bulk-release 2.20.0 → 2.21.0

package/src/main/js/processor/generators/meta.js

@@ -0,0 +1,80 @@
+// Meta generator: builds pkg.meta payload and resolves latest-release meta from git tags / gh assets / meta branch.
+
+import {semver, $, fs, path} from 'zx-extra'
+import {fetchRepo, getTags as getGitTags, getRepo} from '../api/git.js'
+import {fetchManifest} from '../api/npm.js'
+import {ghGetAsset} from '../api/gh.js'
+import {parseTag} from './tag.js'
+
+export const isAssetMode = (type) => type === 'asset' || type === 'assets'
+
+// Build pkg.meta and, in asset mode, inject a meta.json entry into pkg.config.ghAssets.
+// Runs in the prepare phase — serial, before any publisher.run() — so the asset mutation
+// is guaranteed visible to gh-release.
+export const prepareMeta = async (pkg) => {
+  const {type} = pkg.config.meta
+  if (type === null) return
+
+  const {absPath: cwd} = pkg
+  const hash = (await $.o({cwd})`git rev-parse HEAD`).toString().trim()
+  pkg.meta = {
+    META_VERSION: '1',
+    hash,
+    name: pkg.name,
+    version: pkg.version,
+    dependencies: pkg.dependencies,
+    devDependencies: pkg.devDependencies,
+    peerDependencies: pkg.peerDependencies,
+    optionalDependencies: pkg.optionalDependencies,
+  }
+
+  if (isAssetMode(type)) {
+    pkg.config.ghAssets = [...pkg.config.ghAssets || [], {
+      name: 'meta.json',
+      contents: JSON.stringify(pkg.meta, null, 2),
+    }]
+  }
+}
+
+export const getLatest = async (pkg) => {
+  const {absPath: cwd, name} = pkg
+  const tag = await getLatestTag(cwd, name)
+  const meta = await getLatestMeta(pkg, tag)
+
+  return {tag, meta}
+}
+
+export const getTags = async (cwd, ref) =>
+  (await getGitTags(cwd, ref))
+    .map(tag => parseTag(tag.trim()))
+    .filter(Boolean)
+    .sort((a, b) => semver.rcompare(a.version, b.version))
+
+export const getLatestTag = async (cwd, name) =>
+  (await getTags(cwd)).find(tag => tag.name === name)
+
+export const getLatestTaggedVersion = async (cwd, name) =>
+  (await getLatestTag(cwd, name))?.version || undefined
+
+export const getArtifactPath = (tag) => tag.toLowerCase().replace(/[^a-z0-9-]/g, '-')
+
+export const getLatestMeta = async (pkg, tag) => {
+  if (tag) {
+    const {absPath: cwd, config: {ghBasicAuth: basicAuth, ghUrl}} = pkg
+    const {repoName} = await getRepo(cwd, {basicAuth})
+
+    try {
+      return JSON.parse(await ghGetAsset({repoName, tag, name: 'meta.json', ghUrl}))
+    } catch {}
+
+    try {
+      const _cwd = await fetchRepo({cwd, branch: 'meta', basicAuth})
+      return await Promise.any([
+        fs.readJson(path.resolve(_cwd, `${getArtifactPath(tag)}.json`)),
+        fs.readJson(path.resolve(_cwd, getArtifactPath(tag), 'meta.json'))
+      ])
+    } catch {}
+  }
+
+  return fetchManifest(pkg, {nothrow: true})
+}

package/src/main/js/{api/changelog.js → processor/generators/notes.js}

@@ -1,25 +1,7 @@
-import {$} from 'zx-extra'
-import {queuefy} from 'queuefy'
-import {fetchRepo, getRepo, pushCommit} from './git.js'
-import {log} from '../log.js'
-import {formatTag} from '../processor/meta.js'
-import {msgJoin} from '../util.js'
+// Release notes formatting. Pure except for a single getRepo() call to resolve repoPublicUrl.
 
-export const pushChangelog = queuefy(async (pkg) => {
-  const {absPath: cwd, config: {changelog: opts, gitCommitterEmail, gitCommitterName, ghBasicAuth: basicAuth}} = pkg
-  if (!opts) return
-
-  log({pkg})('push changelog')
-  const [branch = 'changelog', file = `${pkg.name.replace(/[^a-z0-9-]/ig, '')}-changelog.md`, ..._msg] = typeof opts === 'string'
-    ? opts.split(' ')
-    : [opts.branch, opts.file, opts.msg]
-  const _cwd = await fetchRepo({cwd, branch, basicAuth})
-  const msg = msgJoin(_msg, pkg, 'chore: update changelog ${{name}}')
-  const releaseNotes = await formatReleaseNotes(pkg)
-
-  await $({cwd: _cwd})`echo ${releaseNotes}"\n$(cat ./${file})" > ./${file}`
-  await pushCommit({cwd, branch, msg, gitCommitterEmail, gitCommitterName, basicAuth})
-})
+import {getRepo} from '../api/git.js'
+import {formatTag} from './tag.js'
 
 export const DIFF_TAG_URL = '${repoPublicUrl}/compare/${prevTag}...${newTag}'
 export const DIFF_COMMIT_URL = '${repoPublicUrl}/commit/${hash}'

package/src/main/js/processor/{meta.js → generators/tag.js}

@@ -1,78 +1,7 @@
-// Semantic tags processing
+// Pure tag parsing/formatting. No IO, no side effects.
 
 import {Buffer} from 'node:buffer'
-import {queuefy} from 'queuefy'
-import {semver, $, fs, path} from 'zx-extra'
-import {log} from '../log.js'
-import {fetchRepo, pushCommit, getTags as getGitTags, pushTag, getRepo} from '../api/git.js'
-import {fetchManifest} from '../api/npm.js'
-import {ghGetAsset} from '../api/gh.js'
-
-export const pushReleaseTag = async (pkg) => {
-  const {name, version, tag = formatTag({name, version}), config: {gitCommitterEmail, gitCommitterName}} = pkg
-  const cwd = pkg.context.git.root
-
-  pkg.context.git.tag = tag
-  log({pkg})(`push release tag ${tag}`)
-
-  await pushTag({cwd, tag, gitCommitterEmail, gitCommitterName})
-}
-
-export const prepareMeta = async (pkg) => {
-  const {absPath: cwd} = pkg
-  const hash = (await $.o({cwd})`git rev-parse HEAD`).toString().trim()
-  pkg.meta = {
-    META_VERSION: '1',
-    hash,
-    name: pkg.name,
-    version: pkg.version,
-    dependencies: pkg.dependencies,
-    devDependencies: pkg.devDependencies,
-    peerDependencies: pkg.peerDependencies,
-    optionalDependencies: pkg.optionalDependencies,
-  }
-}
-
-export const pushMeta = queuefy(async (pkg) => {
-  const {type} = pkg.config.meta
-
-  if (type === null) {
-    return
-  }
-
-  if (!pkg.meta) {
-    await prepareMeta(pkg)
-  }
-
-  if (type === 'asset' || type === 'assets') {
-    pkg.config.ghAssets = [...pkg.config.ghAssets || [], {
-      name: 'meta.json',
-      contents: JSON.stringify(pkg.meta, null, 2)
-    }]
-    return
-  }
-
-  log({pkg})('push artifact to branch \'meta\'')
-
-  const {name, version, meta, tag = formatTag({name, version}), absPath: cwd, config: {gitCommitterEmail, gitCommitterName, ghBasicAuth: basicAuth}} = pkg
-  const to = '.'
-  const branch = 'meta'
-  const msg = `chore: release meta ${name} ${version}`
-  const files = [{relpath: `${getArtifactPath(tag)}.json`, contents: meta}]
-
-  await pushCommit({cwd, to, branch, msg, files, gitCommitterEmail, gitCommitterName, basicAuth})
-})
-
-export const getLatest = async (pkg) => {
-  const {absPath: cwd, name } = pkg
-  const tag = await getLatestTag(cwd, name)
-  const meta = await getLatestMeta(pkg, tag)
-
-  return {
-    tag,
-    meta
-  }
-}
+import {semver} from 'zx-extra'
 
 const isSafeName = n => /^(@?[a-z0-9-]+\/)?[a-z0-9-]+$/.test(n)
 
@@ -197,41 +126,6 @@ export const parseTag = (tag) => f0.parse(tag) || f1.parse(tag) || lerna.parse(t
 
 export const formatTag = (tag, tagFormat = tag.format) => getFormatter(tagFormat).format(tag) || f0.format(tag) || f1.format(tag) || null
 
-export const getTags = async (cwd, ref = '') =>
-  (await getGitTags(cwd, ref))
-    .map(tag => parseTag(tag.trim()))
-    .filter(Boolean)
-    .sort((a, b) => semver.rcompare(a.version, b.version))
-
-export const getLatestTag = async (cwd, name) =>
-  (await getTags(cwd)).find(tag => tag.name === name)
-
-export const getLatestTaggedVersion = async (cwd, name) =>
-  (await getLatestTag(cwd, name))?.version || undefined
-
 export const formatDateTag = (date = new Date()) => `${date.getUTCFullYear()}.${date.getUTCMonth() + 1}.${date.getUTCDate()}`
 
-export const parseDateTag = (date) => new Date(date.replaceAll('.', '-')+'Z')
-
-export const getArtifactPath = (tag) => tag.toLowerCase().replace(/[^a-z0-9-]/g, '-')
-
-export const getLatestMeta = async (pkg, tag) => {
-  if (tag) {
-    const {absPath: cwd, config: {ghBasicAuth: basicAuth, ghUrl}} = pkg
-    const {repoName} = await getRepo(cwd, {basicAuth})
-
-    try {
-      return JSON.parse(await ghGetAsset({repoName, tag, name: 'meta.json', ghUrl}))
-    } catch {}
-
-    try {
-      const _cwd = await fetchRepo({cwd, branch: 'meta', basicAuth})
-      return await Promise.any([
-        fs.readJson(path.resolve(_cwd, `${getArtifactPath(tag)}.json`)),
-        fs.readJson(path.resolve(_cwd, getArtifactPath(tag), 'meta.json'))
-      ])
-    } catch {}
-  }
-
-  return fetchManifest(pkg, {nothrow: true})
-}
+export const parseDateTag = (date) => new Date(date.replaceAll('.', '-') + 'Z')

package/src/main/js/processor/log.js

@@ -0,0 +1,86 @@
+import {$, fs} from 'zx-extra'
+import {get, set} from '../util.js'
+
+// Credential redactor: masks tokens/passwords that may leak into log output.
+// Secrets are registered via `log.secret(value)` — typically once, when env/config is parsed.
+const secrets = new Set()
+export const redact = (v) => {
+  if (!secrets.size || typeof v !== 'string') return v
+  for (const s of secrets) v = v.replaceAll(s, '***')
+  return v
+}
+
+// Module-level logger. Delegates to $.report when inside a release run, falls back to console.
+const sanitize = (args) => args.map(a => typeof a === 'string' ? redact(a) : a)
+const r = () => $.report || console
+
+export const log = Object.assign(
+  (...args) => r().log(...sanitize(args)),
+  {
+    info:   (...args) => r().log(...sanitize(args)),
+    warn:   (...args) => r().warn(...sanitize(args)),
+    error:  (...args) => r().error(...sanitize(args)),
+    secret: (...values) => values.forEach(v => { if (v) secrets.add(String(v)) }),
+  }
+)
+
+export const createReport = ({logger = console, packages = {}, queue = [], flags} = {}) => ({
+  logger,
+  flags,
+  file: flags.report || flags.file,
+  status: 'initial',
+  events: [],
+  queue,
+  packages: Object.entries(packages).reduce((acc, [name, {manifest: {version}, absPath, relPath}]) => {
+    acc[name] = {
+      status: 'initial',
+      name,
+      version,
+      path: absPath,
+      relPath
+    }
+    return acc
+  }, {}),
+  get(key, pkgName) {
+    return get(
+      pkgName ? this.packages[pkgName] : this,
+      key
+    )
+  },
+  set(key, value, pkgName) {
+    // set({k1: v1, k2: v2}, pkgName) — batch
+    if (key && typeof key === 'object') {
+      const target = value ? this.packages[value] : this
+      for (const [k, v] of Object.entries(key)) set(target, k, v)
+      return this
+    }
+    set(
+      pkgName ? this.packages[pkgName] : this,
+      key,
+      value
+    )
+    return this
+  },
+  setStatus(status, name) {
+    this.set('status', status, name)
+    this.save()
+    return this
+  },
+  getStatus(status, name) {
+    return this.get('status', name)
+  },
+  _log(level, ...chunks) {
+    const scope = $.scope || '~'
+    const msg = sanitize(chunks)
+    this.events.push({msg, scope, date: Date.now(), level})
+    logger[level === 'info' ? 'log' : level](`[${scope}]`, ...msg)
+    return this
+  },
+  log(...chunks)   { return this._log('info', ...chunks) },
+  warn(...chunks)  { return this._log('warn', ...chunks) },
+  error(...chunks) { return this._log('error', ...chunks) },
+  save() {
+    this.file && fs.outputJsonSync(this.file, this)
+    return this
+  }
+})

package/src/main/js/processor/publishers/changelog.js

@@ -0,0 +1,26 @@
+import {$} from 'zx-extra'
+import {queuefy} from 'queuefy'
+import {fetchRepo, pushCommit} from '../api/git.js'
+import {formatReleaseNotes} from '../generators/notes.js'
+import {log} from '../log.js'
+import {asTuple, msgJoin} from '../../util.js'
+
+const run = queuefy(async (pkg) => {
+  const {absPath: cwd, config: {changelog: opts, gitCommitterEmail, gitCommitterName, ghBasicAuth: basicAuth}} = pkg
+  if (!opts) return
+
+  log.info('push changelog')
+  const [branch = 'changelog', file = `${pkg.name.replace(/[^a-z0-9-]/ig, '')}-changelog.md`, ..._msg] = asTuple(opts, ['branch', 'file', 'msg'])
+  const _cwd = await fetchRepo({cwd, branch, basicAuth})
+  const msg = msgJoin(_msg, pkg, 'chore: update changelog ${{name}}')
+  const releaseNotes = await formatReleaseNotes(pkg)
+
+  await $({cwd: _cwd})`echo ${releaseNotes}"\n$(cat ./${file})" > ./${file}`
+  await pushCommit({cwd, branch, msg, gitCommitterEmail, gitCommitterName, basicAuth})
+})
+
+export default {
+  name: 'changelog',
+  when: (pkg) => !!pkg.config.changelog,
+  run,
+}

package/src/main/js/processor/publishers/cmd.js

@@ -0,0 +1,6 @@
+export default {
+  name: 'cmd',
+  when: (pkg) => !!(pkg.ctx?.flags?.publishCmd ?? pkg.config.publishCmd),
+  run:  (pkg, exec) => exec(pkg, 'publishCmd'),
+  snapshot: true,
+}

package/src/main/js/processor/publishers/gh-pages.js

@@ -0,0 +1,32 @@
+import {queuefy} from 'queuefy'
+import {path} from 'zx-extra'
+import {log} from '../log.js'
+import {pushCommit} from '../api/git.js'
+import {asTuple, msgJoin} from '../../util.js'
+
+const run = queuefy(async (pkg) => {
+  const {config: {ghPages: opts, gitCommitterEmail, gitCommitterName, ghBasicAuth: basicAuth}} = pkg
+  if (!opts) return
+
+  const [branch = 'gh-pages', from = 'docs', to = '.', ..._msg] = asTuple(opts, ['branch', 'from', 'to', 'msg'])
+  const msg = msgJoin(_msg, pkg, 'docs: update docs ${{name}} ${{version}}')
+
+  log.info(`publish docs to ${branch}`)
+
+  await pushCommit({
+    cwd: path.join(pkg.absPath, from),
+    from: '.',
+    to,
+    branch,
+    msg,
+    gitCommitterEmail,
+    gitCommitterName,
+    basicAuth,
+  })
+})
+
+export default {
+  name: 'gh-pages',
+  when: (pkg) => !!pkg.config.ghPages,
+  run,
+}

package/src/main/js/processor/publishers/gh-release.js

@@ -0,0 +1,41 @@
+import {log} from '../log.js'
+import {getRepo, getRoot} from '../api/git.js'
+import {ghCreateRelease, ghDeleteReleaseByTag, ghUploadAssets} from '../api/gh.js'
+import {formatTag} from '../generators/tag.js'
+import {formatReleaseNotes} from '../generators/notes.js'
+
+const run = async (pkg) => {
+  const {ghBasicAuth: basicAuth, ghToken, ghAssets, ghApiUrl} = pkg.config
+  if (!ghToken) return null
+
+  log.info('create gh release')
+
+  const now = Date.now()
+  const {name, version, absPath: cwd, tag = formatTag({name, version})} = pkg
+  const {repoName} = await getRepo(cwd, {basicAuth})
+  const body = await formatReleaseNotes(pkg)
+  const res = await ghCreateRelease({ghApiUrl, ghToken, repoName, tag, body})
+
+  if (ghAssets?.length) {
+    // GH API returns a pseudo-url `...releases/110103594/assets{?name,label}` — strip the template.
+    const uploadUrl = res.upload_url.slice(0, res.upload_url.indexOf('{'))
+    await ghUploadAssets({ghToken, ghAssets, uploadUrl, cwd})
+  }
+
+  log.info(`duration gh release: ${Date.now() - now}`)
+}
+
+const undo = async (pkg, {tag}) => {
+  const {ghBasicAuth: basicAuth, ghToken, ghApiUrl} = pkg.config
+  if (!ghToken) return
+  const cwd = await getRoot(pkg.absPath)
+  const {repoName} = await getRepo(cwd, {basicAuth})
+  await ghDeleteReleaseByTag({ghApiUrl, ghToken, repoName, tag})
+}
+
+export default {
+  name: 'gh-release',
+  when: (pkg) => !!pkg.config.ghToken,
+  run,
+  undo,
+}

package/src/main/js/processor/publishers/meta.js

@@ -0,0 +1,58 @@
+// Meta publisher: pushes meta artifacts to the `meta` branch and undoes them on rollback.
+// The meta payload itself is built by the generator (../generators/meta.js).
+
+import {queuefy} from 'queuefy'
+import {fs, path} from 'zx-extra'
+import {log} from '../log.js'
+import {fetchRepo, pushCommit} from '../api/git.js'
+import {formatTag} from '../generators/tag.js'
+import {prepareMeta, getArtifactPath, isAssetMode} from '../generators/meta.js'
+
+// Push the meta artifact to the `meta` branch. No-op in asset mode (handled by gh-release).
+const pushMetaBranch = queuefy(async (pkg) => {
+  const {type} = pkg.config.meta
+  if (type === null || isAssetMode(type)) return
+
+  log.info('push artifact to branch \'meta\'')
+
+  const {name, version, meta, tag = formatTag({name, version}), absPath: cwd, config: {gitCommitterEmail, gitCommitterName, ghBasicAuth: basicAuth}} = pkg
+  const msg = `chore: release meta ${name} ${version}`
+  const files = [{relpath: `${getArtifactPath(tag)}.json`, contents: meta}]
+
+  await pushCommit({cwd, to: '.', branch: 'meta', msg, files, gitCommitterEmail, gitCommitterName, basicAuth})
+})
+
+// Remove a meta artifact for a given tag from the meta branch.
+// Returns true if something was removed and pushed.
+const removeMetaArtifact = async (pkg, {tag, version, reason}) => {
+  const {config: {meta: {type}, ghBasicAuth: basicAuth, gitCommitterName, gitCommitterEmail}} = pkg
+  // Asset-mode meta lives inside the GH release; deleting the release already removes it.
+  if (type === null || isAssetMode(type)) return false
+
+  const cwd = pkg.ctx?.git?.root || pkg.absPath
+  const metaCwd = await fetchRepo({cwd, branch: 'meta', basicAuth})
+  const artifactPath = getArtifactPath(tag)
+  const candidates = [
+    path.resolve(metaCwd, `${artifactPath}.json`),
+    path.resolve(metaCwd, artifactPath),
+  ]
+  let removed = false
+  for (const p of candidates) {
+    if (fs.existsSync(p)) {
+      await fs.remove(p)
+      removed = true
+    }
+  }
+  if (removed) {
+    await pushCommit({cwd, branch: 'meta', msg: `chore: ${reason} ${pkg.name} ${version}`, gitCommitterName, gitCommitterEmail, basicAuth})
+  }
+  return removed
+}
+
+export default {
+  name: 'meta',
+  when:    (pkg) => pkg.config.meta.type !== null,
+  prepare: prepareMeta,
+  run:     pushMetaBranch,
+  undo:    removeMetaArtifact,
+}

package/src/main/js/processor/publishers/npm.js

@@ -0,0 +1,15 @@
+import {npmPublish} from '../api/npm.js'
+
+// Domain predicate: does this package get published to npm?
+// Private packages and those with `npmPublish: false` are git-tag-only —
+// the tag itself IS the release.
+export const isNpmPublished = (pkg) =>
+  !pkg.manifest.private && pkg.config.npmPublish !== false
+
+export default {
+  name:     'npm',
+  when:     isNpmPublished,
+  run:      (pkg) => npmPublish(pkg),
+  snapshot: true,
+  // No undo: npm unpublish is unreliable (time-limited, cached by mirrors).
+}