1 | tr '[:lower:]' '[:upper:]' || true)
|
|
93
|
+
if [ -n "$REQ" ]; then
|
|
94
|
+
PREFIX="$REQ"
|
|
95
|
+
else
|
|
96
|
+
PREFIX="v$(date +%Y.%m.%d)"
|
|
97
|
+
fi
|
|
98
|
+
echo "Resolving release for version prefix: ${PREFIX}"
|
|
80
99
|
RESP=$(curl -s -H "Authorization: Bearer ${DEVAUDIT_API_KEY}" \
|
|
81
|
-
"${BASE}/api/ci/releases/resolve?projectSlug=${PROJECT_SLUG}&versionPrefix=${
|
|
100
|
+
"${BASE}/api/ci/releases/resolve?projectSlug=${PROJECT_SLUG}&versionPrefix=${PREFIX}")
|
|
82
101
|
VERSION=$(echo "$RESP" | jq -r '.latest.version // empty')
|
|
83
102
|
if [ -z "$VERSION" ]; then
|
|
84
|
-
VERSION="${
|
|
103
|
+
VERSION="${PREFIX}"
|
|
85
104
|
fi
|
|
86
105
|
RELEASE_ID=$(echo "$RESP" | jq -r '.latest.id // empty')
|
|
87
106
|
echo "version=${VERSION}" >> "$GITHUB_OUTPUT"
|