@semantic-release/github 10.1.4 → 10.1.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/lib/definitions/errors.js +13 -0
  2. package/lib/success.js +69 -8
  3. package/lib/verify.js +17 -18
  4. package/package.json +2 -2
package/lib/definitions/errors.js CHANGED
@@ -139,6 +139,19 @@ By default the \`repositoryUrl\` option is retrieved from the \`repository\` pro
139
139
  };
140
140
  }
141
141
 
142
+ export function EMISMATCHGITHUBURL({ repositoryUrl, clone_url }) {
143
+ return {
144
+ message: "The git repository URL mismatches the GitHub URL.",
145
+ details: `The **semantic-release** \`repositoryUrl\` option must have the same repository name and owner as the GitHub repo.
146
+
147
+ Your configuration for the \`repositoryUrl\` option is \`${stringify(repositoryUrl)}\` and the \`clone_url\` of your GitHub repo is \`${stringify(clone_url)}\`.
148
+
149
+ By default the \`repositoryUrl\` option is retrieved from the \`repository\` property of your \`package.json\` or the [git origin url](https://git-scm.com/book/en/v2/Git-Basics-Working-with-Remotes) of the repository cloned by your CI environment.
150
+
151
+ Note: If you have recently changed your GitHub repository name or owner, update the value in **semantic-release** \`repositoryUrl\` option and the \`repository\` property of your \`package.json\` respectively to match the new GitHub URL.`,
152
+ };
153
+ }
154
+
142
155
  export function EINVALIDPROXY({ proxy }) {
143
156
  return {
144
157
  message: "Invalid `proxy` option.",
package/lib/success.js CHANGED
@@ -67,13 +67,44 @@ export default async function success(pluginConfig, context, { Octokit }) {
67
67
  const releaseInfos = releases.filter((release) => Boolean(release.name));
68
68
  const shas = commits.map(({ hash }) => hash);
69
69
 
70
- const { repository } = await octokit.graphql(
71
- buildAssociatedPRsQuery(shas),
72
- { owner, repo },
73
- );
74
- const associatedPRs = Object.values(repository).map(
75
- (item) => item.associatedPullRequests.nodes,
76
- );
70
+ const associatedPRs = [];
71
+
72
+ // Split commit shas into chunks of 100 shas
73
+ const chunkSize = 100;
74
+ const shasChunks = [];
75
+ for (let i = 0; i < shas.length; i += chunkSize) {
76
+ const chunk = shas.slice(i, i + chunkSize);
77
+ shasChunks.push(chunk);
78
+ }
79
+ for (const chunk of shasChunks) {
80
+ const { repository } = await octokit.graphql(
81
+ buildAssociatedPRsQuery(chunk),
82
+ { owner, repo },
83
+ );
84
+ const responseAssociatedPRs = Object.values(repository).map(
85
+ (item) => item.associatedPullRequests,
86
+ );
87
+ for (const { nodes, pageInfo } of responseAssociatedPRs) {
88
+ associatedPRs.push(nodes);
89
+ if (pageInfo.hasNextPage) {
90
+ let cursor = pageInfo.endCursor;
91
+ let hasNextPage = true;
92
+ while (hasNextPage) {
93
+ const { repository } = await octokit.graphql(
94
+ loadSingleCommitAssociatedPRs,
95
+ { owner, repo, sha: response.commit.oid, cursor },
96
+ );
97
+ const { associatedPullRequests } = repository.commit;
98
+ associatedPRs.push(associatedPullRequests.nodes);
99
+ if (associatedPullRequests.pageInfo.hasNextPage) {
100
+ cursor = associatedPullRequests.pageInfo.endCursor;
101
+ } else {
102
+ hasNextPage = false;
103
+ }
104
+ }
105
+ }
106
+ }
107
+ }
77
108
 
78
109
  const uniqueAssociatedPRs = uniqBy(flatten(associatedPRs), "number");
79
110
 
@@ -252,7 +283,7 @@ export default async function success(pluginConfig, context, { Octokit }) {
252
283
  * @param {Array<string>} shas
253
284
  * @returns {string}
254
285
  */
255
- export function buildAssociatedPRsQuery(shas) {
286
+ function buildAssociatedPRsQuery(shas) {
256
287
  return `#graphql
257
288
  query getAssociatedPRs($owner: String!, $repo: String!) {
258
289
  repository(owner: $owner, name: $repo) {
@@ -260,7 +291,12 @@ export function buildAssociatedPRsQuery(shas) {
260
291
  .map((sha) => {
261
292
  return `commit${sha.slice(0, 6)}: object(oid: "${sha}") {
262
293
  ...on Commit {
294
+ oid
263
295
  associatedPullRequests(first: 100) {
296
+ pageInfo {
297
+ endCursor
298
+ hasNextPage
299
+ }
264
300
  nodes {
265
301
  url
266
302
  number
@@ -275,3 +311,28 @@ export function buildAssociatedPRsQuery(shas) {
275
311
  }
276
312
  `;
277
313
  }
314
+
315
+ /**
316
+ * GraphQL Query to fetch additional associatedPR for commits that has more than 100 associatedPRs
317
+ */
318
+ const loadSingleCommitAssociatedPRs = `#graphql
319
+ query getCommitAssociatedPRs($owner: String!, $repo: String!, $sha: String!, $cursor: String) {
320
+ repository(owner: $owner, name: $repo) {
321
+ commit: object(oid: $sha) {
322
+ ...on Commit {
323
+ associatedPullRequests(after: $cursor, first: 100) {
324
+ pageInfo {
325
+ endCursor
326
+ hasNextPage
327
+ }
328
+ nodes {
329
+ url
330
+ number
331
+ body
332
+ }
333
+ }
334
+ }
335
+ }
336
+ }
337
+ }
338
+ `;
package/lib/verify.js CHANGED
@@ -103,35 +103,34 @@ export default async function verify(pluginConfig, context, { Octokit }) {
103
103
  proxy,
104
104
  }),
105
105
  );
106
-
107
- // https://github.com/semantic-release/github/issues/182
108
- // Do not check for permissions in GitHub actions, as the provided token is an installation access token.
109
- // octokit.request("GET /repos/{owner}/{repo}", {repo, owner}) does not return the "permissions" key in that case.
110
- // But GitHub Actions have all permissions required for @semantic-release/github to work
111
- if (env.GITHUB_ACTION) {
112
- return;
113
- }
114
-
115
106
  try {
116
107
  const {
117
- data: {
118
- permissions: { push },
119
- },
108
+ data: { permissions, clone_url },
120
109
  } = await octokit.request("GET /repos/{owner}/{repo}", { repo, owner });
121
- if (!push) {
110
+ // Verify if Repository Name wasn't changed
111
+ const parsedCloneUrl = parseGithubUrl(clone_url);
112
+ if (owner !== parsedCloneUrl.owner || repo !== parsedCloneUrl.repo) {
113
+ errors.push(
114
+ getError("EMISMATCHGITHUBURL", { repositoryUrl, clone_url }),
115
+ );
116
+ }
117
+
118
+ // https://github.com/semantic-release/github/issues/182
119
+ // Do not check for permissions in GitHub actions, as the provided token is an installation access token.
120
+ // octokit.request("GET /repos/{owner}/{repo}", {repo, owner}) does not return the "permissions" key in that case.
121
+ // But GitHub Actions have all permissions required for @semantic-release/github to work
122
+ if (!env.GITHUB_ACTION && !permissions?.push) {
122
123
  // If authenticated as GitHub App installation, `push` will always be false.
123
124
  // We send another request to check if current authentication is an installation.
124
125
  // Note: we cannot check if the installation has all required permissions, it's
125
126
  // up to the user to make sure it has
126
127
  if (
127
- await octokit
128
+ !(await octokit
128
129
  .request("HEAD /installation/repositories", { per_page: 1 })
129
- .catch(() => false)
130
+ .catch(() => false))
130
131
  ) {
131
- return;
132
+ errors.push(getError("EGHNOPERMISSION", { owner, repo }));
132
133
  }
133
-
134
- errors.push(getError("EGHNOPERMISSION", { owner, repo }));
135
134
  }
136
135
  } catch (error) {
137
136
  if (error.status === 401) {
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "@semantic-release/github",
3
3
  "description": "semantic-release plugin to publish a GitHub release and comment on released Pull Requests/Issues",
4
- "version": "10.1.4",
4
+ "version": "10.1.6",
5
5
  "type": "module",
6
6
  "author": "Pierre Vanduynslager (https://twitter.com/@pvdlg_)",
7
7
  "ava": {
@@ -49,7 +49,7 @@
49
49
  "ls-engines": "0.9.3",
50
50
  "npm-run-all2": "6.2.2",
51
51
  "prettier": "3.3.3",
52
- "publint": "0.2.9",
52
+ "publint": "0.2.10",
53
53
  "semantic-release": "24.0.0",
54
54
  "sinon": "18.0.0",
55
55
  "tempy": "3.1.0"