@npmcli/template-oss 4.23.0 → 4.23.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. package/lib/config.js +2 -1
  2. package/lib/content/SECURITY-md.hbs +1 -1
  3. package/lib/content/action-create-check-yml.hbs +1 -1
  4. package/lib/content/action-install-latest-npm-yml.hbs +1 -1
  5. package/lib/content/codeql-analysis-yml.hbs +2 -2
  6. package/lib/content/commitlintrc-js.hbs +1 -0
  7. package/lib/content/package-json.hbs +4 -1
  8. package/lib/content/post-dependabot-yml.hbs +2 -3
  9. package/lib/util/dependabot.js +1 -1
  10. package/package.json +1 -1
package/lib/config.js CHANGED
@@ -169,7 +169,8 @@ const getFullConfig = async ({
169
169
  cjsExt: esm ? 'cjs' : 'js',
170
170
  deleteJsExt: esm ? 'js' : 'cjs',
171
171
  // tap
172
- tap18: semver.coerce(pkg.pkgJson?.devDependencies?.tap)?.major === 18,
172
+ // 18 and up doesn't like nyc-arg
173
+ tap18: semver.coerce(pkg.pkgJson?.devDependencies?.tap)?.major >= 18,
173
174
  tap16: semver.coerce(pkg.pkgJson?.devDependencies?.tap)?.major === 16,
174
175
  // booleans to control application of updates
175
176
  isForce,
package/lib/content/SECURITY-md.hbs CHANGED
@@ -1,6 +1,6 @@
1
1
  GitHub takes the security of our software products and services seriously, including the open source code repositories managed through our GitHub organizations, such as [GitHub](https://github.com/GitHub).
2
2
 
3
- If you believe you have found a security vulnerability in this GitHub-owned open source repository, you can report it to us in one of two ways.
3
+ If you believe you have found a security vulnerability in this GitHub-owned open source repository, you can report it to us in one of two ways.
4
4
 
5
5
  If the vulnerability you have found is *not* [in scope for the GitHub Bug Bounty Program](https://bounty.github.com/#scope) or if you do not wish to be considered for a bounty reward, please report the issue to us directly through [opensource-security@github.com](mailto:opensource-security@github.com).
6
6
 
package/lib/content/action-create-check-yml.hbs CHANGED
@@ -23,7 +23,7 @@ runs:
23
23
  with:
24
24
  result-encoding: string
25
25
  script: |
26
- const { repo: { owner, repo}, runId, serverUrl } = context
26
+ const { repo: { owner, repo}, runId, serverUrl } = context
27
27
  const { JOB_NAME, SHA } = process.env
28
28
 
29
29
  const job = await github.rest.actions.listJobsForWorkflowRun({
package/lib/content/action-install-latest-npm-yml.hbs CHANGED
@@ -42,7 +42,7 @@ runs:
42
42
  MATCH=$SPEC
43
43
  echo "Found compatible version: npm@$MATCH"
44
44
  break
45
- fi
45
+ fi
46
46
  done
47
47
 
48
48
  if [ -z $MATCH ]; then
package/lib/content/codeql-analysis-yml.hbs CHANGED
@@ -26,8 +26,8 @@ jobs:
26
26
  steps:
27
27
  {{> stepGitYml }}
28
28
  - name: Initialize CodeQL
29
- uses: github/codeql-action/init@v2
29
+ uses: github/codeql-action/init@v3
30
30
  with:
31
31
  languages: javascript
32
32
  - name: Perform CodeQL Analysis
33
- uses: github/codeql-action/analyze@v2
33
+ uses: github/codeql-action/analyze@v3
package/lib/content/commitlintrc-js.hbs CHANGED
@@ -5,5 +5,6 @@ module.exports = {
5
5
  'header-max-length': [2, 'always', 80],
6
6
  'subject-case': [0],
7
7
  'body-max-line-length': [0],
8
+ 'footer-max-line-length': [0],
8
9
  },
9
10
  }
package/lib/content/package-json.hbs CHANGED
@@ -42,7 +42,10 @@
42
42
  "standard": {{{ del }}},
43
43
  "tap": {
44
44
  {{#if workspacePaths}}
45
- "test-ignore": "^({{ join workspacePaths "|" }})/",
45
+ "exclude": {{#if tap18}}[
46
+ "{{ join workspaceGlobs "," }}"
47
+ ]{{else }}{{{ del }}}{{/if}},
48
+ "test-ignore": {{#if tap18}}{{{ del }}}{{else}}"^({{ join workspacePaths "|" }})/"{{/if}},
46
49
  {{/if}}
47
50
  {{#if typescript}}
48
51
  {{#if tap16}}
package/lib/content/post-dependabot-yml.hbs CHANGED
@@ -26,7 +26,7 @@ jobs:
26
26
  id: flags
27
27
  run: |
28
28
  dependabot_dir="$\{{ steps.metadata.outputs.directory }}"
29
- if [[ "$dependabot_dir" == "/" ]]; then
29
+ if [[ "$dependabot_dir" == "/" || "$dependabot_dir" == "/{{ releaseBranch }}" ]]; then
30
30
  echo "workspace=-iwr" >> $GITHUB_OUTPUT
31
31
  else
32
32
  # strip leading slash from directory so it works as a
@@ -64,7 +64,7 @@ jobs:
64
64
  run: |
65
65
  git commit -am "$\{{ steps.apply.outputs.message }}"
66
66
  git push
67
-
67
+
68
68
  # If the previous step failed, then reset the commit and remove any workflow changes
69
69
  # and attempt to commit and push again. This is helpful because we will have a commit
70
70
  # with the correct prefix that we can then --amend with @npmcli/stafftools later.
@@ -98,4 +98,3 @@ jobs:
98
98
  echo "This PR has a breaking change. Run 'npx -p @npmcli/stafftools gh template-oss-fix'"
99
99
  echo "for more information on how to fix this with a BREAKING CHANGE footer."
100
100
  exit 1
101
-
package/lib/util/dependabot.js CHANGED
@@ -1,7 +1,7 @@
1
1
  const { name: NAME } = require('../../package.json')
2
2
  const { minimatch } = require('minimatch')
3
3
 
4
- const parseDependabotConfig = v => (typeof v === 'string' ? { strategy: v } : v ?? {})
4
+ const parseDependabotConfig = v => (typeof v === 'string' ? { strategy: v } : (v ?? {}))
5
5
 
6
6
  module.exports = (config, defaultConfig, branches) => {
7
7
  const { dependabot } = config
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@npmcli/template-oss",
3
- "version": "4.23.0",
3
+ "version": "4.23.2",
4
4
  "description": "templated files used in npm CLI team oss projects",
5
5
  "main": "lib/content/index.js",
6
6
  "bin": {