@npmcli/template-oss 4.2.0 → 4.3.0

package/bin/release-please.js

@@ -6,30 +6,24 @@ const main = require('../lib/release-please/index.js')
 const dryRun = !process.env.CI
 const [branch] = process.argv.slice(2)
 
-const setOutput = (key, val) => {
-  if (val && (!Array.isArray(val) || val.length)) {
-    if (dryRun) {
-      if (key === 'pr') {
-        console.log('PR:', val.title.toString())
-        console.log('='.repeat(40))
-        console.log(val.body.toString())
-        console.log('='.repeat(40))
-        for (const update of val.updates.filter(u => u.updater.changelogEntry)) {
-          console.log('CHANGELOG:', update.path)
-          console.log('-'.repeat(40))
-          console.log(update.updater.changelogEntry)
-          console.log('-'.repeat(40))
-        }
-        for (const update of val.updates.filter(u => u.updater.rawContent)) {
-          console.log('package:', update.path)
-          console.log('-'.repeat(40))
-          console.log(JSON.parse(update.updater.rawContent).name)
-          console.log(JSON.parse(update.updater.rawContent).version)
-          console.log('-'.repeat(40))
-        }
-      }
-    } else {
-      core.setOutput(key, JSON.stringify(val))
+const debugPr = (val) => {
+  if (dryRun) {
+    console.log('PR:', val.title.toString())
+    console.log('='.repeat(40))
+    console.log(val.body.toString())
+    console.log('='.repeat(40))
+    for (const update of val.updates.filter(u => u.updater.changelogEntry)) {
+      console.log('CHANGELOG:', update.path)
+      console.log('-'.repeat(40))
+      console.log(update.updater.changelogEntry)
+      console.log('-'.repeat(40))
+    }
+    for (const update of val.updates.filter(u => u.updater.rawContent)) {
+      console.log('package:', update.path)
+      console.log('-'.repeat(40))
+      console.log(JSON.parse(update.updater.rawContent).name)
+      console.log(JSON.parse(update.updater.rawContent).version)
+      console.log('-'.repeat(40))
     }
   }
 }
@@ -39,10 +33,30 @@ main({
   repo: process.env.GITHUB_REPOSITORY,
   dryRun,
   branch,
-}).then(({ pr, releases, release }) => {
-  setOutput('pr', pr)
-  setOutput('releases', releases)
-  setOutput('release', release)
+}).then(({ pr, release, releases }) => {
+  if (pr) {
+    debugPr(pr)
+    core.setOutput('pr', JSON.stringify(pr))
+    core.setOutput('pr-branch', pr.headBranchName)
+    core.setOutput('pr-number', pr.number)
+    core.setOutput('pr-sha', pr.sha)
+  }
+
+  if (release) {
+    core.setOutput('release', JSON.stringify(release))
+    core.setOutput('release-path', release.path)
+    core.setOutput('release-version', release.version)
+    core.setOutput('release-tag', release.tagName)
+    core.setOutput('release-url', release.url)
+  }
+
+  if (releases) {
+    core.setOutput('releases', JSON.stringify(releases))
+    core.setOutput('release-flags', JSON.stringify(releases.map((r) => {
+      return r.path === '.' ? '-iwr' : `-w ${r.path}`
+    })))
+  }
+
   return null
 }).catch(err => {
   if (dryRun) {

package/lib/config.js

@@ -15,7 +15,10 @@ const DEFAULT_CONTENT = require.resolve(NAME)
 
 const merge = withArrays('branches', 'distPaths', 'allowPaths', 'ignorePaths')
 
-const makePosix = (str) => str.split(win32.sep).join(posix.sep)
+const makePosix = (v) => v.split(win32.sep).join(posix.sep)
+const deglob = (v) => makePosix(v).replace(/[/*]+$/, '')
+const posixDir = (v) => `${v === '.' ? '' : deglob(v).replace(/\/$/, '')}${posix.sep}`
+const posixGlob = (str) => `${posixDir(str)}**`
 
 const getCmdPath = (key, { rootConfig, defaultConfig, isRoot, path, root }) => {
   // Make a path relative from a workspace to the root if we are in a workspace
@@ -78,27 +81,27 @@ const getFiles = (path, rawConfig) => {
 }
 
 const getFullConfig = async ({
+  // the path to the root of the repo
   root,
+  // the path to the package being operated on
+  // this is the same as root when operating on the root
   path,
-  pkg,
+  // the full contents of the package.json for this package
+  pkgJson,
+  // an array of all package info {pkgJson,path,config}[]
   pkgs,
+  // an array of all workspaces in this repo
   workspaces,
+  // the config from the package.json in the root
   rootConfig: _rootConfig,
+  // the config from the package.json being operated on
   pkgConfig: _pkgConfig,
 }) => {
   const isRoot = root === path
-  const isRootMono = isRoot && workspaces.length > 0
   const isLatest = _pkgConfig.version === LATEST_VERSION
-  const isDogFood = pkg.name === NAME
+  const isDogFood = pkgJson.name === NAME
   const isForce = process.argv.includes('--force')
 
-  // this is written to ci yml files so it needs to always use posix
-  const pkgRelPath = makePosix(relative(root, path))
-
-  const workspacePkgs = pkgs.filter((p) => p.path !== path)
-  const workspaceDirs = isRootMono && workspaces.map((p) => makePosix(relative(root, p)))
-  const workspaceGlobs = isRootMono && pkg.workspaces.map(p => p.replace(/[/*]+$/, ''))
-
   // These config items are merged betweent the root and child workspaces and only come from
   // the package.json because they can be used to read configs from other the content directories
   const mergedConfig = mergeConfigs(_rootConfig, _pkgConfig)
@@ -112,6 +115,7 @@ const getFullConfig = async ({
 
   // The content config only gets set from the package we are in, it doesn't inherit
   // anything from the root
+  const rootPkgConfig = merge(useDefault, rootConfig)
   const pkgConfig = merge(useDefault, getConfig(_pkgConfig.content, _pkgConfig))
   const [pkgFiles, pkgDir] = getFiles(mergedConfig.content, mergedConfig)
 
@@ -128,16 +132,24 @@ const getFullConfig = async ({
     ...isRoot ? [
       // in the root allow all repo files
       ...getAddedFiles(repoFiles),
-      // and allow all workspace repo level files
-      ...workspacePkgs.filter(p => p.config.workspaceRepo !== false).flatMap((p) =>
-        getAddedFiles(files.workspaceRepo)
-      ),
+      // and allow all workspace repo level files in the root
+      ...pkgs
+        .filter(p => p.path !== root && p.config.workspaceRepo !== false)
+        .flatMap(() => getAddedFiles(files.workspaceRepo)),
     ] : [],
   ]
 
+  // root only configs
   const npmPath = getCmdPath('npm', { rootConfig, defaultConfig, isRoot, path, root })
   const npxPath = getCmdPath('npx', { rootConfig, defaultConfig, isRoot, path, root })
 
+  // these are written to ci yml files so it needs to always use posix
+  const pkgPath = makePosix(relative(root, path)) || '.'
+
+  // we use the raw paths from the package.json workspaces as ignore patterns in
+  // some cases. the workspaces passed in have already been run through map workspaces
+  const workspacePaths = (pkgJson.workspaces || []).map(deglob)
+
   // all derived keys
   const derived = {
     isRoot,
@@ -147,8 +159,8 @@ const getFullConfig = async ({
     // For these cases it is helpful to know if we are in a
     // monorepo since template-oss might be used only for
     // workspaces and not the root or vice versa.
-    isRootMono,
-    isMono: isRootMono || !isRoot,
+    isRootMono: isRoot && !!workspaces.length,
+    isMono: !!workspaces.length,
     // repo
     repoDir: root,
     repoFiles,
@@ -158,13 +170,16 @@ const getFullConfig = async ({
     moduleFiles,
     applyModule: !!moduleFiles,
     // package
-    pkgName: pkg.name,
-    pkgNameFs: pkg.name.replace(/\//g, '-').replace(/@/g, ''),
-    pkgRelPath: pkgRelPath,
-    pkgPrivate: !!pkg.private,
-    pkgPublic: !pkg.private,
-    workspaces: workspaceDirs,
-    workspaceGlobs,
+    pkgName: pkgJson.name,
+    pkgNameFs: pkgJson.name.replace(/\//g, '-').replace(/@/g, ''),
+    // paths
+    pkgPath,
+    pkgDir: posixDir(pkgPath),
+    pkgGlob: posixGlob(pkgPath),
+    pkgFlags: isRoot ? '-iwr' : `-w ${pkgJson.name}`,
+    allFlags: '-ws -iwr --if-present',
+    workspacePaths,
+    workspaceGlobs: workspacePaths.map(posixGlob),
     // booleans to control application of updates
     isForce,
     isDogFood,
@@ -175,6 +190,9 @@ const getFullConfig = async ({
     rootNpmPath: npmPath.root,
     localNpmPath: npmPath.local,
     rootNpxPath: npxPath.root,
+    // lockfiles are only present at the root, so this only should be set for
+    // all workspaces based on the root
+    lockfile: rootPkgConfig.lockfile,
     // gitignore
     ignorePaths: [
       ...gitignore.sort([
@@ -185,7 +203,7 @@ const getFullConfig = async ({
       ]),
       // these cant be sorted since they rely on order
       // to allow a previously ignored directoy
-      ...gitignore.allowDir(workspaceDirs || []),
+      ...isRoot ? gitignore.allowDir(workspaces.map((p) => makePosix(relative(root, p)))) : [],
     ],
     // needs update if we are dogfooding this repo, with force argv, or its
     // behind the current version
@@ -210,7 +228,7 @@ const getFullConfig = async ({
     derived.repository = {
       type: 'git',
       url: gitUrl,
-      ...(pkgRelPath ? { directory: pkgRelPath } : {}),
+      ...(!isRoot ? { directory: pkgPath } : {}),
     }
   }
 

package/lib/content/{_setup-job-matrix.yml → _job-matrix.yml}

@@ -1,27 +1,29 @@
+name: {{ jobName }}
 if: github.repository_owner == 'npm'
 strategy:
   fail-fast: false
   matrix:
-    node-version:
-      {{#each ciVersions}}
-      - {{.}}
-      {{/each}}
     platform:
-      - os: ubuntu-latest
+      - name: Linux
+        os: ubuntu-latest
         shell: bash
       {{#if macCI}}
-      - os: macos-latest
+      - name: macOS
+        os: macos-latest
         shell: bash
       {{/if}}
       {{#if windowsCI}}
-      - os: windows-latest
+      - name: Windows
+        os: windows-latest
         shell: cmd
       {{/if}}
+    node-version:
+      {{#each ciVersions}}
+      - {{ . }}
+      {{/each}}
 runs-on: $\{{ matrix.platform.os }}
 defaults:
   run:
     shell: $\{{ matrix.platform.shell }}
 steps:
-  {{> setupGit}}
-  {{> setupNode useMatrix=true}}
-  {{> setupDeps}}
+  {{> stepsSetup jobNodeMatrix=true }}

package/lib/content/_job.yml

@@ -0,0 +1,8 @@
+name: {{ jobName }}
+if: github.repository_owner == 'npm' {{~#if jobIf}} && {{{ jobIf }}}{{/if}}
+runs-on: ubuntu-latest
+defaults:
+  run:
+    shell: bash
+steps:
+  {{> stepsSetup }}

package/lib/content/{_setup-ci-on.yml → _on-ci.yml}

@@ -1,30 +1,28 @@
 workflow_dispatch:
 pull_request:
-  branches:
-    - '*'
-  {{#if pkgRelPath}}
+  {{#if isWorkspace}}
   paths:
-    - {{pkgRelPath}}/**
+    - {{ pkgGlob }}
   {{/if}}
-  {{#if workspaceGlobs}}
+  {{#if isRootMono}}
   paths-ignore:
-    {{#each workspaceGlobs}}
-    - {{.}}/**
+    {{#each workspaceGlob}}
+    - {{ . }}
     {{/each}}
   {{/if}}
 push:
   branches:
     {{#each branches}}
-    - {{.}}
+    - {{ . }}
     {{/each}}
-  {{#if pkgRelPath}}
+  {{#if isWorkspace}}
   paths:
-    - {{pkgRelPath}}/**
+    - {{ pkgGlob }}
   {{/if}}
-  {{#if workspaceGlobs}}
+  {{#if isRootMono}}
   paths-ignore:
-    {{#each workspaceGlobs}}
-    - {{.}}/**
+    {{#each workspaceGlob}}
+    - {{ . }}
     {{/each}}
   {{/if}}
 schedule:

package/lib/content/_step-checks.yml

@@ -0,0 +1,24 @@
+- name: {{#if jobCheck.sha}}Create{{else}}Conclude{{/if}} Check
+  uses: LouisBrunner/checks-action@v1.3.1
+  {{#if jobCheck.sha}}
+  id: check
+  {{#if jobCheck.if}}if: {{ jobCheck.if }}{{/if}}
+  {{else}}
+  if: always()
+  {{/if}}
+  with:
+    token: $\{{ secrets.GITHUB_TOKEN }}
+    {{#if jobCheck.sha}}
+    status: {{#if jobCheck.status}}{{ jobCheck.status }}{{else}}in_progress{{/if}} 
+    name: {{#if jobCheck.name}}{{ jobCheck.name }}{{else}}{{ jobName }}{{/if}}
+    sha: {{ jobCheck.sha }}
+    # XXX: this does not work when using the default GITHUB_TOKEN.
+    # Instead we post the main job url to the PR as a comment which
+    # will link to all the other checks. To work around this we would
+    # need to create a GitHub that would create on-demand tokens.
+    # https://github.com/LouisBrunner/checks-action/issues/18
+    # details_url:
+    {{else}}
+    conclusion: {{#if jobCheck.status}}{{ jobCheck.status }}{{else}}$\{{ job.status }}{{/if}}
+    check_id: {{#if jobCheck.id}}{{ jobCheck.id }}{{else}}$\{{ steps.check.outputs.check_id }}{{/if}}
+    {{/if}}

package/lib/content/_step-deps.yml

@@ -0,0 +1,2 @@
+- name: Install Dependencies
+  run: {{ rootNpmPath }} i --ignore-scripts --no-audit --no-fund {{~#if jobDepFlags}} {{ jobDepFlags }}{{/if}}

package/lib/content/_step-git.yml

@@ -0,0 +1,12 @@
+- name: Checkout
+  uses: actions/checkout@v3
+  {{#if jobCheckout}}
+  with:
+  {{#each jobCheckout}}
+    {{ @key }}: {{ this }}
+  {{/each}}
+  {{/if}}
+- name: Setup Git User
+  run: |
+    git config --global user.email "npm-cli+bot@github.com"
+    git config --global user.name "npm CLI robot"

package/lib/content/_step-lint.yml

@@ -0,0 +1,4 @@
+- name: Lint
+  run: {{ rootNpmPath }} run lint --ignore-scripts
+- name: Post Lint
+  run: {{ rootNpmPath }} run postlint --ignore-scripts

package/lib/content/{_setup-node.yml → _step-node.yml}

@@ -1,12 +1,13 @@
-- uses: actions/setup-node@v3
+- name: Setup Node
+  uses: actions/setup-node@v3
   with:
-    node-version: {{#if useMatrix}}$\{{ matrix.node-version }}{{else}}{{#each ciVersions}}{{#if @last}}{{.}}{{/if}}{{/each}}{{/if}}
+    node-version: {{#if jobNodeMatrix}}$\{{ matrix.node-version }}{{else}}{{ last ciVersions }}{{/if}}
     {{#if lockfile}}
     cache: npm
     {{/if}}
 {{#if updateNpm}}
-{{#if useMatrix}}
-- name: Update to workable npm (windows)
+{{#if jobNodeMatrix}}
+- name: Update Windows npm
   # node 12 and 14 ship with npm@6, which is known to fail when updating itself in windows
   if: matrix.platform.os == 'windows-latest' && (startsWith(matrix.node-version, '12.') || startsWith(matrix.node-version, '14.'))
   run: |
@@ -16,15 +17,15 @@
     node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz
     cd ..
     rmdir /s /q package
-- name: Update npm to 7
-  # If we do test on npm 10 it needs npm7
+- name: Install npm@7
   if: startsWith(matrix.node-version, '10.')
   run: npm i --prefer-online --no-fund --no-audit -g npm@7
-- name: Update npm to latest
+- name: Install npm@latest
   if: $\{{ !startsWith(matrix.node-version, '10.') }}
 {{else}}
-- name: Update npm to latest
+- name: Install npm@latest
 {{/if}}
   run: npm i --prefer-online --no-fund --no-audit -g npm@latest
-- run: npm -v
+- name: npm Version
+  run: npm -v
 {{/if}}

package/lib/content/_step-test.yml

@@ -0,0 +1,4 @@
+- name: Add Problem Matcher
+  run: echo "::add-matcher::.github/matchers/tap.json"
+- name: Test
+  run: {{ rootNpmPath }} test --ignore-scripts {{~#if jobRunFlags}} {{ jobRunFlags }}{{/if}}

package/lib/content/_steps-setup.yml

@@ -0,0 +1,6 @@
+{{~#if jobCheck}}{{> stepChecks }}{{/if}}
+{{~#unless jobSkipSetup}}
+{{> stepGit }}
+{{> stepNode }}
+{{> stepDeps }}
+{{/unless}}

package/lib/content/audit.yml

@@ -8,5 +8,6 @@ on:
 
 jobs:
   audit:
-    {{> setupJob flags="--package-lock"}}
-      - run: {{rootNpmPath}} audit
+    {{> job jobName="Audit Dependencies" jobDepFlags="--package-lock" }}
+      - name: Run Audit
+        run: {{ rootNpmPath }} audit

package/lib/content/ci-release.yml

@@ -0,0 +1,31 @@
+
+name: CI - Release
+
+on:
+  workflow_call:
+    inputs:
+      ref:
+        required: true
+        type: string
+      check-sha:
+        required: true
+        type: string
+
+jobs:
+  lint-all:
+    {{> job
+      jobName="Lint All"
+      jobCheck=(obj sha="${{ inputs.check-sha }}")
+      jobCheckout=(obj ref="${{ inputs.ref }}")
+    }}
+      {{> stepLint jobRunFlags=allFlags }}
+      {{> stepChecks jobCheck=true }}
+
+  test-all:
+    {{> jobMatrix
+      jobName="Test All - ${{ matrix.platform.name }} - Node ${{ matrix.node-version }}"
+      jobCheck=(obj sha="${{ inputs.check-sha }}")
+      jobCheckout=(obj ref="${{ inputs.ref }}")
+    }}
+      {{> stepTest jobRunFlags=allFlags }}
+      {{> stepChecks jobCheck=true }}

package/lib/content/ci.yml

@@ -1,15 +1,13 @@
-name: CI {{~#if isWorkspace}} - {{pkgName}}{{/if}}
+name: CI {{~#if isWorkspace}} - {{ pkgName }}{{/if}}
 
 on:
-  {{> setupCiOn}}
+  {{> onCi }}
 
 jobs:
   lint:
-    {{> setupJob }}
-      - run: {{rootNpmPath}} run lint {{~#if isWorkspace}} -w {{pkgName}}{{/if}}
+    {{> job jobName="Lint" }}
+      {{> stepLint jobRunFlags=pkgFlags }}
 
   test:
-    {{> setupJobMatrix }}
-      - name: add tap problem matcher
-        run: echo "::add-matcher::.github/matchers/tap.json"
-      - run: {{rootNpmPath}} test --ignore-scripts {{~#if isWorkspace}} -w {{pkgName}}{{/if}}
+    {{> jobMatrix jobName="Test All - ${{ matrix.platform.name }} - Node ${{ matrix.node-version }}" }}
+      {{> stepTest jobRunFlags=pkgFlags }}

package/lib/content/codeql-analysis.yml

@@ -1,16 +1,15 @@
-name: "CodeQL"
+name: CodeQL
 
 on:
   push:
     branches:
       {{#each branches}}
-      - {{.}}
+      - {{ . }}
       {{/each}}
   pull_request:
-    # The branches below must be a subset of the branches above
     branches:
       {{#each branches}}
-      - {{.}}
+      - {{ . }}
       {{/each}}
   schedule:
     # "At 10:00 UTC (03:00 PT) on Monday" https://crontab.guru/#0_10_*_*_1
@@ -24,17 +23,11 @@ jobs:
       actions: read
       contents: read
       security-events: write
-
-    strategy:
-      fail-fast: false
-      matrix:
-        language: [javascript]
-
     steps:
-    {{> setupGit}}
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v1
-      with:
-        languages: $\{{ matrix.language }}
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v1
+      {{> stepGit }}
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          languages: javascript
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2

package/lib/content/commitlintrc.js

@@ -1,7 +1,7 @@
 module.exports = {
   extends: ['@commitlint/config-conventional'],
   rules: {
-    'type-enum': [2, 'always', [{{#each changelogTypes}}'{{type}}'{{#unless @last}}, {{/unless}}{{/each}}]],
+    'type-enum': [2, 'always', [{{{ join (quote (pluck changelogTypes "type")) }}}]],
     'header-max-length': [2, 'always', 80],
     'subject-case': [0, 'always', ['lower-case', 'sentence-case', 'start-case']],
   },

package/lib/content/dependabot.yml

@@ -2,32 +2,14 @@ version: 2
 
 updates:
   - package-ecosystem: npm
-    directory: "/"
+    directory: {{ pkgDir }}
     schedule:
       interval: daily
     allow:
       - dependency-type: direct
-    versioning-strategy: increase-if-necessary
+    versioning-strategy: {{ dependabot }}
     commit-message:
       prefix: deps
       prefix-development: chore
     labels:
       - "Dependencies"
-
-  {{#if workspaces}}
-  {{#each workspaces}}
-  - package-ecosystem: npm
-    directory: "{{.}}/"
-    schedule:
-      interval: daily
-    allow:
-      - dependency-type: direct
-    versioning-strategy: increase-if-necessary
-    commit-message:
-      prefix: deps
-      prefix-development: chore
-    labels:
-      - "Dependencies"
-
-  {{/each}}
-  {{/if}}

package/lib/content/eslintrc.js

@@ -8,10 +8,10 @@ const localConfigs = readdir(__dirname)
 
 module.exports = {
   root: true,
-  {{#if isRootMono}}
+  {{#if workspaceGlobs}}
   ignorePatterns: [
-    {{#each workspaces}}
-    '{{.}}',
+    {{#each workspaceGlobs}}
+    '{{ . }}',
     {{/each}}
   ],
   {{/if}}

package/lib/content/gitignore

@@ -3,5 +3,5 @@
 
 # keep these
 {{#each ignorePaths}}
-{{.}}
+{{ . }}
 {{/each}}