@npmcli/template-oss 4.1.2 → 4.3.0

package/lib/content/{setup-node.yml → _step-node.yml}

@@ -1,11 +1,13 @@
-- uses: actions/setup-node@v3
+- name: Setup Node
+  uses: actions/setup-node@v3
   with:
-    node-version: {{#if useMatrix}}$\{{ matrix.node-version }}{{else}}{{#each ciVersions}}{{#if @last}}{{.}}{{/if}}{{/each}}{{/if}}
+    node-version: {{#if jobNodeMatrix}}$\{{ matrix.node-version }}{{else}}{{ last ciVersions }}{{/if}}
     {{#if lockfile}}
     cache: npm
     {{/if}}
-{{#if useMatrix}}
-- name: Update to workable npm (windows)
+{{#if updateNpm}}
+{{#if jobNodeMatrix}}
+- name: Update Windows npm
   # node 12 and 14 ship with npm@6, which is known to fail when updating itself in windows
   if: matrix.platform.os == 'windows-latest' && (startsWith(matrix.node-version, '12.') || startsWith(matrix.node-version, '14.'))
   run: |
@@ -15,14 +17,15 @@
     node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz
     cd ..
     rmdir /s /q package
-- name: Update npm to 7
-  # If we do test on npm 10 it needs npm7
+- name: Install npm@7
   if: startsWith(matrix.node-version, '10.')
   run: npm i --prefer-online --no-fund --no-audit -g npm@7
-- name: Update npm to latest
+- name: Install npm@latest
   if: $\{{ !startsWith(matrix.node-version, '10.') }}
 {{else}}
-- name: Update npm to latest
+- name: Install npm@latest
 {{/if}}
   run: npm i --prefer-online --no-fund --no-audit -g npm@latest
-- run: npm -v
+- name: npm Version
+  run: npm -v
+{{/if}}

package/lib/content/_step-test.yml

@@ -0,0 +1,4 @@
+- name: Add Problem Matcher
+  run: echo "::add-matcher::.github/matchers/tap.json"
+- name: Test
+  run: {{ rootNpmPath }} test --ignore-scripts {{~#if jobRunFlags}} {{ jobRunFlags }}{{/if}}

package/lib/content/_steps-setup.yml

@@ -0,0 +1,6 @@
+{{~#if jobCheck}}{{> stepChecks }}{{/if}}
+{{~#unless jobSkipSetup}}
+{{> stepGit }}
+{{> stepNode }}
+{{> stepDeps }}
+{{/unless}}

package/lib/content/audit.yml

@@ -8,9 +8,6 @@ on:
 
 jobs:
   audit:
-    runs-on: ubuntu-latest
-    steps:
-      {{> setupGit}}
-      {{> setupNode}}
-      {{> setupDeps flags="--package-lock"}}
-      - run: npm audit
+    {{> job jobName="Audit Dependencies" jobDepFlags="--package-lock" }}
+      - name: Run Audit
+        run: {{ rootNpmPath }} audit

package/lib/content/ci-release.yml

@@ -0,0 +1,31 @@
+
+name: CI - Release
+
+on:
+  workflow_call:
+    inputs:
+      ref:
+        required: true
+        type: string
+      check-sha:
+        required: true
+        type: string
+
+jobs:
+  lint-all:
+    {{> job
+      jobName="Lint All"
+      jobCheck=(obj sha="${{ inputs.check-sha }}")
+      jobCheckout=(obj ref="${{ inputs.ref }}")
+    }}
+      {{> stepLint jobRunFlags=allFlags }}
+      {{> stepChecks jobCheck=true }}
+
+  test-all:
+    {{> jobMatrix
+      jobName="Test All - ${{ matrix.platform.name }} - Node ${{ matrix.node-version }}"
+      jobCheck=(obj sha="${{ inputs.check-sha }}")
+      jobCheckout=(obj ref="${{ inputs.ref }}")
+    }}
+      {{> stepTest jobRunFlags=allFlags }}
+      {{> stepChecks jobCheck=true }}

package/lib/content/ci.yml

@@ -1,61 +1,13 @@
-name: CI {{~#if isWorkspace}} - {{pkgName}}{{/if}}
+name: CI {{~#if isWorkspace}} - {{ pkgName }}{{/if}}
 
 on:
-  workflow_dispatch:
-  pull_request:
-    branches:
-      - '*'
-    {{#if pkgRelPath}}
-    paths:
-      - {{pkgRelPath}}/**
-    {{/if}}
-  push:
-    branches:
-      {{#each branches}}
-      - {{.}}
-      {{/each}}
-    {{#if pkgRelPath}}
-    paths:
-      - {{pkgRelPath}}/**
-    {{/if}}
-  schedule:
-    # "At 09:00 UTC (02:00 PT) on Monday" https://crontab.guru/#0_9_*_*_1
-    - cron: "0 9 * * 1"
+  {{> onCi }}
 
 jobs:
   lint:
-    runs-on: ubuntu-latest
-    steps:
-      {{> setupGit}}
-      {{> setupNode}}
-      {{> setupDeps}}
-      - run: npm run lint {{~#if isWorkspace}} -w {{pkgName}}{{/if}}
+    {{> job jobName="Lint" }}
+      {{> stepLint jobRunFlags=pkgFlags }}
 
   test:
-    strategy:
-      fail-fast: false
-      matrix:
-        node-version:
-          {{#each ciVersions}}
-          - {{.}}
-          {{/each}}
-        platform:
-          - os: ubuntu-latest
-            shell: bash
-          - os: macos-latest
-            shell: bash
-          {{#if windowsCI}}
-          - os: windows-latest
-            shell: cmd
-          {{/if}}
-    runs-on: $\{{ matrix.platform.os }}
-    defaults:
-      run:
-        shell: $\{{ matrix.platform.shell }}
-    steps:
-      {{> setupGit}}
-      {{> setupNode useMatrix=true}}
-      {{> setupDeps}}
-      - name: add tap problem matcher
-        run: echo "::add-matcher::.github/matchers/tap.json"
-      - run: npm test --ignore-scripts {{~#if isWorkspace}} -w {{pkgName}}{{/if}}
+    {{> jobMatrix jobName="Test All - ${{ matrix.platform.name }} - Node ${{ matrix.node-version }}" }}
+      {{> stepTest jobRunFlags=pkgFlags }}

package/lib/content/codeql-analysis.yml

@@ -1,16 +1,15 @@
-name: "CodeQL"
+name: CodeQL
 
 on:
   push:
     branches:
       {{#each branches}}
-      - {{.}}
+      - {{ . }}
       {{/each}}
   pull_request:
-    # The branches below must be a subset of the branches above
     branches:
       {{#each branches}}
-      - {{.}}
+      - {{ . }}
       {{/each}}
   schedule:
     # "At 10:00 UTC (03:00 PT) on Monday" https://crontab.guru/#0_10_*_*_1
@@ -24,17 +23,11 @@ jobs:
       actions: read
       contents: read
       security-events: write
-
-    strategy:
-      fail-fast: false
-      matrix:
-        language: [javascript]
-
     steps:
-    {{> setupGit}}
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v1
-      with:
-        languages: $\{{ matrix.language }}
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v1
+      {{> stepGit }}
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          languages: javascript
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2

package/lib/content/commitlintrc.js

@@ -1,7 +1,7 @@
 module.exports = {
   extends: ['@commitlint/config-conventional'],
   rules: {
-    'type-enum': [2, 'always', [{{#each changelogTypes}}'{{type}}'{{#unless @last}}, {{/unless}}{{/each}}]],
+    'type-enum': [2, 'always', [{{{ join (quote (pluck changelogTypes "type")) }}}]],
     'header-max-length': [2, 'always', 80],
     'subject-case': [0, 'always', ['lower-case', 'sentence-case', 'start-case']],
   },

package/lib/content/dependabot.yml

@@ -2,12 +2,12 @@ version: 2
 
 updates:
   - package-ecosystem: npm
-    directory: "/"
+    directory: {{ pkgDir }}
     schedule:
       interval: daily
     allow:
       - dependency-type: direct
-    versioning-strategy: increase-if-necessary
+    versioning-strategy: {{ dependabot }}
     commit-message:
       prefix: deps
       prefix-development: chore

package/lib/content/eslintrc.js

@@ -8,6 +8,13 @@ const localConfigs = readdir(__dirname)
 
 module.exports = {
   root: true,
+  {{#if workspaceGlobs}}
+  ignorePatterns: [
+    {{#each workspaceGlobs}}
+    '{{ . }}',
+    {{/each}}
+  ],
+  {{/if}}
   extends: [
     '@npmcli',
     ...localConfigs,

package/lib/content/gitignore

@@ -2,19 +2,6 @@
 /*
 
 # keep these
-!/.eslintrc.local.*
-!**/.gitignore
-!/docs/
-!/tap-snapshots/
-!/test/
-!/map.js
-!/scripts/
-!/README*
-!/LICENSE*
-!/CHANGELOG*
 {{#each ignorePaths}}
-{{.}}
+{{ . }}
 {{/each}}
-{{#if lockfile}}
-!/package-lock.json
-{{/if}}

package/lib/content/index.js

@@ -1,46 +1,67 @@
 const { name: NAME, version: LATEST_VERSION } = require('../../package.json')
 
-const releasePlease = () => ({
-  '.github/workflows/release-please.yml': {
-    file: 'release-please.yml',
-    filter: (o) => !o.pkg.private,
+const isPublic = (p) => !p.pkg.private
+
+const sharedRoot = (name) => ({
+  // release
+  '.github/workflows/release.yml': {
+    file: 'release.yml',
+    filter: isPublic,
   },
-  '.github/workflows/release-test.yml': {
-    file: 'release-test.yml',
-    filter: (o) => !o.pkg.private && o.config.releaseTest === 'release-test.yml',
+  '.github/workflows/ci-release.yml': {
+    file: 'ci-release.yml',
+    filter: isPublic,
   },
   '.release-please-manifest.json': {
     file: 'release-please-manifest.json',
-    filter: (o) => !o.pkg.private,
-    parser: (p) => class NoCommentJson extends p.JsonMerge {
+    filter: isPublic,
+    parser: (p) => class extends p.JsonMerge {
       comment = null
     },
   },
   'release-please-config.json': {
     file: 'release-please-config.json',
-    filter: (o) => !o.pkg.private,
-    parser: (p) => class NoCommentJson extends p.JsonMerge {
+    filter: isPublic,
+    parser: (p) => class extends p.JsonMerge {
       comment = null
     },
   },
+  // ci
+  '.github/matchers/tap.json': 'tap.json',
+  [`.github/workflows/ci${name ? `-${name}` : ''}.yml`]: 'ci.yml',
+  // dependabot
+  '.github/dependabot.yml': {
+    file: 'dependabot.yml',
+    clean: (p) => p.config.isRoot,
+    // dependabot takes a single top level config file. this parser
+    // will run for all configured packages and each one will have
+    // its item replaced in the updates array based on the directory
+    parser: (p) => class extends p.YmlMerge {
+      key = 'updates'
+      id = 'directory'
+    },
+  },
+  '.github/workflows/post-dependabot.yml': {
+    file: 'post-dependabot.yml',
+  },
 })
 
 // Changes applied to the root of the repo
 const rootRepo = {
   add: {
     '.commitlintrc.js': 'commitlintrc.js',
-    '.github/workflows/ci.yml': 'ci.yml',
     '.github/ISSUE_TEMPLATE/bug.yml': 'bug.yml',
     '.github/ISSUE_TEMPLATE/config.yml': 'config.yml',
     '.github/CODEOWNERS': 'CODEOWNERS',
-    '.github/dependabot.yml': 'dependabot.yml',
-    '.github/matchers/tap.json': 'tap.json',
     '.github/workflows/audit.yml': 'audit.yml',
     '.github/workflows/codeql-analysis.yml': 'codeql-analysis.yml',
-    '.github/workflows/post-dependabot.yml': 'post-dependabot.yml',
     '.github/workflows/pull-request.yml': 'pull-request.yml',
-    ...releasePlease(),
+    ...sharedRoot(),
   },
+  rm: [
+    '.github/workflows/release-test.yml',
+    '.github/workflows/release-please.yml',
+  ],
 }
 
 // These are also applied to the root of the repo
@@ -65,13 +86,11 @@ const rootModule = {
 // Changes for each workspace but applied to the root of the repo
 const workspaceRepo = {
   add: {
-    ...releasePlease(true),
-    '.github/matchers/tap.json': 'tap.json',
-    '.github/workflows/ci-{{pkgNameFs}}.yml': 'ci.yml',
+    ...sharedRoot('{{ pkgNameFs }}'),
   },
   rm: [
     // These are the old release please files that should be removed now
-    '.github/workflows/release-please-{{pkgNameFs}}.yml',
+    '.github/workflows/release-please-{{ pkgNameFs }}.yml',
   ],
 }
 
@@ -95,17 +114,33 @@ module.exports = {
   workspaceRepo,
   workspaceModule,
   windowsCI: true,
+  macCI: true,
   branches: ['main', 'latest'],
   releaseBranches: [],
-  defaultBranch: 'main',
-  // Escape hatch since we write a release test file but the
-  // CLI has a very custom one we dont want to overwrite. This
-  // setting allows us to call a workflow by any name during release
-  releaseTest: 'release-test.yml',
-  distPaths: ['bin/', 'lib/'],
+  distPaths: [
+    'bin/',
+    'lib/',
+  ],
+  allowPaths: [
+    '/bin/',
+    '/lib/',
+    '/.eslintrc.local.*',
+    '**/.gitignore',
+    '/docs/',
+    '/tap-snapshots/',
+    '/test/',
+    '/map.js',
+    '/scripts/',
+    '/README*',
+    '/LICENSE*',
+    '/CHANGELOG*',
+  ],
+  ignorePaths: [],
   ciVersions: ['14.17.0', '14.x', '16.13.0', '16.x', '18.0.0', '18.x'],
   lockfile: false,
-  npmBin: 'npm',
+  npm: 'npm',
+  npx: 'npx',
+  dependabot: 'increase-if-necessary',
   unwantedPackages: [
     'eslint',
     'eslint-plugin-node',

package/lib/content/npmrc

@@ -1 +1 @@
-package-lock={{lockfile}}
+package-lock={{ lockfile }}

package/lib/content/pkg.json

@@ -1,27 +1,47 @@
 {
   "author": "GitHub Inc.",
-  "files": {{{json distPaths}}},
+  "files": {{{ json distPaths }}},
   "scripts": {
     "lint": "eslint \"**/*.js\"",
     "postlint": "template-oss-check",
     "template-oss-apply": "template-oss-apply --force",
-    "lintfix": "{{npmBin}} run lint -- --fix",
-    "preversion": {{{del}}},
-    "postversion": {{{del}}},
-    "prepublishOnly": {{{del}}},
+    "lintfix": "{{ localNpmPath }} run lint -- --fix",
     "snap": "tap",
     "test": "tap",
-    "posttest": "{{npmBin}} run lint",
-    "template-copy": {{{del}}},
-    "lint:fix": {{{del}}}
+    "posttest": "{{ localNpmPath }} run lint",
+    {{#if isRootMono}}
+    "test-all": "{{ localNpmPath }} run test {{ allFlags }}",
+    "lint-all": "{{ localNpmPath }} run lint {{ allFlags }}",
+    {{/if}}
+    "template-copy": {{{ del }}},
+    "lint:fix": {{{ del }}},
+    "preversion": {{{ del }}},
+    "postversion": {{{ del }}},
+    "prepublishOnly": {{{ del }}},
+    "postpublish": {{{ del }}}
   },
-  "repository": {{#if repository}}{{{json repository}}}{{else}}{{{del}}}{{/if}},
+  "repository": {{#if repository}}{{{ json repository }}}{{else}}{{{ del }}}{{/if}},
   "engines": {
-    "node": {{{json engines}}}
+    {{#if engines}}
+    "node": {{{ json engines }}}
+    {{/if}}
   },
-  {{{json __CONFIG_KEY__}}}: {
-    "version": {{#if isDogFood}}{{{del}}}{{else}}{{{json __VERSION__}}}{{/if}}
+  {{{ json __CONFIG_KEY__ }}}: {
+    "version": {{#if isDogFood}}{{{ del }}}{{else}}{{{ json __VERSION__ }}}{{/if}}
   },
-  "templateVersion": {{{del}}},
-  "standard": {{{del}}}
+  "templateVersion": {{{ del }}},
+  "standard": {{{ del }}},
+  "tap": {
+    {{#if workspacePaths}}
+    "test-ignore": "^({{ join workspacePaths "|" }})/**",
+    {{/if}}
+    "nyc-arg": [
+      {{#each workspaceGlobs}}
+      "--exclude",
+      "{{ . }}",
+      {{/each}}
+      "--exclude",
+      "tap-snapshots/**"
+    ]
+  }
 }

package/lib/content/post-dependabot.yml

@@ -1,31 +1,70 @@
-name: Post Dependabot Actions
+name: Post Dependabot
 
 on:
   pull_request
 
-# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
 permissions:
   contents: write
 
 jobs:
-  template-oss-apply:
-    runs-on: ubuntu-latest
-    if: github.actor == 'dependabot[bot]'
-    steps:
-      {{> setupGit with=(obj ref="${{ github.event.pull_request.head_ref }}")}}
-      {{> setupNode}}
-      {{> setupDeps}}
-      - name: Dependabot metadata
+  template-oss:
+    {{> job
+      jobName="template-oss"
+      jobIf="github.actor == 'dependabot[bot]'"
+      jobCheckout=(obj ref="${{ github.event.pull_request.head_ref }}")
+    }}
+      - name: Fetch Dependabot Metadata
         id: metadata
-        uses: dependabot/fetch-metadata@v1.1.1
+        uses: dependabot/fetch-metadata@v1
         with:
-          github-token: "$\{{ secrets.GITHUB_TOKEN }}"
-      - name: Apply {{__NAME__}} changes and lint
-        if: contains(steps.metadata.outputs.dependency-names, '{{__NAME__}}')
+          github-token: $\{{ secrets.GITHUB_TOKEN }}
+
+      # Dependabot can update multiple directories so we output which directory
+      # it is acting on so we can run the command for the correct root or workspace
+      - name: Get Dependabot Directory
+        if: contains(steps.metadata.outputs.dependency-names, '{{ __NAME__ }}')
+        id: flags
+        run: |
+          if [[ "$\{{ steps.metadata.outputs.directory }}" == "/" ]]; then
+            echo "::set-output name=workspace::-iwr"
+          else
+            echo "::set-output name=workspace::-w $\{{ steps.metadata.outputs.directory }}"
+          fi
+
+      - name: Apply Changes
+        if: steps.flags.outputs.workspace
+        id: apply
+        run: |
+          {{ rootNpmPath }} run template-oss-apply $\{{ steps.flags.outputs.workspace }}
+          if [[ `git status --porcelain` ]]; then
+            echo "::set-output name=changes::true"
+          fi
+
+      # This step will fail if template-oss has made any workflow updates. It is impossible
+      # for a workflow to update other workflows. In the case it does fail, we continue
+      # and then try to apply only a portion of the changes in the next step
+      - name: Push All Changes
+        if: steps.apply.outputs.changes
+        id: push
+        continue-on-error: true
         env:
           GITHUB_TOKEN: $\{{ secrets.GITHUB_TOKEN }}
         run: |
-          npm run template-oss-apply
           git commit -am "chore: postinstall for dependabot template-oss PR"
           git push
-          npm run lint
+
+      - name: Push All Changes Except Workflows
+        if: steps.push.outcome == 'failure'
+        env:
+          GITHUB_TOKEN: $\{{ secrets.GITHUB_TOKEN }}
+        run: |
+          git reset HEAD~
+          git checkout HEAD -- .github/workflows/
+          git clean -fd .github/workflows/
+          git commit -am "chore: postinstall for dependabot template-oss PR"
+          git push
+
+      - name: Check Changes
+        if: steps.apply.outputs.changes
+        run: |
+          {{ rootNpmPath }} exec --offline $\{{ steps.flags.outputs.workspace }} -- template-oss-check

package/lib/content/pull-request.yml

@@ -1,4 +1,4 @@
-name: Pull Request Linting
+name: Pull Request
 
 on:
   pull_request:
@@ -9,16 +9,14 @@ on:
       - synchronize
 
 jobs:
-  check:
-    name: Check PR Title or Commits
-    runs-on: ubuntu-latest
-    steps:
-      {{> setupGit with=(obj fetch-depth=0)}}
-      {{> setupNode}}
-      {{> setupDeps}}
-      - name: Check commits or PR title
-        env:
-          PR_TITLE: $\{{ github.event.pull_request.title }}
+  commitlint:
+    {{> job jobName="Lint Commits" jobCheckout=(obj fetch-depth=0) }}
+      - name: Run Commitlint on Commits
+        id: commit
+        continue-on-error: true
         run: |
-          npx --offline commitlint -V --from origin/{{defaultBranch}} --to $\{{ github.event.pull_request.head.sha }} \
-            || echo $PR_TITLE | npx --offline commitlint -V
+          {{ rootNpxPath }} --offline commitlint -V --from origin/$\{{ github.base_ref }} --to $\{{ github.event.pull_request.head.sha }}
+      - name: Run Commitlint on PR Title
+        if: steps.commit.outcome == 'failure'
+        run: |
+          echo $\{{ github.event.pull_request.title }} | {{ rootNpxPath }} --offline commitlint -V

package/lib/content/release-please-config.json

@@ -1,13 +1,13 @@
 {
-  "separate-pull-requests": {{{del}}},
-  "plugins": {{#if isMono}}["node-workspace"]{{else}}{{{del}}}{{/if}},
+  "separate-pull-requests": {{{ del }}},
+  "plugins": {{#if isMono }}["node-workspace"]{{ else }}{{{ del }}}{{/if}},
   "exclude-packages-from-root": true,
   "group-pull-request-title-pattern": "chore: release ${version}",
   "pull-request-title-pattern": "chore: release${component} ${version}",
-  "changelog-sections": {{{json changelogTypes}}},
+  "changelog-sections": {{{ json changelogTypes }}},
   "packages": {
-    "{{#unless pkgRelPath}}.{{/unless}}{{pkgRelPath}}": {
-      {{#unless pkgRelPath}}"package-name": ""{{/unless}}
+    "{{ pkgPath }}": {
+      {{#if isRoot}}"package-name": ""{{/if}}
     }
   }
 }

package/lib/content/release-please-manifest.json

@@ -1,3 +1,3 @@
 {
-  "{{#unless pkgRelPath}}.{{/unless}}{{pkgRelPath}}": "{{pkg.version}}"
+  "{{ pkgPath }}": "{{ pkg.version }}"
 }