check-package-lock 1.14.0 → 1.14.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.github/workflows/ci.yml +1 -1
- package/.github/workflows/release.yml +115 -0
- package/.typo-ci.yml +6 -6
- package/package.json +1 -1
- package/test/test1/package-lock.json +3 -3
- package/test/test2/package-lock.json +3 -3
- package/test/test3/package-lock.json +4 -4
- package/.claude/settings.local.json +0 -10
package/.github/workflows/ci.yml
CHANGED
|
@@ -0,0 +1,115 @@
|
|
|
1
|
+
name: Release
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
push:
|
|
5
|
+
branches:
|
|
6
|
+
- main
|
|
7
|
+
|
|
8
|
+
concurrency:
|
|
9
|
+
group: ${{ github.workflow }}-${{ github.ref }}
|
|
10
|
+
cancel-in-progress: false
|
|
11
|
+
|
|
12
|
+
permissions:
|
|
13
|
+
contents: read
|
|
14
|
+
|
|
15
|
+
jobs:
|
|
16
|
+
test:
|
|
17
|
+
name: Test
|
|
18
|
+
runs-on: ubuntu-latest
|
|
19
|
+
environment: Development
|
|
20
|
+
# Skip if this push is the automated version bump commit
|
|
21
|
+
if: "!contains(github.event.head_commit.message, '[skip ci]')"
|
|
22
|
+
|
|
23
|
+
steps:
|
|
24
|
+
- name: Harden Runner
|
|
25
|
+
uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4
|
|
26
|
+
# https://github.com/step-security/harden-runner/releases
|
|
27
|
+
with:
|
|
28
|
+
egress-policy: audit
|
|
29
|
+
|
|
30
|
+
- name: Checkout repository
|
|
31
|
+
uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
|
|
32
|
+
# https://github.com/actions/checkout/releases
|
|
33
|
+
with:
|
|
34
|
+
persist-credentials: false
|
|
35
|
+
|
|
36
|
+
- name: Setup Node.js
|
|
37
|
+
uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
|
|
38
|
+
# https://github.com/actions/setup-node/releases
|
|
39
|
+
with:
|
|
40
|
+
node-version: "lts/*"
|
|
41
|
+
cache: npm
|
|
42
|
+
|
|
43
|
+
- name: Install dependencies
|
|
44
|
+
run: npm ci
|
|
45
|
+
|
|
46
|
+
- name: Lint
|
|
47
|
+
run: npm run eslint
|
|
48
|
+
|
|
49
|
+
- name: Run tests
|
|
50
|
+
run: npm test
|
|
51
|
+
|
|
52
|
+
release:
|
|
53
|
+
name: Publish and Release
|
|
54
|
+
needs: test
|
|
55
|
+
runs-on: ubuntu-latest
|
|
56
|
+
environment: Release
|
|
57
|
+
if: "!contains(github.event.head_commit.message, '[skip ci]')"
|
|
58
|
+
|
|
59
|
+
permissions:
|
|
60
|
+
contents: write # push version bump commit, create tags and GitHub releases
|
|
61
|
+
id-token: write # npm provenance attestation
|
|
62
|
+
|
|
63
|
+
steps:
|
|
64
|
+
- name: Harden Runner
|
|
65
|
+
uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4
|
|
66
|
+
# https://github.com/step-security/harden-runner/releases
|
|
67
|
+
with:
|
|
68
|
+
egress-policy: audit
|
|
69
|
+
|
|
70
|
+
- name: Checkout repository
|
|
71
|
+
uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
|
|
72
|
+
# https://github.com/actions/checkout/releases
|
|
73
|
+
with:
|
|
74
|
+
# persist-credentials needed to push the version bump commit back
|
|
75
|
+
persist-credentials: true
|
|
76
|
+
token: ${{ secrets.GITHUB_TOKEN }}
|
|
77
|
+
|
|
78
|
+
- name: Setup Node.js
|
|
79
|
+
uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
|
|
80
|
+
# https://github.com/actions/setup-node/releases
|
|
81
|
+
with:
|
|
82
|
+
node-version: "lts/*"
|
|
83
|
+
cache: npm
|
|
84
|
+
registry-url: "https://registry.npmjs.org"
|
|
85
|
+
|
|
86
|
+
- name: Install dependencies
|
|
87
|
+
run: npm ci
|
|
88
|
+
|
|
89
|
+
- name: Configure git
|
|
90
|
+
run: |
|
|
91
|
+
git config user.name "github-actions[bot]"
|
|
92
|
+
git config user.email "github-actions[bot]@users.noreply.github.com"
|
|
93
|
+
|
|
94
|
+
- name: Bump patch version
|
|
95
|
+
id: bump
|
|
96
|
+
run: |
|
|
97
|
+
npm version patch -m "chore: release %s [skip ci]"
|
|
98
|
+
VERSION=$(node -p "require('./package.json').version")
|
|
99
|
+
echo "version=v${VERSION}" >> $GITHUB_OUTPUT
|
|
100
|
+
|
|
101
|
+
- name: Push version bump
|
|
102
|
+
run: git push --follow-tags
|
|
103
|
+
|
|
104
|
+
- name: Publish to npm
|
|
105
|
+
run: npm publish --provenance --access public
|
|
106
|
+
|
|
107
|
+
- name: Create GitHub release
|
|
108
|
+
# zizmor: ignore[template-injection] VERSION is passed as env var, not interpolated into shell
|
|
109
|
+
run: |
|
|
110
|
+
gh release create "$VERSION" \
|
|
111
|
+
--title "$VERSION" \
|
|
112
|
+
--generate-notes
|
|
113
|
+
env:
|
|
114
|
+
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
115
|
+
VERSION: ${{ steps.bump.outputs.version }}
|
package/.typo-ci.yml
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
|
-
dictionaries:
|
|
2
|
-
- en
|
|
3
|
-
|
|
4
|
-
excluded_words:
|
|
5
|
-
- endofline
|
|
6
|
-
- sep
|
|
1
|
+
dictionaries:
|
|
2
|
+
- en
|
|
3
|
+
|
|
4
|
+
excluded_words:
|
|
5
|
+
- endofline
|
|
6
|
+
- sep
|
package/package.json
CHANGED
|
@@ -1,3 +1,3 @@
|
|
|
1
|
-
{
|
|
2
|
-
"resolved": "http://registry.npmjs.org/blablabla"
|
|
3
|
-
}
|
|
1
|
+
{
|
|
2
|
+
"resolved": "http://registry.npmjs.org/blablabla"
|
|
3
|
+
}
|
|
@@ -1,3 +1,3 @@
|
|
|
1
|
-
{
|
|
2
|
-
"resolved": "https://registry.npmjs.org/blablabla"
|
|
3
|
-
}
|
|
1
|
+
{
|
|
2
|
+
"resolved": "https://registry.npmjs.org/blablabla"
|
|
3
|
+
}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
{
|
|
2
|
-
"resolved": "https://registry.npmjs.org/blablabla",
|
|
3
|
-
"resolve": "http://registry.npmjs.org"
|
|
4
|
-
}
|
|
1
|
+
{
|
|
2
|
+
"resolved": "https://registry.npmjs.org/blablabla",
|
|
3
|
+
"resolve": "http://registry.npmjs.org"
|
|
4
|
+
}
|