semantic-release-vsce 5.0.18 → 5.1.0

package/.github/workflows/dependabot-auto-merge.yaml

@@ -0,0 +1,22 @@
+name: dependabot-auto-merge
+on: pull_request
+
+permissions:
+  contents: write
+
+jobs:
+  dependabot-auto-merge:
+    runs-on: ubuntu-latest
+    if: github.actor == 'dependabot[bot]'
+    steps:
+      - name: Get Dependabot metadata
+        id: metadata
+        uses: dependabot/fetch-metadata@v1
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+      - name: Enable auto-merge for Dependabot PRs
+        if: steps.metadata.outputs.dependency-type == 'direct:development' && (steps.metadata.outputs.update-type == 'version-update:semver-minor' || steps.metadata.outputs.update-type == 'version-update:semver-patch')
+        run: gh pr merge --auto --squash "$PR_URL"
+        env:
+          PR_URL: ${{ github.event.pull_request.html_url }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

package/README.md

@@ -62,13 +62,14 @@ The plugin can be configured in the [**semantic-release** configuration file](ht
 | Option        | Type                  | Description                                                                                                                        |
 | ------------- | --------------------- | ---------------------------------------------------------------------------------------------------------------------------------- |
 | `packageVsix` | `boolean` or `string` | If set to `true`, the plugin will generate a `.vsix` file. If is a string, it will be used as value for `--out` of `vsce package`. |
+| `publish`     | `boolean`             | The plugin will publish the package unless this option is set to `false`, in which case it will only package the extension `vsix`.        |
 
 ### Environment Variables
 
-| Variable   | Description                                                                             |
-| ---------- | --------------------------------------------------------------------------------------- |
-| `VSCE_PAT` | **Required**. The personal access token to publish the extension of VS Code Marketplace |
-| `OVSX_PAT` | _Optional_. The personal access token to push to OpenVSX                                |
+| Variable   | Description                                                                                                                  |
+| ---------- | ---------------------------------------------------------------------------------------------------------------------------- |
+| `VSCE_PAT` | _**Required**_ unless `publish` is set to `false`. The personal access token to publish the extension of VS Code Marketplace |
+| `OVSX_PAT` | _Optional_. The personal access token to push to OpenVSX                                                                     |
 
 ### Publishing to OpenVSX
 

package/index.js

@@ -7,7 +7,7 @@ let prepared = false;
 let packagePath;
 
 async function verifyConditions (pluginConfig, { logger }) {
-  await verifyVsce(logger);
+  await verifyVsce(logger, pluginConfig);
   verified = true;
 }
 
@@ -30,6 +30,12 @@ async function publish (pluginConfig, { nextRelease: { version }, logger }) {
     // BC: prior to semantic-release v15 prepare was part of publish
     packagePath = await vscePrepare(version, pluginConfig.packageVsix, logger);
   }
+
+  // If publishing is disabled, return early.
+  if (pluginConfig?.publish === false) {
+    return;
+  }
+
   return vscePublish(version, packagePath, logger);
 }
 

package/lib/verify.js

@@ -2,10 +2,11 @@ const verifyPkg = require('./verify-pkg');
 const verifyAuth = require('./verify-auth');
 const verifyOvsxAuth = require('./verify-ovsx-auth');
 
-module.exports = async logger => {
+module.exports = async (logger, pluginConfig) => {
   await verifyPkg();
 
-  await verifyAuth(logger);
-
-  await verifyOvsxAuth(logger);
+  if (pluginConfig?.publish !== false) {
+    await verifyAuth(logger);
+    await verifyOvsxAuth(logger);
+  }
 };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "semantic-release-vsce",
-  "version": "5.0.18",
+  "version": "5.1.0",
   "description": "semantic-release plugin to package and publish VS Code extensions",
   "license": "MIT",
   "engines": {

package/test/index.test.js

@@ -139,3 +139,18 @@ test('publish that is already verified & prepared', async t => {
     semanticReleasePayload.logger
   ]);
 });
+
+test('it does not publish the package if publishing is disabled', async t => {
+  const { verifyVsceStub, vscePrepareStub, vscePublishStub } = t.context.stubs;
+  const { prepare, publish, verifyConditions } = proxyquire('../index.js', {
+    './lib/verify': verifyVsceStub,
+    './lib/publish': vscePublishStub,
+    './lib/prepare': vscePrepareStub
+  });
+
+  await verifyConditions({ ...pluginConfig, publish: false }, semanticReleasePayload);
+  await prepare({ ...pluginConfig, publish: false }, semanticReleasePayload);
+  await publish({ ...pluginConfig, publish: false }, semanticReleasePayload);
+
+  t.true(vscePublishStub.notCalled);
+});

package/test/verify.test.js

@@ -32,3 +32,21 @@ test('rejects with verify-pkg', async t => {
 
   await t.throwsAsync(() => verify(logger));
 });
+
+test('is does not verify the auth tokens if publishing is disabled', async t => {
+  const stubs = {
+    verifyPkgStub: sinon.stub().resolves(),
+    verifyAuthStub: sinon.stub().resolves(),
+    verifyOvsxAuthStub: sinon.stub().resolves()
+  };
+  const verify = proxyquire('../lib/verify', {
+    './verify-pkg': stubs.verifyPkgStub,
+    './verify-auth': stubs.verifyAuthStub,
+    './verify-ovsx-auth': stubs.verifyOvsxAuthStub
+  });
+
+  await verify(logger, { publish: false });
+
+  t.true(stubs.verifyAuthStub.notCalled);
+  t.true(stubs.verifyOvsxAuthStub.notCalled);
+});