@npmcli/template-oss 4.19.0 → 4.21.0

package/lib/release/release-please.js

@@ -0,0 +1,180 @@
+const RP = require('release-please')
+const {
+  DefaultVersioningStrategy,
+} = require('release-please/build/src/versioning-strategies/default.js')
+const {
+  PrereleaseVersioningStrategy,
+} = require('release-please/build/src/versioning-strategies/prerelease.js')
+const { ROOT_PROJECT_PATH } = require('release-please/build/src/manifest.js')
+const { CheckpointLogger, logger } = require('release-please/build/src/util/logger.js')
+const assert = require('assert')
+const core = require('@actions/core')
+const omit = require('just-omit')
+const ChangelogNotes = require('./changelog.js')
+const NodeWorkspace = require('./node-workspace.js')
+const NodeWorkspaceFormat = require('./node-workspace-format.js')
+const { getPublishTag, noop } = require('./util.js')
+
+class ReleasePlease {
+  #token
+  #owner
+  #repo
+  #branch
+  #backport
+  #defaultTag
+  #overrides
+  #silent
+  #trace
+  #info
+
+  #github
+  #octokit
+  #manifest
+
+  constructor ({
+    token,
+    repo,
+    branch,
+    backport,
+    defaultTag,
+    overrides,
+    silent,
+    trace,
+  }) {
+    assert(token, 'token is required')
+    assert(repo, 'repo is required')
+    assert(branch, 'branch is required')
+    assert(defaultTag, 'defaultTag is required')
+
+    this.#token = token
+    this.#owner = repo.split('/')[0]
+    this.#repo = repo.split('/')[1]
+    this.#branch = branch
+    this.#backport = backport
+    this.#defaultTag = defaultTag
+    this.#overrides = overrides
+    this.#silent = silent
+    this.#trace = trace
+  }
+
+  static async run (options) {
+    const releasePlease = new ReleasePlease(options)
+    await releasePlease.init()
+    return releasePlease.run()
+  }
+
+  async init () {
+    RP.registerChangelogNotes('default', ({ github, ...o }) =>
+      new ChangelogNotes(github, o))
+    RP.registerVersioningStrategy('default', (o) =>
+      o.prerelease ? new PrereleaseVersioningStrategy(o) : new DefaultVersioningStrategy(o))
+    RP.registerPlugin('node-workspace', ({ github, targetBranch, repositoryConfig, ...o }) =>
+      new NodeWorkspace(github, targetBranch, repositoryConfig, o))
+    RP.registerPlugin('node-workspace-format', ({ github, targetBranch, repositoryConfig, ...o }) =>
+      new NodeWorkspaceFormat(github, targetBranch, repositoryConfig, o))
+
+    if (this.#silent) {
+      this.#info = noop
+      RP.setLogger(Object.entries(logger).reduce((acc, [k, v]) => {
+        if (typeof v === 'function') {
+          acc[k] = noop
+        }
+        return acc
+      }, {}))
+    } else {
+      this.#info = core.info
+      RP.setLogger(new CheckpointLogger(true, !!this.#trace))
+    }
+
+    this.#github = await RP.GitHub.create({
+      owner: this.#owner,
+      repo: this.#repo,
+      token: this.#token,
+    })
+    this.#octokit = this.#github.octokit
+    this.#manifest = await RP.Manifest.fromManifest(
+      this.#github,
+      this.#branch,
+      undefined,
+      undefined,
+      this.#overrides
+    )
+  }
+
+  async run () {
+    const rootPr = await this.#getRootPullRequest()
+    const releases = await this.#getReleases()
+
+    if (rootPr) {
+      this.#info(`root pr: ${JSON.stringify(omit(rootPr, 'body'))}`)
+
+      // release please does not guarantee that the release PR will have the latest sha,
+      // but we always need it so we can attach the relevant checks to the sha.
+      rootPr.sha = await this.#octokit.paginate(this.#octokit.rest.pulls.listCommits, {
+        owner: this.#owner,
+        repo: this.#repo,
+        pull_number: rootPr.number,
+      }).then(r => r[r.length - 1].sha)
+    }
+
+    if (releases) {
+      this.#info(`found releases: ${releases.length}`)
+
+      for (const release of releases) {
+        this.#info(`release: ${JSON.stringify(omit(release, 'notes'))}`)
+
+        release.publishTag = getPublishTag(release.version, {
+          backport: this.#backport,
+          defaultTag: this.#defaultTag,
+        })
+
+        release.prNumber = await this.#octokit.rest.repos.listPullRequestsAssociatedWithCommit({
+          owner: this.#owner,
+          repo: this.#repo,
+          commit_sha: release.sha,
+          per_page: 1,
+        }).then(r => r.data[0]?.number)
+
+        release.pkgName = await this.#octokit.rest.repos.getContent({
+          owner: this.#owner,
+          repo: this.#repo,
+          ref: this.#branch,
+          path: `${release.path === '.' ? '' : release.path}/package.json`,
+        }).then(r => JSON.parse(Buffer.from(r.data.content, r.data.encoding)).name)
+      }
+    }
+
+    return {
+      pr: rootPr,
+      releases: releases,
+    }
+  }
+
+  async #getRootPullRequest () {
+    // We only ever get a single pull request with our current release-please settings
+    // Update this if we start creating individual PRs per workspace release
+    const pullRequests = await this.#manifest.createPullRequests()
+    return pullRequests.filter(Boolean)[0] ?? null
+  }
+
+  async #getReleases () {
+    // if we have a root release, always put it as the first item in the array
+    const rawReleases = await this.#manifest.createReleases().then(r => r.filter(Boolean))
+    let rootRelease = null
+    const workspaceReleases = []
+
+    for (const release of rawReleases) {
+      if (release.path === ROOT_PROJECT_PATH) {
+        assert(!rootRelease, 'Multiple root releases detected. This should never happen.')
+        rootRelease = release
+      } else {
+        workspaceReleases.push(release)
+      }
+    }
+
+    const releases = [rootRelease, ...workspaceReleases].filter(Boolean)
+    return releases.length ? releases : null
+  }
+}
+
+module.exports = ReleasePlease

package/lib/release/util.js

@@ -0,0 +1,42 @@
+const semver = require('semver')
+
+const SPEC = new RegExp(`([^\\s]+@${semver.src[semver.tokens.FULLPLAIN]})`, 'g')
+const code = (c) => `\`${c}\``
+const wrapSpecs = (str) => str.replace(SPEC, code('$1'))
+const block = (lang) => `\`\`\`${lang ? `${lang}` : ''}`
+const link = (text, url) => `[${text}](${url})`
+const list = (text) => `* ${text}`
+const formatDate = (date = new Date()) => {
+  const year = date.getFullYear()
+  const month = (date.getMonth() + 1).toString().padStart(2, '0')
+  const day = date.getDate().toString().padStart(2, '0')
+  return [year, month, day].join('-')
+}
+
+const getPublishTag = (v, { backport, defaultTag }) => {
+  const version = semver.parse(v)
+  return version.prerelease.length
+    ? `prerelease-${version.major}`
+    : backport ? `latest-${backport}`
+    : defaultTag.replace(/{{\s*major\s*}}/, version.major)
+}
+
+const makeGitHubUrl = (owner, repo) =>
+  (...p) => `https://github.com/${owner}/${repo}/${p.join('/')}`
+
+const noop = () => {}
+
+module.exports = {
+  // we use this string a lot, its duplicated in the changelog sections but its hard
+  // to access from within release please so we keep it here also.
+  DEPS: 'deps',
+  wrapSpecs,
+  code,
+  block,
+  link,
+  list,
+  formatDate,
+  getPublishTag,
+  makeGitHubUrl,
+  noop,
+}

package/lib/util/files.js

@@ -1,5 +1,5 @@
 const { join } = require('path')
-const { defaultsDeep, omit } = require('lodash')
+const { defaultsDeep, omit, isPlainObject } = require('lodash')
 const deepMapValues = require('just-deep-map-values')
 const { glob } = require('glob')
 const { mergeWithCustomizers, customizers } = require('./merge.js')
@@ -12,6 +12,11 @@ const FILE_KEYS = ['rootRepo', 'rootModule', 'workspaceRepo', 'workspaceModule']
 
 const globify = pattern => pattern.split('\\').join('/')
 
+const deepMapKeys = (obj, fn) => Object.entries(obj).reduce((acc, [key, value]) => {
+  acc[fn(key)] = isPlainObject(value) ? deepMapKeys(value, fn) : value
+  return acc
+}, {})
+
 const mergeFiles = mergeWithCustomizers((value, srcValue, key, target, source, stack) => {
   // This will merge all files except if the src file has overwrite:false. Then
   // the files will be turned into an array so they can be applied on top of
@@ -35,7 +40,7 @@ const fileEntries = (dir, files, options, { allowMultipleSources = true } = {})
       continue
     }
 
-    // target paths need to be joinsed with dir and templated
+    // target paths need to be joined with dir and templated
     const target = join(dir, template(key, options))
 
     if (Array.isArray(source)) {
@@ -66,7 +71,7 @@ const getParsers = (dir, files, options, parseOptions) => {
     const clean = typeof shouldClean === 'function' ? shouldClean(options) : false
 
     if (parser) {
-    // allow files to extend base parsers or create new ones
+      // allow files to extend base parsers or create new ones
       return new (parser(Parser.Parsers))(target, file, options, { clean })
     }
 
@@ -105,23 +110,27 @@ const parseEach = async (dir, files, options, parseOptions, fn) => {
   return res.filter(Boolean)
 }
 
-const parseConfig = (files, dir, overrides) => {
-  const normalizeFiles = (v) => deepMapValues(v, (value, key) => {
-    if (key === RM_KEY && Array.isArray(value)) {
-      return value.reduce((acc, k) => {
-        acc[k] = true
-        return acc
-      }, {})
-    }
-    if (typeof value === 'string') {
-      const file = join(dir, value)
-      return key === 'file' ? file : { file }
-    }
-    if (value === true && FILE_KEYS.includes(key)) {
-      return {}
-    }
-    return value
-  })
+const parseConfig = (files, dir, overrides, templateSettings) => {
+  const normalizeFiles = (v) => {
+    v = deepMapKeys(v, (s) => template(s, templateSettings))
+    return deepMapValues(v, (value, key) => {
+      if (key === RM_KEY && Array.isArray(value)) {
+        return value.reduce((acc, k) => {
+        // template files nows since they need to be normalized before merging
+          acc[template(k, templateSettings)] = true
+          return acc
+        }, {})
+      }
+      if (typeof value === 'string') {
+        const file = join(dir, value)
+        return key === 'file' ? file : { file }
+      }
+      if (value === true && FILE_KEYS.includes(key)) {
+        return {}
+      }
+      return value
+    })
+  }
 
   const merged = mergeFiles(normalizeFiles(files), normalizeFiles(overrides))
   const withDefaults = defaultsDeep(merged, FILE_KEYS.reduce((acc, k) => {

package/lib/util/get-cmd-path.js

@@ -0,0 +1,36 @@
+const { join, relative } = require('path')
+const { makePosix } = require('./path.js')
+
+const getCmdPath = (key, { pkgConfig, rootConfig, isRoot, pkg, rootPkg }) => {
+  const result = (local, isRelative) => {
+    let root = local
+    const isLocal = local.startsWith('.') || local.startsWith('/')
+
+    if (isLocal) {
+      if (isRelative) {
+        // Make a path relative from a workspace to the root if we are in a workspace
+        local = makePosix(join(relative(pkg.path, rootPkg.path), local))
+      }
+      local = `node ${local}`
+      root = `node ${root}`
+    }
+
+    return {
+      isLocal,
+      local,
+      root,
+    }
+  }
+
+  if (pkgConfig[key]) {
+    return result(pkgConfig[key])
+  }
+
+  if (rootConfig[key]) {
+    return result(rootConfig[key], !isRoot)
+  }
+
+  return result(key)
+}
+
+module.exports = getCmdPath

package/lib/util/git.js

@@ -19,9 +19,9 @@ const tryGit = async (path, ...args) => {
 
 // parse a repo from a git origin into a format
 // for a package.json#repository object
-const getUrl = async (path) => {
+const getRemoteUrl = async (path, remote) => {
   try {
-    const urlStr = await tryGit(path, 'remote', 'get-url', 'origin')
+    const urlStr = await tryGit(path, 'remote', 'get-url', remote)
     const { domain, user, project } = hgi.fromUrl(urlStr)
     const url = new URL(`https://${domain}`)
     url.pathname = `/${user}/${project}.git`
@@ -31,6 +31,10 @@ const getUrl = async (path) => {
   }
 }
 
+const getUrl = async (path) => {
+  return (await getRemoteUrl(path, 'upstream')) ?? (await getRemoteUrl(path, 'origin'))
+}
+
 const getBranches = async (path, branchPatterns) => {
   let matchingBranches = new Set()
   let matchingPatterns = new Set()

package/lib/util/import-or-require.js

@@ -0,0 +1,29 @@
+// This fixes weird behavior I was seeing where calls to require(path) would
+// fail the first time and then fetch via dynamic import which is correct, but
+// then subsequent requires for the same path would return an empty object. Not
+// sure if a bug or I'm doing something wrong but since the require/imports here
+// are short lived, it is safe to create our own cache and use that.
+const { pathToFileURL } = require('url')
+
+const importOrRequireCache = new Map()
+
+const importOrRequire = async (path) => {
+  if (importOrRequireCache.has(path)) {
+    return importOrRequireCache.get(path)
+  }
+  let content = {}
+  try {
+    content = require(path)
+  } catch {
+    try {
+      content = await import(pathToFileURL(path)).then(r => r.default)
+    } catch {
+      // its ok if this fails since the content dir might only be to provide
+      // other files. the index.js is optional
+    }
+  }
+  importOrRequireCache.set(path, content)
+  return content
+}
+
+module.exports = importOrRequire

package/lib/util/parser.js

@@ -173,7 +173,7 @@ class Gitignore extends Base {
 }
 
 class Js extends Base {
-  static types = ['*.js']
+  static types = ['*.js', '*.cjs']
   comment = (c) => `/* ${c} */`
 }
 
@@ -306,6 +306,10 @@ class JsonMerge extends Json {
   merge = (t, s) => merge(t, s)
 }
 
+class JsonMergeNoComment extends JsonMerge {
+  comment = null
+}
+
 class PackageJson extends JsonMerge {
   static types = ['package.json']
 
@@ -346,6 +350,7 @@ const Parsers = {
   YmlMerge,
   Json,
   JsonMerge,
+  JsonMergeNoComment,
   PackageJson,
 }
 

package/lib/util/path.js

@@ -0,0 +1,13 @@
+const { posix, win32 } = require('path')
+
+const makePosix = (v) => v.split(win32.sep).join(posix.sep)
+const deglob = (v) => makePosix(v).replace(/[/*]+$/, '')
+const posixDir = (v) => `${v === '.' ? '' : deglob(v).replace(/\/$/, '')}${posix.sep}`
+const posixGlob = (str) => `${posixDir(str)}**`
+
+module.exports = {
+  makePosix,
+  deglob,
+  posixDir,
+  posixGlob,
+}

package/lib/util/template.js

@@ -31,7 +31,7 @@ const makePartials = (dir, isBase) => {
   Handlebars.registerPartial(partials)
 }
 
-const setupHandlebars = (baseDir, ...otherDirs) => {
+const setupHandlebars = (dirs) => {
   Handlebars.registerHelper('obj', ({ hash }) => Object.fromEntries(safeValues(hash)))
   Handlebars.registerHelper('join', (arr, sep) => arr.join(typeof sep === 'string' ? sep : ', '))
   Handlebars.registerHelper('pluck', (arr, key) => arr.map(a => a[key]))
@@ -40,14 +40,17 @@ const setupHandlebars = (baseDir, ...otherDirs) => {
   Handlebars.registerHelper('json', (c) => JSON.stringify(c))
   Handlebars.registerHelper('del', () => JSON.stringify(DELETE))
 
-  makePartials(baseDir, true)
-  for (const dir of otherDirs) {
-    makePartials(dir)
+  if (Array.isArray(dirs)) {
+    const [baseDir, ...otherDirs] = dirs
+    makePartials(baseDir, true)
+    for (const dir of otherDirs) {
+      makePartials(dir)
+    }
   }
 }
 
-const template = (str, { config, ...options }) => {
-  setupHandlebars(...config.__PARTIAL_DIRS__)
+const template = (str, { config = {}, ...options }) => {
+  setupHandlebars(config.__PARTIAL_DIRS__)
 
   const t = Handlebars.compile(str, { strict: true })
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@npmcli/template-oss",
-  "version": "4.19.0",
+  "version": "4.21.0",
   "description": "templated files used in npm CLI team oss projects",
   "main": "lib/content/index.js",
   "bin": {
@@ -10,7 +10,7 @@
     "template-oss-release-manager": "bin/release-manager.js"
   },
   "scripts": {
-    "lint": "eslint \"**/*.js\"",
+    "lint": "eslint \"**/*.{js,cjs,ts,mjs,jsx,tsx}\"",
     "lintfix": "npm run lint -- --fix",
     "posttest": "npm run lint",
     "snap": "tap",
@@ -19,7 +19,8 @@
     "postlint": "template-oss-check",
     "postinstall": "template-oss-apply",
     "test-all": "npm run test -ws -iwr --if-present",
-    "lint-all": "npm run lint -ws -iwr --if-present"
+    "lint-all": "npm run lint -ws -iwr --if-present",
+    "test:record": "TAP_SNAPSHOT=1 NOCK_RECORD=1 tap"
   },
   "repository": {
     "type": "git",
@@ -33,28 +34,31 @@
   "license": "ISC",
   "dependencies": {
     "@actions/core": "^1.9.1",
-    "@commitlint/cli": "^17.1.1",
-    "@commitlint/config-conventional": "^17.1.0",
+    "@commitlint/cli": "^18.2.0",
+    "@commitlint/config-conventional": "^18.1.0",
     "@isaacs/string-locale-compare": "^1.1.0",
-    "@npmcli/arborist": "^6.0.0",
-    "@npmcli/git": "^4.0.0",
+    "@npmcli/arborist": "^7.2.1",
+    "@npmcli/git": "^5.0.3",
     "@npmcli/map-workspaces": "^3.0.0",
-    "@npmcli/package-json": "^4.0.0",
+    "@npmcli/package-json": "^5.0.0",
     "@octokit/rest": "^19.0.4",
+    "dedent": "^1.5.1",
     "diff": "^5.0.0",
     "glob": "^10.1.0",
     "handlebars": "^4.7.7",
-    "hosted-git-info": "^6.0.0",
+    "hosted-git-info": "^7.0.1",
     "ini": "^4.0.0",
     "json-parse-even-better-errors": "^3.0.0",
     "just-deep-map-values": "^1.1.1",
     "just-diff": "^6.0.0",
+    "just-omit": "^2.2.0",
     "lodash": "^4.17.21",
     "minimatch": "^9.0.2",
-    "npm-package-arg": "^10.0.0",
+    "npm-package-arg": "^11.0.1",
     "proc-log": "^3.0.0",
-    "release-please": "npm:@npmcli/release-please@^14.2.6",
+    "release-please": "16.3.1",
     "semver": "^7.3.5",
+    "undici": "^5.27.2",
     "yaml": "^2.1.1"
   },
   "files": [
@@ -64,6 +68,7 @@
   "devDependencies": {
     "@npmcli/eslint-config": "^4.0.0",
     "@npmcli/template-oss": "file:./",
+    "nock": "^13.3.8",
     "tap": "^16.0.0"
   },
   "tap": {
@@ -74,14 +79,17 @@
       "--exclude",
       "tap-snapshots/**"
     ],
-    "test-ignore": "^(workspace/test-workspace)/"
+    "test-ignore": "^(workspace/test-workspace)/",
+    "node-arg": [
+      "--no-experimental-fetch"
+    ]
   },
   "templateOSS": {
     "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.",
     "publish": true
   },
   "engines": {
-    "node": "^14.17.0 || ^16.13.0 || >=18.0.0"
+    "node": "^18.17.0 || >=20.5.0"
   },
   "workspaces": [
     "workspace/test-workspace"

package/lib/content/_job-release-integration.yml

@@ -1,59 +0,0 @@
-{{#if publish}}
-runs-on: ubuntu-latest
-defaults:
-  run:
-    shell: bash
-permissions:
-  deployments: write
-  id-token: write
-steps:
-  - name: Checkout
-    uses: actions/checkout@v3
-    with:
-      ref: $\{{ fromJSON(needs.release.outputs.release).tagName }}
-  - name: Setup Node
-    uses: actions/setup-node@v3
-    with:
-      node-version: 18.x
-  - name: Install npm@latest
-    run: |
-      npm i --prefer-online --no-fund --no-audit -g npm@latest
-      npm config set '//registry.npmjs.org/:_authToken'=\${PUBLISH_TOKEN}
-  - name: Publish
-    env:
-      PUBLISH_TOKEN: $\{{ secrets.PUBLISH_TOKEN }}
-    run: npm publish --provenance --tag={{ publishTag }}
-{{else}}
-runs-on: ubuntu-latest
-defaults:
-  run:
-    shell: bash
-steps:
-  {{> stepNode lockfile=false }}
-  - name: View in Registry
-    run: |
-      EXIT_CODE=0
-
-      function is_published {
-        if npm view "$@" --loglevel=error > /dev/null; then
-          echo 0
-        else
-          echo 1
-        fi
-      }
-
-      for release in $(echo '$\{{ needs.release.outputs.releases }}' | jq -r '.[] | @base64'); do
-        name=$(echo "$release" | base64 --decode | jq -r .pkgName)
-        version=$(echo "$release" | base64 --decode | jq -r .version)
-        spec="$name@$version"
-        status=$(is_published "$spec")
-        if [[ "$status" -eq 1 ]]; then
-          echo "$spec ERROR"
-          EXIT_CODE=$status
-        else
-          echo "$spec OK"
-        fi
-      done
-
-      exit $EXIT_CODE
-{{/if}}

package/lib/content/_step-checks.yml

@@ -1,54 +0,0 @@
-{{#if jobCheck.sha}}
-- name: Get Workflow Job
-  uses: actions/github-script@v6
-  if: {{ jobCheck.sha }}
-  id: check-output
-  env:
-    JOB_NAME: "{{#if jobName}}{{ jobName }}{{else}}{{ jobCheck.name }}{{/if}}"
-    MATRIX_NAME: "{{#if jobIsMatrix}} - $\{{ matrix.platform.name }} - $\{{ matrix.node-version }}{{/if}}"
-  with:
-    script: |
-      const { owner, repo } = context.repo
-
-      const { data } = await github.rest.actions.listJobsForWorkflowRun({
-        owner,
-        repo,
-        run_id: context.runId,
-        per_page: 100
-      })
-
-      const jobName = process.env.JOB_NAME + process.env.MATRIX_NAME
-      const job = data.jobs.find(j => j.name.endsWith(jobName))
-      const jobUrl = job?.html_url
-
-      const shaUrl = `${context.serverUrl}/${owner}/${repo}/commit/$\{{ {{ jobCheck.sha }} }}`
-
-      let summary = `This check is assosciated with ${shaUrl}\n\n`
-
-      if (jobUrl) {
-        summary += `For run logs, click here: ${jobUrl}`
-      } else {
-        summary += `Run logs could not be found for a job with name: "${jobName}"`
-      }
-
-      return { summary }
-{{/if}}
-- name: {{#if jobCheck.sha}}Create{{else}}Conclude{{/if}} Check
-  uses: LouisBrunner/checks-action@v1.6.0
-  {{#if jobCheck.sha}}
-  id: check
-  if: {{ jobCheck.sha }}
-  {{else}}
-  if: {{#if jobCheck.id}}{{ jobCheck.id }}{{else}}steps.check.outputs.check_id{{/if}} && always()
-  {{/if}}
-  with:
-    token: $\{{ secrets.GITHUB_TOKEN }}
-    {{#if jobCheck.sha}}
-    status: {{#if jobCheck.status}}{{ jobCheck.status }}{{else}}in_progress{{/if}} 
-    name: {{#if jobCheck.name}}{{ jobCheck.name }}{{else}}{{ jobName }}{{/if}}{{#if jobIsMatrix}} - $\{{ matrix.platform.name }} - $\{{ matrix.node-version }}{{/if}}
-    sha: $\{{ {{ jobCheck.sha }} }}
-    output: $\{{ steps.check-output.outputs.result }}
-    {{else}}
-    conclusion: $\{{ {{#if jobCheck.status}}{{ jobCheck.status }}{{else}}job.status{{/if}} }}
-    check_id: $\{{ {{#if jobCheck.id}}{{ jobCheck.id }}{{else}}steps.check.outputs.check_id{{/if}} }}
-    {{/if}}