@npmcli/template-oss 4.17.0 → 4.18.1

package/lib/config.js

@@ -2,7 +2,8 @@ const { relative, dirname, join, extname, posix, win32 } = require('path')
 const { defaults, pick, omit, uniq } = require('lodash')
 const semver = require('semver')
 const parseCIVersions = require('./util/parse-ci-versions.js')
-const getGitUrl = require('./util/get-git-url.js')
+const parseDependabot = require('./util/dependabot.js')
+const git = require('./util/git.js')
 const gitignore = require('./util/gitignore.js')
 const { mergeWithArrays } = require('./util/merge.js')
 const { FILE_KEYS, parseConfig: parseFiles, getAddedFiles, mergeFiles } = require('./util/files.js')
@@ -11,6 +12,7 @@ const CONFIG_KEY = 'templateOSS'
 const getPkgConfig = (pkg) => pkg[CONFIG_KEY] || {}
 
 const { name: NAME, version: LATEST_VERSION } = require('../package.json')
+const { minimatch } = require('minimatch')
 const MERGE_KEYS = [...FILE_KEYS, 'defaultContent', 'content']
 const DEFAULT_CONTENT = require.resolve(NAME)
 
@@ -153,6 +155,12 @@ const getFullConfig = async ({
   const publicPkgs = pkgs.filter(p => !p.pkgJson.private)
   const allPrivate = pkgs.every(p => p.pkgJson.private)
 
+  const branches = uniq([...pkgConfig.branches ?? [], pkgConfig.releaseBranch]).filter(Boolean)
+  const gitBranches = await git.getBranches(rootPkg.path, branches)
+  const currentBranch = await git.currentBranch(rootPkg.path)
+  const isReleaseBranch = currentBranch ? minimatch(currentBranch, pkgConfig.releaseBranch) : false
+  const defaultBranch = await git.defaultBranch(rootPkg.path) ?? 'main'
+
   // all derived keys
   const derived = {
     isRoot,
@@ -170,6 +178,14 @@ const getFullConfig = async ({
     allPrivate,
     // controls whether we are in a monorepo with any public workspaces
     isMonoPublic: isMono && !!publicPkgs.filter(p => p.path !== rootPkg.path).length,
+    // git
+    defaultBranch,
+    baseBranch: isReleaseBranch ? currentBranch : defaultBranch,
+    branches: gitBranches.branches,
+    branchPatterns: gitBranches.patterns,
+    isReleaseBranch,
+    // dependabot
+    dependabot: parseDependabot(pkgConfig, defaultConfig, gitBranches.branches),
     // repo
     repoDir: rootPkg.path,
     repoFiles,
@@ -261,7 +277,7 @@ const getFullConfig = async ({
     }
   }
 
-  const gitUrl = await getGitUrl(rootPkg.path)
+  const gitUrl = await git.getUrl(rootPkg.path)
   if (gitUrl) {
     derived.repository = {
       type: 'git',

package/lib/content/_on-ci.yml

@@ -12,7 +12,7 @@ pull_request:
   {{/if}}
 push:
   branches:
-    {{#each branches}}
+    {{#each branchPatterns}}
     - {{ . }}
     {{/each}}
   {{#if isWorkspace}}

package/lib/content/_step-node.yml

@@ -1,15 +1,20 @@
 - name: Setup Node
   uses: actions/setup-node@v3
+  id: node
   with:
     node-version: {{#if jobIsMatrix}}$\{{ matrix.node-version }}{{else}}{{ last ciVersions }}{{/if}}
+    check-latest: contains({{#if jobIsMatrix}}matrix.node-version{{else}}'{{ last ciVersions }}'{{/if}}, '.x')
     {{#if lockfile}}
     cache: npm
     {{/if}}
+
 {{#if updateNpm}}
-{{#if jobIsMatrix}}
+# node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows
 - name: Update Windows npm
-  # node 12 and 14 ship with npm@6, which is known to fail when updating itself in windows
-  if: matrix.platform.os == 'windows-latest' && (startsWith(matrix.node-version, '12.') || startsWith(matrix.node-version, '14.'))
+  if: |
+    matrix.platform.os == 'windows-latest' && (
+      startsWith(steps.node.outputs.node-version, 'v10.') || startsWith(steps.node.outputs.node-version, 'v12.') || startsWith(steps.node.outputs.node-version, 'v14.')
+    )
   run: |
     curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz
     tar xf npm-7.5.4.tgz
@@ -17,15 +22,36 @@
     node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz
     cd ..
     rmdir /s /q package
-- name: Install npm@7
-  if: startsWith(matrix.node-version, '10.')
-  run: npm i --prefer-online --no-fund --no-audit -g npm@7
-- name: Install npm@{{ npmSpec }}
-  if: $\{{ !startsWith(matrix.node-version, '10.') }}
-{{else}}
-- name: Install npm@{{ npmSpec }}
-{{/if}}
-  run: npm i --prefer-online --no-fund --no-audit -g npm@{{ npmSpec }}
+
+# Start on Node 10 because we dont test on anything lower
+- name: Install npm@7 on Node 10
+  shell: bash
+  if: startsWith(steps.node.outputs.node-version, 'v10.')
+  id: npm-7
+  run: |
+    npm i --prefer-online --no-fund --no-audit -g npm@7
+    echo "updated=true" >> "$GITHUB_OUTPUT"
+
+- name: Install npm@8 on Node 12
+  shell: bash
+  if: startsWith(steps.node.outputs.node-version, 'v12.')
+  id: npm-8
+  run: |
+    npm i --prefer-online --no-fund --no-audit -g npm@8
+    echo "updated=true" >> "$GITHUB_OUTPUT"
+
+- name: Install npm@9 on Node 14/16/18.0
+  shell: bash
+  if: startsWith(steps.node.outputs.node-version, 'v14.') || startsWith(steps.node.outputs.node-version, 'v16.') || startsWith(steps.node.outputs.node-version, 'v18.0.')
+  id: npm-9
+  run: |
+    npm i --prefer-online --no-fund --no-audit -g npm@9
+    echo "updated=true" >> "$GITHUB_OUTPUT"
+
+- name: Install npm@latest on Node
+  if: $\{{ !(steps.npm-7.outputs.updated || steps.npm-8.outputs.updated || steps.npm-9.outputs.updated) }}
+  run: npm i --prefer-online --no-fund --no-audit -g npm@latest
+
 - name: npm Version
   run: npm -v
 {{/if}}

package/lib/content/ci-release.yml

@@ -7,7 +7,7 @@ on:
       ref:
         required: true
         type: string
-        default: {{ defaultBranch }}
+        default: {{ baseBranch }}
   workflow_call:
     inputs:
       ref:

package/lib/content/codeql-analysis.yml

@@ -3,12 +3,12 @@ name: CodeQL
 on:
   push:
     branches:
-      {{#each branches}}
+      {{#each branchPatterns}}
       - {{ . }}
       {{/each}}
   pull_request:
     branches:
-      {{#each branches}}
+      {{#each branchPatterns}}
       - {{ . }}
       {{/each}}
   schedule:

package/lib/content/dependabot.yml

@@ -1,15 +1,24 @@
 version: 2
 
 updates:
+  {{#each dependabot}}
   - package-ecosystem: npm
-    directory: {{ pkgDir }}
+    directory: /
     schedule:
       interval: daily
+    target-branch: "{{ branch }}"
     allow:
       - dependency-type: direct
-    versioning-strategy: {{ dependabot }}
+        {{#each allowNames }}
+        dependency-name: "{{ . }}"
+        {{/each}}
+    versioning-strategy: {{ strategy }}
     commit-message:
       prefix: deps
       prefix-development: chore
     labels:
       - "Dependencies"
+      {{#each labels }}
+      - "{{ . }}"
+      {{/each}}
+  {{/each}}

package/lib/content/index.js

@@ -38,14 +38,6 @@ const sharedRootAdd = (name) => ({
   '.github/dependabot.yml': {
     file: 'dependabot.yml',
     filter: (p) => p.config.dependabot,
-    clean: (p) => p.config.isRoot,
-    // dependabot takes a single top level config file. this parser
-    // will run for all configured packages and each one will have
-    // its item replaced in the updates array based on the directory
-    parser: (p) => class extends p.YmlMerge {
-      key = 'updates'
-      id = 'directory'
-    },
   },
   '.github/workflows/post-dependabot.yml': {
     file: 'post-dependabot.yml',
@@ -53,6 +45,7 @@ const sharedRootAdd = (name) => ({
   },
   '.github/settings.yml': {
     file: 'settings.yml',
+    filter: (p) => !p.config.isReleaseBranch,
   },
 })
 
@@ -60,6 +53,9 @@ const sharedRootRm = () => ({
   '.github/workflows/pull-request.yml': {
     filter: (p) => p.config.allPrivate,
   },
+  '.github/settings.yml': {
+    filter: (p) => p.config.isReleaseBranch,
+  },
 })
 
 // Changes applied to the root of the repo
@@ -139,8 +135,8 @@ module.exports = {
   workspaceModule,
   windowsCI: true,
   macCI: true,
-  branches: ['main', 'latest', 'release/v*'],
-  defaultBranch: 'main',
+  branches: ['main', 'latest'],
+  releaseBranch: 'release/v*',
   distPaths: [
     'bin/',
     'lib/',
@@ -167,7 +163,6 @@ module.exports = {
   publish: false,
   npm: 'npm',
   npx: 'npx',
-  npmSpec: 'latest',
   updateNpm: true,
   dependabot: 'increase-if-necessary',
   unwantedPackages: [

package/lib/content/pull-request.yml

@@ -21,4 +21,4 @@ jobs:
         env:
           PR_TITLE: $\{{ github.event.pull_request.title }}
         run: |
-          echo '$PR_TITLE' | {{ rootNpxPath }} --offline commitlint -V
+          echo "$PR_TITLE" | {{ rootNpxPath }} --offline commitlint -V

package/lib/content/release.yml

@@ -8,7 +8,7 @@ on:
         type: string
   push:
     branches:
-      {{#each branches}}
+      {{#each branchPatterns}}
       - {{ . }}
       {{/each}}
 

package/lib/content/settings.yml

@@ -14,6 +14,7 @@ branches:
     protection:
       required_status_checks: null
       enforce_admins: true
+      block_creations: true
       required_pull_request_reviews:
         required_approving_review_count: 1
         require_code_owner_reviews: true

package/lib/util/dependabot.js

@@ -0,0 +1,27 @@
+const { name: NAME } = require('../../package.json')
+const { minimatch } = require('minimatch')
+
+const parseDependabotConfig = (v) => typeof v === 'string' ? { strategy: v } : (v ?? {})
+
+module.exports = (config, defaultConfig, branches) => {
+  const { dependabot } = config
+  const { dependabot: defaultDependabot } = defaultConfig
+
+  if (!dependabot) {
+    return false
+  }
+
+  return branches
+    .filter((b) => dependabot[b] !== false)
+    .map(branch => {
+      const isReleaseBranch = minimatch(branch, config.releaseBranch)
+      return {
+        branch,
+        allowNames: isReleaseBranch ? [NAME] : [],
+        labels: isReleaseBranch ? ['Backport', branch] : [],
+        ...parseDependabotConfig(defaultDependabot),
+        ...parseDependabotConfig(dependabot),
+        ...parseDependabotConfig(dependabot[branch]),
+      }
+    })
+}

package/lib/util/git.js

@@ -0,0 +1,82 @@
+const hgi = require('hosted-git-info')
+const git = require('@npmcli/git')
+const { minimatch } = require('minimatch')
+
+const cache = new Map()
+
+const tryGit = async (path, ...args) => {
+  if (!await git.is({ cwd: path })) {
+    throw new Error('no git')
+  }
+  const key = [path, ...args].join(',')
+  if (cache.has(key)) {
+    return cache.get(key)
+  }
+  const res = git.spawn(args, { cwd: path }).then(r => r.stdout.trim())
+  cache.set(key, res)
+  return res
+}
+
+// parse a repo from a git origin into a format
+// for a package.json#repository object
+const getUrl = async (path) => {
+  try {
+    const urlStr = await tryGit(path, 'remote', 'get-url', 'origin')
+    const { domain, user, project } = hgi.fromUrl(urlStr)
+    const url = new URL(`https://${domain}`)
+    url.pathname = `/${user}/${project}.git`
+    return url.toString()
+  } catch {
+    // errors are ignored
+  }
+}
+
+const getBranches = async (path, branchPatterns) => {
+  let matchingBranches = new Set()
+  let matchingPatterns = new Set()
+
+  try {
+    const res = await tryGit(path, 'ls-remote', '--heads', 'origin').then(r => r.split('\n'))
+    const remotes = res.map((h) => h.match(/refs\/heads\/(.*)$/)).filter(Boolean).map(h => h[1])
+    for (const branch of remotes) {
+      for (const pattern of branchPatterns) {
+        if (minimatch(branch, pattern)) {
+          matchingBranches.add(branch)
+          matchingPatterns.add(pattern)
+        }
+      }
+    }
+  } catch {
+    matchingBranches = new Set(branchPatterns.filter(b => !b.includes('*')))
+    matchingPatterns = new Set(branchPatterns)
+  }
+
+  return {
+    branches: [...matchingBranches],
+    patterns: [...matchingPatterns],
+  }
+}
+
+const defaultBranch = async (path) => {
+  try {
+    const remotes = await tryGit(path, 'remote', 'show', 'origin')
+    return remotes.match(/HEAD branch: (.*)$/m)?.[1]
+  } catch {
+    // ignore errors
+  }
+}
+
+const currentBranch = async (path) => {
+  try {
+    return await tryGit(path, 'rev-parse', '--abbrev-ref', 'HEAD')
+  } catch {
+    // ignore errors
+  }
+}
+
+module.exports = {
+  getUrl,
+  getBranches,
+  defaultBranch,
+  currentBranch,
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@npmcli/template-oss",
-  "version": "4.17.0",
+  "version": "4.18.1",
   "description": "templated files used in npm CLI team oss projects",
   "main": "lib/content/index.js",
   "bin": {

package/lib/util/get-git-url.js

@@ -1,26 +0,0 @@
-const hgi = require('hosted-git-info')
-const git = require('@npmcli/git')
-
-// parse a repo from a git origin into a format
-// for a package.json#repository object
-const getRepo = async (path) => {
-  if (!await git.is({ cwd: path })) {
-    return
-  }
-
-  try {
-    const res = await git.spawn([
-      'remote',
-      'get-url',
-      'origin',
-    ], { cwd: path })
-    const { domain, user, project } = hgi.fromUrl(res.stdout.trim())
-    const url = new URL(`https://${domain}`)
-    url.pathname = `/${user}/${project}.git`
-    return url.toString()
-  } catch {
-    // errors are ignored
-  }
-}
-
-module.exports = getRepo