@node-core/utils 5.9.0 → 5.11.0

package/bin/git-node.js

@@ -27,4 +27,6 @@ Promise.all(commandFiles.map(importCommand)).then((commands) => {
     .epilogue(epilogue)
     .help('help')
     .parse();
+}).catch((err) => {
+  throw err;
 });

package/components/git/metadata.js

@@ -90,5 +90,6 @@ export function handler(argv) {
       if (status === false) {
         throw new Error(IGNORE);
       }
+      return undefined;
     }));
 }

package/lib/ci/build-types/health_build.js

@@ -20,10 +20,10 @@ class Health {
   formatAsMarkdown() {
     const { success, pending, aborted, failed, unstable, count } = this;
     const rate = `${(success / (count - pending - aborted) * 100).toFixed(2)}%`;
-    // eslint-disable-next-line max-len
-    let result = '| UTC Time         | RUNNING | SUCCESS | UNSTABLE | ABORTED | FAILURE | Green Rate |\n';
-    // eslint-disable-next-line max-len
-    result += '| ---------------- | ------- | ------- | -------- | ------- | ------- | ---------- |\n';
+    let result =
+      '| UTC Time         | RUNNING | SUCCESS | UNSTABLE | ABORTED | FAILURE | Green Rate |\n';
+    result +=
+      '| ---------------- | ------- | ------- | -------- | ------- | ------- | ---------- |\n';
     const time = new Date().toISOString().slice(0, 16).replace('T', ' ');
     result += `| ${time} | ${pad(pending, 7)} | ${pad(success, 8)}|`;
     result += ` ${pad(unstable, 8)} | ${pad(aborted, 7)} | ${pad(failed, 7)} |`;

package/lib/ci/build-types/test_build.js

@@ -76,6 +76,8 @@ export class TestBuild extends Job {
         return result;
       }
     }
+
+    return undefined;
   }
 
   get commit() {

package/lib/ci/ci_failure_parser.js

@@ -204,7 +204,6 @@ const FAILURE_FILTERS = [{
       context: { index: 0, contextBefore: 0, contextAfter: 0 }
     }, {
       pattern:
-        // eslint-disable-next-line max-len
         /error: Your local changes to the following files[\s\S]+Failed to merge in the changes./g,
       context: { index: 0, contextBefore: 0, contextAfter: 0 }
     }, {

package/lib/cli.js

@@ -81,6 +81,7 @@ export default class CLI {
       return defaultAnswer;
     }
 
+    // eslint-disable-next-line import/namespace -- Plugin can't validate computed reference here
     const answer = await inquirer[questionType]({
       message: question,
       default: defaultAnswer

package/lib/collaborators.js

@@ -105,7 +105,6 @@ function parseCollaborators(readme, cli) {
 
   // We also assume that TSC & TSC Emeriti are also listed as collaborators
   CONTACT_RE.lastIndex = tscIndex;
-  // eslint-disable-next-line no-cond-assign
   while ((m = CONTACT_RE.exec(readme)) && CONTACT_RE.lastIndex < tscrIndex) {
     const login = m[1].toLowerCase();
     const user = new Collaborator(m[1], m[2], m[3], TSC);
@@ -113,7 +112,6 @@ function parseCollaborators(readme, cli) {
   }
 
   CONTACT_RE.lastIndex = clIndex;
-  // eslint-disable-next-line no-cond-assign
   while ((m = CONTACT_RE.exec(readme)) &&
     CONTACT_RE.lastIndex < cleIndex) {
     const login = m[1].toLowerCase();

package/lib/prepare_release.js

@@ -40,7 +40,7 @@ export default class ReleasePreparation extends Session {
     const { cli } = this;
 
     cli.warn(`PR#${pr.number} - ${pr.title} is not 'MERGEABLE'.
-      So, it will be skipped. Status: ${pr.mergeable}`);
+      Status: ${pr.mergeable}`);
   }
 
   async getOpenPRs(filterLabels) {
@@ -66,7 +66,6 @@ export default class ReleasePreparation extends Session {
     for (const pr of prs) {
       if (pr.mergeable !== 'MERGEABLE') {
         this.warnForNonMergeablePR(pr);
-        continue;
       }
       const cp = new CherryPick(pr.number, this.dir, cli, {
         owner: this.owner,
@@ -486,7 +485,7 @@ export default class ReleasePreparation extends Session {
     let releaseHeader = `## ${date}, Version ${newVersion}` +
                           ` ${releaseInfo}, @${username}\n`;
     if (isSecurityRelease) {
-      releaseHeader += '\nThis is a security release.';
+      releaseHeader += '\nThis is a security release.\n';
     }
 
     const topHeader =

package/lib/prepare_security.js

@@ -52,24 +52,27 @@ export default class PrepareSecurityRelease extends SecurityRelease {
     await this.closeAndRequestDisclosure(vulnerabilityJSON.reports);
 
     this.cli.info('Closing pull requests');
-    // For now, close the ones with vN.x label
-    await this.closePRWithLabel(this.getAffectedVersions(vulnerabilityJSON));
+    // For now, close the ones with Security Release label
+    await this.closePRWithLabel('Security Release');
 
-    const updateFolder = this.cli.prompt(
-      // eslint-disable-next-line max-len
-      `Would you like to update the next-security-release folder to ${vulnerabilityJSON.releaseDate}?`,
+    const updateFolder = await this.cli.prompt(
+      `Would you like to update the next-security-release folder to ${
+        vulnerabilityJSON.releaseDate}?`,
       { defaultAnswer: true });
     if (updateFolder) {
-      const newFolder = this.updateReleaseFolder(vulnerabilityJSON.releaseDate);
+      this.updateReleaseFolder(
+        vulnerabilityJSON.releaseDate.replaceAll('/', '-')
+      );
+      const securityReleaseFolder = path.join(process.cwd(), 'security-release');
       commitAndPushVulnerabilitiesJSON(
-        newFolder,
+        securityReleaseFolder,
         'chore: change next-security-release folder',
         { cli: this.cli, repository: this.repository }
       );
     }
     this.cli.info(`Merge pull request with:
         - git checkout main
-        - git merge --squash ${NEXT_SECURITY_RELEASE_BRANCH}
+        - git merge ${NEXT_SECURITY_RELEASE_BRANCH} --no-ff -m "chore: add latest security release"
         - git push origin main`);
     this.cli.ok('Done!');
   }
@@ -306,16 +309,17 @@ export default class PrepareSecurityRelease extends SecurityRelease {
       labels = [labels];
     }
 
-    const url = 'https://github.com/nodejs-private/node-private/pulls';
+    const url = 'https://github.com/nodejs-private/node-private/pull';
     this.cli.startSpinner('Closing GitHub Pull Requests...');
     // At this point, GitHub does not provide filters through their REST API
-    const prs = this.req.getPullRequest(url);
+    const prs = await this.req.getPullRequest(url);
     for (const pr of prs) {
-      if (pr.labels.some((l) => labels.includes(l))) {
-        this.cli.updateSpinner(`Closing Pull Request: ${pr.id}`);
-        await this.req.closePullRequest(pr.id);
+      if (pr.labels.some((l) => labels.includes(l.name))) {
+        this.cli.updateSpinner(`Closing Pull Request: ${pr.number}`);
+        await this.req.closePullRequest(pr.number,
+          { owner: 'nodejs-private', repo: 'node-private' });
       }
     }
-    this.cli.startSpinner('Closed GitHub Pull Requests.');
+    this.cli.stopSpinner('Closed GitHub Pull Requests.');
   }
 }

package/lib/release/utils.js

@@ -21,12 +21,10 @@ export function getStartLTSBlurb({ date, ltsCodename, versionComponents }) {
   const eol = eolDate.toLocaleString('en-US', dateFormat);
   const { major } = versionComponents;
   return [
-    /* eslint-disable max-len */
     `This release marks the transition of Node.js ${major}.x into Long Term Support (LTS)`,
     `with the codename '${ltsCodename}'. The ${major}.x release line now moves into "Active LTS"`,
     `and will remain so until ${mainStart}. After that time, it will move into`,
     `"Maintenance" until end of life in ${eol}.`
-    /* eslint-enable */
   ].join('\n');
 }
 

package/lib/request.js

@@ -109,14 +109,15 @@ export default class Request {
     return this.json(url, options);
   }
 
-  async closePullRequest({ owner, repo }) {
-    const url = `https://api.github.com/repos/${owner}/${repo}/pulls`;
+  async closePullRequest(id, { owner, repo }) {
+    const url = `https://api.github.com/repos/${owner}/${repo}/pulls/${id}`;
     const options = {
       method: 'POST',
       headers: {
         Authorization: `Basic ${this.credentials.github}`,
         'User-Agent': 'node-core-utils',
-        Accept: 'application/vnd.github+json'
+        Accept: 'application/vnd.github+json',
+        'Content-Type': 'application/json'
       },
       body: JSON.stringify({
         state: 'closed'
@@ -230,7 +231,8 @@ export default class Request {
       headers: {
         Authorization: `Basic ${this.credentials.h1}`,
         'User-Agent': 'node-core-utils',
-        Accept: 'application/json'
+        Accept: 'application/json',
+        'Content-Type': 'application/json'
       },
       body: JSON.stringify({
         data: {
@@ -252,11 +254,13 @@ export default class Request {
       headers: {
         Authorization: `Basic ${this.credentials.h1}`,
         'User-Agent': 'node-core-utils',
-        Accept: 'application/json'
+        Accept: 'application/json',
+        'Content-Type': 'application/json'
       },
       body: JSON.stringify({
         data: {
           attributes: {
+            message: 'Requesting disclosure',
             // default to limited version
             substate: 'no-content'
           }

package/lib/security-release/security-release.js

@@ -236,7 +236,7 @@ export class SecurityRelease {
   updateReleaseFolder(releaseDate) {
     const folder = path.join(process.cwd(),
       NEXT_SECURITY_RELEASE_FOLDER);
-    const newFolder = path.join(process.cwd(), releaseDate);
+    const newFolder = path.join(process.cwd(), 'security-release', releaseDate);
     fs.renameSync(folder, newFolder);
     return newFolder;
   }

package/lib/security_blog.js

@@ -101,7 +101,7 @@ export default class SecurityBlog extends SecurityRelease {
       dependencyUpdates: content.dependencies
     };
 
-    const pathToBlogPosts = path.resolve(nodejsOrgFolder, 'apps/site/pages/en/blog/release');
+    const pathToBlogPosts = path.resolve(nodejsOrgFolder, 'apps/site/pages/en/blog/vulnerability');
     const pathToBannerJson = path.resolve(nodejsOrgFolder, 'apps/site/site.json');
 
     const preReleasePath = path.resolve(pathToBlogPosts, data.slug + '.md');
@@ -250,12 +250,8 @@ export default class SecurityBlog extends SecurityRelease {
     if (Object.keys(dependencyUpdates).length === 0) return '';
     let template = '\nThis security release includes the following dependency' +
       ' updates to address public vulnerabilities:\n';
-    for (const dependencyUpdate of Object.values(dependencyUpdates)) {
-      for (const dependency of dependencyUpdate) {
-        const title = dependency.title.substring(dependency.title.indexOf(':') + ':'.length).trim();
-        template += `- ${title}\
- on ${dependency.affectedVersions.join(', ')}\n`;
-      }
+    for (const [dependency, { versions, affectedVersions }] of Object.entries(dependencyUpdates)) {
+      template += `- ${dependency} (${versions.join(', ')}) on ${affectedVersions.join(', ')}\n`;
     }
     return template;
   }

package/lib/team_info.js

@@ -67,7 +67,6 @@ TeamInfo.update = async function(cli, request, content) {
 
   const blocks = new Map();
   let m;
-  // eslint-disable-next-line no-cond-assign
   while ((m = RE.exec(content))) {
     const [, org, team] = m;
     const mapKey = key(org, team);

package/lib/update-v8/constants.js

@@ -41,6 +41,9 @@ const fp16Ignore = `!/third_party/fp16
 const fastFloatReplace = `/third_party/fast_float/src/*
 !/third_party/fast_float/src/include`;
 
+const highwayIgnore = `/third_party/highway/src/*
+!/third_party/highway/src/hwy`;
+
 export const v8Deps = [
   {
     name: 'trace_event',
@@ -115,5 +118,20 @@ export const v8Deps = [
       replace: fastFloatReplace
     },
     since: 130
+  },
+  {
+    name: 'highway',
+    repo: 'third_party/highway/src',
+    gitignore: {
+      match: '/third_party/highway/src',
+      replace: highwayIgnore
+    },
+    since: 134
+  },
+  {
+    name: 'simdutf',
+    repo: 'third_party/simdutf',
+    gitignore: '!/third_party/simdutf',
+    since: 134
   }
 ];

package/lib/update-v8/majorUpdate.js

@@ -119,7 +119,6 @@ function updateV8Deps() {
         path: v8Dep.repo
       })), newV8Version);
       if (deps.length === 0) return;
-      /* eslint-disable no-await-in-loop */
       for (const dep of deps) {
         if (dep.gitignore) {
           if (typeof dep.gitignore === 'string') {
@@ -132,7 +131,6 @@ function updateV8Deps() {
         const thePath = path.join(ctx.nodeDir, 'deps/v8', dep.path);
         await fetchFromGit(thePath, repo, commit);
       }
-      /* eslint-enable */
     }
   };
 }

package/lib/voting_session.js

@@ -10,6 +10,7 @@ import {
   getEditor, isGhAvailable
 } from './utils.js';
 
+// eslint-disable-next-line import/no-unresolved
 import voteUsingGit from '@node-core/caritat/voteUsingGit';
 import * as yaml from 'js-yaml';
 
@@ -97,7 +98,7 @@ export default class VotingSession extends Session {
         cp.stdin.end(share);
         const [code] = await Promise.race([
           once(cp, 'exit'),
-          once(cp, 'error').then((er) => Promise.reject(er))
+          once(cp, 'error').then((er) => { throw er; })
         ]);
         if (code !== 0) throw new Error('failed', { cause: code });
         return Buffer.concat(await stdout);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@node-core/utils",
-  "version": "5.9.0",
+  "version": "5.11.0",
   "description": "Utilities for Node.js core collaborators",
   "type": "module",
   "engines": {
@@ -34,37 +34,40 @@
   ],
   "license": "MIT",
   "dependencies": {
-    "@inquirer/prompts": "^6.0.1",
-    "@listr2/prompt-adapter-enquirer": "^2.0.11",
+    "@inquirer/prompts": "^7.2.3",
+    "@listr2/prompt-adapter-enquirer": "^2.0.12",
     "@node-core/caritat": "^1.6.0",
     "@pkgjs/nv": "^0.2.2",
     "branch-diff": "^3.1.1",
-    "chalk": "^5.3.0",
-    "changelog-maker": "^4.3.1",
+    "chalk": "^5.4.1",
+    "changelog-maker": "^4.3.2",
     "cheerio": "^1.0.0",
     "clipboardy": "^4.0.0",
     "core-validate-commit": "^4.1.0",
     "figures": "^6.1.0",
-    "ghauth": "^6.0.7",
+    "ghauth": "^6.0.10",
     "git-secure-tag": "^2.3.1",
     "js-yaml": "^4.1.0",
-    "listr2": "^8.2.4",
+    "listr2": "^8.2.5",
     "lodash": "^4.17.21",
     "log-symbols": "^7.0.0",
-    "ora": "^8.1.0",
-    "replace-in-file": "^8.2.0",
-    "undici": "^6.19.8",
-    "which": "^4.0.0",
+    "ora": "^8.1.1",
+    "replace-in-file": "^8.3.0",
+    "semver": "^7.6.3",
+    "undici": "^7.3.0",
+    "which": "^5.0.0",
     "yargs": "^17.7.2"
   },
   "devDependencies": {
-    "@reporters/github": "^1.7.1",
-    "c8": "^10.1.2",
-    "eslint": "^8.57.1",
-    "eslint-config-standard": "^17.1.0",
-    "eslint-plugin-import": "^2.30.0",
-    "eslint-plugin-n": "^16.6.2",
-    "eslint-plugin-promise": "^6.6.0",
+    "@eslint/js": "^9.19.0",
+    "@reporters/github": "^1.7.2",
+    "c8": "^10.1.3",
+    "eslint": "^9.19.0",
+    "eslint-plugin-import": "^2.31.0",
+    "eslint-plugin-n": "^17.15.1",
+    "eslint-plugin-promise": "^7.2.1",
+    "globals": "^15.14.0",
+    "neostandard": "^0.12.0",
     "sinon": "^19.0.2"
   }
 }