@semantic-release/github 7.0.3 → 7.0.7

package/README.md

@@ -59,13 +59,16 @@ When creating the token, the **minimum required scopes** are:
 - [`repo`](https://github.com/settings/tokens/new?scopes=repo) for a private repository
 - [`public_repo`](https://github.com/settings/tokens/new?scopes=public_repo) for a public repository
 
+_Note on GitHub Actions:_ You can use the default token which is provided in  the secret _GITHUB_TOKEN_. However releases done with this token will NOT trigger release events to start other workflows.
+If you have actions that trigger on newly created releases, please use a generated token for that and store it in your repository's secrets (any other name than GITHUB_TOKEN is fine).
+
 ### Environment variables
 
-| Variable                       | Description                                               |
-| ------------------------------ | --------------------------------------------------------- |
-| `GH_TOKEN` or `GITHUB_TOKEN`   | **Required.** The token used to authenticate with GitHub. |
-| `GH_URL` or `GITHUB_URL`       | The GitHub Enterprise endpoint.                           |
-| `GH_PREFIX` or `GITHUB_PREFIX` | The GitHub Enterprise API prefix.                         |
+| Variable                                           | Description                                               |
+| -------------------------------------------------- | --------------------------------------------------------- |
+| `GH_TOKEN` or `GITHUB_TOKEN`                       | **Required.** The token used to authenticate with GitHub. |
+| `GITHUB_API_URL` or `GH_URL` or `GITHUB_URL`       | The GitHub Enterprise endpoint.                           |
+| `GH_PREFIX` or `GITHUB_PREFIX`                     | The GitHub Enterprise API prefix.                         |
 
 ### Options
 

package/index.js

@@ -14,7 +14,7 @@ async function verifyConditions(pluginConfig, context) {
   // If the GitHub publish plugin is used and has `assets`, `successComment`, `failComment`, `failTitle`, `labels` or `assignees` configured, validate it now in order to prevent any release if the configuration is wrong
   if (options.publish) {
     const publishPlugin =
-      castArray(options.publish).find(config => config.path && config.path === '@semantic-release/github') || {};
+      castArray(options.publish).find((config) => config.path && config.path === '@semantic-release/github') || {};
 
     pluginConfig.assets = defaultTo(pluginConfig.assets, publishPlugin.assets);
     pluginConfig.successComment = defaultTo(pluginConfig.successComment, publishPlugin.successComment);

package/lib/definitions/errors.js

@@ -3,8 +3,9 @@ const {isString} = require('lodash');
 const pkg = require('../../package.json');
 
 const [homepage] = pkg.homepage.split('#');
-const stringify = obj => (isString(obj) ? obj : inspect(obj, {breakLength: Infinity, depth: 2, maxArrayLength: 5}));
-const linkify = file => `${homepage}/blob/master/${file}`;
+const stringify = (object) =>
+  isString(object) ? object : inspect(object, {breakLength: Infinity, depth: 2, maxArrayLength: 5});
+const linkify = (file) => `${homepage}/blob/master/${file}`;
 
 module.exports = {
   EINVALIDASSETS: ({assets}) => ({

package/lib/find-sr-issues.js

@@ -7,5 +7,5 @@ module.exports = async (github, title, owner, repo) => {
     q: `in:title+repo:${owner}/${repo}+type:issue+state:open+${title}`,
   });
 
-  return issues.filter(issue => issue.body && issue.body.includes(ISSUE_ID));
+  return issues.filter((issue) => issue.body && issue.body.includes(ISSUE_ID));
 };

package/lib/get-client.js

@@ -11,7 +11,7 @@ const {RETRY_CONF, RATE_LIMITS, GLOBAL_RATE_LIMIT} = require('./definitions/rate
 /**
  * Http error status for which to not retry.
  */
-const SKIP_RETRY_CODES = [400, 401, 403];
+const SKIP_RETRY_CODES = new Set([400, 401, 403]);
 
 /**
  * Create or retrieve the throttler function for a given rate limit group.
@@ -50,7 +50,7 @@ module.exports = ({githubToken, githubUrl, githubApiPathPrefix, proxy}) => {
       try {
         return await getThrottler(limitKey, globalThrottler).wrap(request)(options);
       } catch (error) {
-        if (SKIP_RETRY_CODES.includes(error.status)) {
+        if (SKIP_RETRY_CODES.has(error.status)) {
           throw new pRetry.AbortError(error);
         }
 

package/lib/get-fail-comment.js

@@ -4,14 +4,16 @@ const GET_HELP_URL = `${HOME_URL}#get-help`;
 const USAGE_DOC_URL = `${HOME_URL}/blob/caribou/docs/usage/README.md`;
 const NEW_ISSUE_URL = `${HOME_URL}/issues/new`;
 
-const formatError = error => `### ${error.message}
+const formatError = (error) => `### ${error.message}
 
-${error.details ||
+${
+  error.details ||
   `Unfortunately this error doesn't have any additional information.${
     error.pluginName
       ? ` Feel free to kindly ask the author of the \`${error.pluginName}\` plugin to add more helpful information.`
       : ''
-  }`}`;
+  }`
+}`;
 
 module.exports = (branch, errors) => `## :rotating_light: The automated release from the \`${
   branch.name
@@ -36,7 +38,7 @@ If those don’t help, or if this issue is reporting something you think isn’t
 
 ---
 
-${errors.map(formatError).join('\n\n---\n\n')}
+${errors.map((error) => formatError(error)).join('\n\n---\n\n')}
 
 ---
 

package/lib/get-success-comment.js

@@ -1,5 +1,5 @@
 const HOME_URL = 'https://github.com/semantic-release/semantic-release';
-const linkify = releaseInfo =>
+const linkify = (releaseInfo) =>
   `${releaseInfo.url ? `[${releaseInfo.name}](${releaseInfo.url})` : `\`${releaseInfo.name}\``}`;
 
 module.exports = (issue, releaseInfos, nextRelease) =>
@@ -10,7 +10,7 @@ module.exports = (issue, releaseInfos, nextRelease) =>
       ? `\n\nThe release is available on${
           releaseInfos.length === 1
             ? ` ${linkify(releaseInfos[0])}`
-            : `:\n${releaseInfos.map(releaseInfo => `- ${linkify(releaseInfo)}`).join('\n')}`
+            : `:\n${releaseInfos.map((releaseInfo) => `- ${linkify(releaseInfo)}`).join('\n')}`
         }`
       : ''
   }

package/lib/glob-assets.js

@@ -10,7 +10,7 @@ module.exports = async ({cwd}, assets) =>
     []
       .concat(
         ...(await Promise.all(
-          assets.map(async asset => {
+          assets.map(async (asset) => {
             // Wrap single glob definition in Array
             let glob = castArray(isPlainObject(asset) ? asset.path : asset);
             // TODO Temporary workaround for https://github.com/mrmlnc/fast-glob/issues/47
@@ -40,7 +40,7 @@ module.exports = async ({cwd}, assets) =>
                 // - `path` of the matched file
                 // - `name` based on the actual file name (to avoid assets with duplicate `name`)
                 // - other properties of the original asset definition
-                return globbed.map(file => ({...asset, path: file, name: basename(file)}));
+                return globbed.map((file) => ({...asset, path: file, name: basename(file)}));
               }
 
               // If asset is an Object, output an Object definition with:
@@ -60,7 +60,7 @@ module.exports = async ({cwd}, assets) =>
           // Sort with Object first, to prioritize Object definition over Strings in dedup
         ))
       )
-      .sort(asset => (isPlainObject(asset) ? -1 : 1)),
+      .sort((asset) => (isPlainObject(asset) ? -1 : 1)),
     // Compare `path` property if Object definition, value itself if String
     (a, b) => path.resolve(cwd, isPlainObject(a) ? a.path : a) === path.resolve(cwd, isPlainObject(b) ? b.path : b)
   );

package/lib/parse-github-url.js

@@ -1,4 +1,4 @@
-module.exports = repositoryUrl => {
+module.exports = (repositoryUrl) => {
   const [match, auth, host, path] = /^(?!.+:\/\/)(?:(?<auth>.*)@)?(?<host>.*?):(?<path>.*)$/.exec(repositoryUrl) || [];
   try {
     const [, owner, repo] = /^\/(?<owner>[^/]+)?\/?(?<repo>.+?)(?:\.git)?$/.exec(

package/lib/publish.js

@@ -48,7 +48,7 @@ module.exports = async (pluginConfig, context) => {
   debug('globed assets: %o', globbedAssets);
 
   await Promise.all(
-    globbedAssets.map(async asset => {
+    globbedAssets.map(async (asset) => {
       const filePath = isPlainObject(asset) ? asset.path : asset;
       let file;
 

package/lib/resolve-config.js

@@ -16,7 +16,7 @@ module.exports = (
   {env}
 ) => ({
   githubToken: env.GH_TOKEN || env.GITHUB_TOKEN,
-  githubUrl: githubUrl || env.GH_URL || env.GITHUB_URL,
+  githubUrl: githubUrl || env.GITHUB_API_URL || env.GH_URL || env.GITHUB_URL,
   githubApiPathPrefix: githubApiPathPrefix || env.GH_PREFIX || env.GITHUB_PREFIX || '',
   proxy: proxy || env.HTTP_PROXY,
   assets: assets ? castArray(assets) : assets,

package/lib/success.js

@@ -39,11 +39,11 @@ module.exports = async (pluginConfig, context) => {
     logger.log('Skip commenting on issues and pull requests.');
   } else {
     const parser = issueParser('github', githubUrl ? {hosts: [githubUrl]} : {});
-    const releaseInfos = releases.filter(release => Boolean(release.name));
+    const releaseInfos = releases.filter((release) => Boolean(release.name));
     const shas = commits.map(({hash}) => hash);
 
     const searchQueries = getSearchQueries(`repo:${owner}/${repo}+type:pr+is:merged`, shas).map(
-      async q => (await github.search.issuesAndPullRequests({q})).data.items
+      async (q) => (await github.search.issuesAndPullRequests({q})).data.items
     );
 
     const prs = await pFilter(
@@ -55,24 +55,27 @@ module.exports = async (pluginConfig, context) => {
 
     debug(
       'found pull requests: %O',
-      prs.map(pr => pr.number)
+      prs.map((pr) => pr.number)
     );
 
     // Parse the release commits message and PRs body to find resolved issues/PRs via comment keyworkds
-    const issues = [...prs.map(pr => pr.body), ...commits.map(commit => commit.message)].reduce((issues, message) => {
-      return message
-        ? issues.concat(
-            parser(message)
-              .actions.close.filter(action => isNil(action.slug) || action.slug === `${owner}/${repo}`)
-              .map(action => ({number: parseInt(action.issue, 10)}))
-          )
-        : issues;
-    }, []);
+    const issues = [...prs.map((pr) => pr.body), ...commits.map((commit) => commit.message)].reduce(
+      (issues, message) => {
+        return message
+          ? issues.concat(
+              parser(message)
+                .actions.close.filter((action) => isNil(action.slug) || action.slug === `${owner}/${repo}`)
+                .map((action) => ({number: Number.parseInt(action.issue, 10)}))
+            )
+          : issues;
+      },
+      []
+    );
 
     debug('found issues via comments: %O', issues);
 
     await Promise.all(
-      uniqBy([...prs, ...issues], 'number').map(async issue => {
+      uniqBy([...prs, ...issues], 'number').map(async (issue) => {
         const body = successComment
           ? template(successComment)({...context, issue})
           : getSuccessComment(issue, releaseInfos, nextRelease);
@@ -85,7 +88,7 @@ module.exports = async (pluginConfig, context) => {
           logger.log('Added comment to issue #%d: %s', issue.number, url);
 
           if (releasedLabels) {
-            const labels = releasedLabels.map(label => template(label)(context));
+            const labels = releasedLabels.map((label) => template(label)(context));
             // Don’t use .issues.addLabels for GHE < 2.16 support
             // https://github.com/semantic-release/github/issues/138
             await github.request('POST /repos/:owner/:repo/issues/:number/labels', {
@@ -119,7 +122,7 @@ module.exports = async (pluginConfig, context) => {
     debug('found semantic-release issues: %O', srIssues);
 
     await Promise.all(
-      srIssues.map(async issue => {
+      srIssues.map(async (issue) => {
         debug('close issue: %O', issue);
         try {
           const updateIssue = {owner, repo, issue_number: issue.number, state: 'closed'};

package/lib/verify.js

@@ -6,16 +6,17 @@ const resolveConfig = require('./resolve-config');
 const getClient = require('./get-client');
 const getError = require('./get-error');
 
-const isNonEmptyString = value => isString(value) && value.trim();
-const isStringOrStringArray = value => isNonEmptyString(value) || (isArray(value) && value.every(isNonEmptyString));
-const isArrayOf = validator => array => isArray(array) && array.every(value => validator(value));
-const canBeDisabled = validator => value => value === false || validator(value);
+const isNonEmptyString = (value) => isString(value) && value.trim();
+const isStringOrStringArray = (value) =>
+  isNonEmptyString(value) || (isArray(value) && value.every((string) => isNonEmptyString(string)));
+const isArrayOf = (validator) => (array) => isArray(array) && array.every((value) => validator(value));
+const canBeDisabled = (validator) => (value) => value === false || validator(value);
 
 const VALIDATORS = {
-  proxy: proxy =>
+  proxy: (proxy) =>
     isNonEmptyString(proxy) || (isPlainObject(proxy) && isNonEmptyString(proxy.host) && isNumber(proxy.port)),
   assets: isArrayOf(
-    asset => isStringOrStringArray(asset) || (isPlainObject(asset) && isStringOrStringArray(asset.path))
+    (asset) => isStringOrStringArray(asset) || (isPlainObject(asset) && isStringOrStringArray(asset.path))
   ),
   successComment: canBeDisabled(isNonEmptyString),
   failTitle: canBeDisabled(isNonEmptyString),
@@ -68,6 +69,14 @@ module.exports = async (pluginConfig, context) => {
         },
       } = await github.repos.get({repo, owner});
       if (!push) {
+        // If authenticated as GitHub App installation, `push` will always be false.
+        // We send another request to check if current authentication is an installation.
+        // Note: we cannot check if the installation has all required permissions, it's
+        // up to the user to make sure it has
+        if (await github.request('HEAD /installation/repositories', {per_page: 1}).catch(() => false)) {
+          return;
+        }
+
         errors.push(getError('EGHNOPERMISSION', {owner, repo}));
       }
     } catch (error) {

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@semantic-release/github",
   "description": "semantic-release plugin to publish a GitHub release and comment on released Pull Requests/Issues",
-  "version": "7.0.3",
+  "version": "7.0.7",
   "author": "Pierre Vanduynslager (https://twitter.com/@pvdlg_)",
   "ava": {
     "files": [
@@ -16,13 +16,13 @@
     "Gregor Martynus (https://twitter.com/gr2m)"
   ],
   "dependencies": {
-    "@octokit/rest": "^16.43.0",
+    "@octokit/rest": "^17.0.0",
     "@semantic-release/error": "^2.2.0",
     "aggregate-error": "^3.0.0",
     "bottleneck": "^2.18.1",
     "debug": "^4.0.0",
     "dir-glob": "^3.0.0",
-    "fs-extra": "^8.0.0",
+    "fs-extra": "^9.0.0",
     "globby": "^11.0.0",
     "http-proxy-agent": "^4.0.0",
     "https-proxy-agent": "^5.0.0",
@@ -37,15 +37,15 @@
     "ava": "^3.1.0",
     "clear-module": "^4.0.0",
     "codecov": "^3.5.0",
-    "nock": "^11.1.0",
+    "nock": "^12.0.0",
     "nyc": "^15.0.0",
     "proxy": "^1.0.0",
     "proxyquire": "^2.0.0",
     "semantic-release": "^17.0.0",
     "server-destroy": "^1.0.1",
-    "sinon": "^8.0.0",
-    "tempy": "^0.3.0",
-    "xo": "^0.25.2"
+    "sinon": "^9.0.0",
+    "tempy": "^0.5.0",
+    "xo": "^0.30.0"
   },
   "engines": {
     "node": ">=10.18"
@@ -110,7 +110,8 @@
         {
           "properties": "never"
         }
-      ]
+      ],
+      "unicorn/string-content": "off"
     }
   }
 }