semantic-release-vsce 6.0.3 → 6.0.5

package/README.md

@@ -158,17 +158,26 @@ name: release
 
 on:
   push:
-    branches: [master]
+    branches:
+      - master
+
+permissions:
+  contents: read # for checkout
 
 jobs:
   release:
     runs-on: ubuntu-latest
+    permissions:
+      contents: write # to be able to publish a GitHub release
+      issues: write # to be able to comment on released issues
+      pull-requests: write # to be able to comment on released pull requests
     steps:
-      - uses: actions/checkout@v3
-      - uses: actions/setup-node@v3
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
         with:
-          node-version: 16
+          node-version: 22
       - run: npm ci
+      - run: npm audit signatures
       - run: npx semantic-release
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -228,13 +237,13 @@ jobs:
          'semantic-release-vsce',
          {
            packageVsix: false,
-           publishPackagePath: '*/*.vsix',
+           publishPackagePath: '*.vsix',
          },
        ],
        [
          '@semantic-release/github',
          {
-           assets: '*/*.vsix',
+           assets: '*.vsix',
          },
        ],
      ],
@@ -251,7 +260,11 @@ name: ci
 
 on:
   push:
-    branches: [master]
+    branches:
+      - master
+
+permissions:
+  contents: read # for checkout
 
 jobs:
   build:
@@ -276,6 +289,9 @@ jobs:
           - os: ubuntu-latest
             target: alpine-x64
             npm_config_arch: x64
+          - os: ubuntu-latest
+            target: alpine-arm64
+            npm_config_arch: arm64
           - os: macos-latest
             target: darwin-x64
             npm_config_arch: x64
@@ -286,22 +302,18 @@ jobs:
             target: universal
     runs-on: ${{ matrix.os }}
     steps:
-      - uses: actions/checkout@v3
-
-      - uses: actions/setup-node@v3
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
         with:
-          node-version: 16
-
+          node-version: 22
       - if: matrix.target != 'universal'
         name: Install dependencies (with binaries)
         run: npm ci
         env:
           npm_config_arch: ${{ matrix.npm_config_arch }}
-
       - if: matrix.target == 'universal'
         name: Install dependencies (without binaries)
         run: npm ci
-
       - run: npx semantic-release --extends ./package.release.config.js
         env:
           VSCE_TARGET: ${{ matrix.target }}
@@ -311,8 +323,7 @@ jobs:
           VSCE_PAT: ${{ secrets.VSCE_PAT }}
           # In case you want to publish to Open VSX Registry
           OVSX_PAT: ${{ secrets.OVSX_PAT }}
-
-      - uses: actions/upload-artifact@v3
+      - uses: actions/upload-artifact@v4
         with:
           name: ${{ matrix.target }}
           path: '*.vsix'
@@ -320,17 +331,20 @@ jobs:
   release:
     runs-on: ubuntu-latest
     needs: build
+    permissions:
+      contents: write # to be able to publish a GitHub release
+      issues: write # to be able to comment on released issues
+      pull-requests: write # to be able to comment on released pull requests
     steps:
-      - uses: actions/checkout@v3
-
-      - uses: actions/setup-node@v3
+      - uses: actions/checkout@v4
+      - uses: actions/download-artifact@v4
         with:
-          node-version: 16
-
+          merge-multiple: true
+      - uses: actions/setup-node@v4
+        with:
+          node-version: 22
       - run: npm ci
-
-      - uses: actions/download-artifact@v3
-
+      - run: npm audit signatures
       - run: npx semantic-release --extends ./publish.release.config.js
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -347,26 +361,31 @@ name: release
 
 on:
   push:
-    branches: [master]
+    branches:
+      - master
+
+permissions:
+  contents: read # for checkout
 
 jobs:
   release:
     runs-on: ubuntu-latest
+    permissions:
+      contents: write # to be able to publish a GitHub release
+      issues: write # to be able to comment on released issues
+      pull-requests: write # to be able to comment on released pull requests
     steps:
-      - uses: actions/checkout@v3
-      - uses: actions/setup-node@v3
-        with:
-          node-version: 16
-      - run: npm ci
-
-      # Log into Azure CLI to get VSCE credentials
-      - name: Azure login
-        uses: azure/login@v2
+      - uses: actions/checkout@v4
+      - uses: azure/login@v2
         with:
           client-id: ${{ secrets.AZURE_CLIENT_ID }}
           tenant-id: ${{ secrets.AZURE_TENANT_ID }}
           subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
-
+      - uses: actions/setup-node@v4
+        with:
+          node-version: 22
+      - run: npm ci
+      - run: npm audit signatures
       - run: npx semantic-release
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

package/index.js

@@ -1,6 +1,6 @@
 // @ts-check
 
-import { join } from 'node:path';
+import path from 'node:path';
 import { prepare as vscePrepare } from './lib/prepare.js';
 import { publish as vscePublish } from './lib/publish.js';
 import { verify as vsceVerify } from './lib/verify.js';
@@ -60,7 +60,7 @@ export async function publish(
 
   if (pluginConfig?.publishPackagePath) {
     // Expand glob
-    const glob = (await import('glob')).glob;
+    const { glob } = await import('glob');
     packagePath = await glob(pluginConfig.publishPackagePath, { cwd });
   }
 
@@ -68,5 +68,7 @@ export async function publish(
 }
 
 function getPackageRoot(pluginConfig, cwd) {
-  return pluginConfig.packageRoot ? join(cwd, pluginConfig.packageRoot) : cwd;
+  return pluginConfig.packageRoot
+    ? path.join(cwd, pluginConfig.packageRoot)
+    : cwd;
 }

package/lib/prepare.js

@@ -2,7 +2,7 @@
 
 import { execa } from 'execa';
 import { readJson } from 'fs-extra/esm';
-import { join } from 'node:path';
+import path from 'node:path';
 import process from 'node:process';
 import { isOvsxPublishEnabled, isTargetEnabled } from './utils.js';
 
@@ -25,12 +25,10 @@ export async function prepare(version, packageVsix, logger, cwd) {
     if (typeof packageVsix === 'string') {
       packagePath = packageVsix;
     } else {
-      const { name } = await readJson(join(cwd, './package.json'));
-      if (isTargetEnabled()) {
-        packagePath = `${name}-${process.env.VSCE_TARGET}-${version}.vsix`;
-      } else {
-        packagePath = `${name}-${version}.vsix`;
-      }
+      const { name } = await readJson(path.join(cwd, './package.json'));
+      packagePath = isTargetEnabled()
+        ? `${name}-${process.env.VSCE_TARGET}-${version}.vsix`
+        : `${name}-${version}.vsix`;
     }
 
     logger.log(`Packaging version ${version} to ${packagePath}`);

package/lib/publish.js

@@ -2,7 +2,7 @@
 
 import { execa } from 'execa';
 import { readJson } from 'fs-extra/esm';
-import { join } from 'node:path';
+import path from 'node:path';
 import process from 'node:process';
 import {
   isAzureCredentialEnabled,
@@ -12,7 +12,7 @@ import {
 } from './utils.js';
 
 export async function publish(version, packagePath, logger, cwd) {
-  const { publisher, name } = await readJson(join(cwd, './package.json'));
+  const { publisher, name } = await readJson(path.join(cwd, './package.json'));
 
   const options = ['publish'];
 

package/lib/utils.js

@@ -2,7 +2,7 @@
 
 import process from 'node:process';
 
-function envToBoolean(name) {
+function environmentToBoolean(name) {
   return process.env[name] === 'true' || process.env[name] === '1';
 }
 
@@ -11,7 +11,7 @@ export function isOvsxPublishEnabled() {
 }
 
 export function isAzureCredentialEnabled() {
-  return envToBoolean('VSCE_AZURE_CREDENTIAL');
+  return environmentToBoolean('VSCE_AZURE_CREDENTIAL');
 }
 
 export function isVscePublishEnabled() {

package/lib/verify-ovsx-auth.js

@@ -16,9 +16,9 @@ export async function verifyOvsxAuth(logger, cwd) {
 
   try {
     await execa('ovsx', ['verify-pat'], { preferLocal: true, cwd });
-  } catch (e) {
+  } catch (error) {
     throw new SemanticReleaseError(
-      `Invalid ovsx personal access token. Additional information:\n\n${e}`,
+      `Invalid ovsx personal access token. Additional information:\n\n${error}`,
       'EINVALIDOVSXPAT',
     );
   }

package/lib/{verify-pkg.js → verify-package.js}

@@ -2,10 +2,10 @@
 
 import SemanticReleaseError from '@semantic-release/error';
 import { pathExists, readJson } from 'fs-extra/esm';
-import { join } from 'node:path';
+import path from 'node:path';
 
-export async function verifyPkg(cwd) {
-  const packagePath = join(cwd, './package.json');
+export async function verifyPackage(cwd) {
+  const packagePath = path.join(cwd, './package.json');
 
   if (!(await pathExists(packagePath))) {
     throw new SemanticReleaseError(

package/lib/verify-target.js

@@ -17,7 +17,8 @@ export async function verifyTarget() {
   }
 
   if (process.env.VSCE_TARGET !== 'universal') {
-    const targets = (await import('@vscode/vsce/out/package.js')).Targets;
+    const vscePackage = await import('@vscode/vsce/out/package.js');
+    const targets = vscePackage.Targets;
 
     // Throw if the target is not supported
     if (!targets.has(process.env.VSCE_TARGET)) {

package/lib/verify-vsce-auth.js

@@ -23,16 +23,16 @@ export async function verifyVsceAuth(logger, cwd) {
     );
   }
 
-  const vsceArgs = ['verify-pat'];
+  const vsceArguments = ['verify-pat'];
   if (azureCredential) {
-    vsceArgs.push('--azure-credential');
+    vsceArguments.push('--azure-credential');
   }
 
   try {
-    await execa('vsce', vsceArgs, { preferLocal: true, cwd });
-  } catch (e) {
+    await execa('vsce', vsceArguments, { preferLocal: true, cwd });
+  } catch (error) {
     throw new SemanticReleaseError(
-      `Invalid vsce personal access token or azure credential. Additional information:\n\n${e}`,
+      `Invalid vsce personal access token or azure credential. Additional information:\n\n${error}`,
       'EINVALIDVSCEPAT',
     );
   }

package/lib/verify.js

@@ -3,12 +3,12 @@
 import SemanticReleaseError from '@semantic-release/error';
 import { isOvsxPublishEnabled, isVscePublishEnabled } from './utils.js';
 import { verifyOvsxAuth } from './verify-ovsx-auth.js';
-import { verifyPkg } from './verify-pkg.js';
+import { verifyPackage } from './verify-package.js';
 import { verifyTarget } from './verify-target.js';
 import { verifyVsceAuth } from './verify-vsce-auth.js';
 
 export async function verify(pluginConfig, { logger, cwd }) {
-  await verifyPkg(cwd);
+  await verifyPackage(cwd);
   await verifyTarget();
 
   if (pluginConfig?.publish !== false) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "semantic-release-vsce",
-  "version": "6.0.3",
+  "version": "6.0.5",
   "description": "semantic-release plugin to package and publish VS Code extensions",
   "license": "MIT",
   "type": "module",
@@ -66,6 +66,7 @@
     "c8": "^10.1.3",
     "conventional-changelog-conventionalcommits": "^8.0.0",
     "eslint": "^9.12.0",
+    "eslint-plugin-unicorn": "^56.0.1",
     "esmock": "^2.6.9",
     "husky": "^9.0.11",
     "installed-check": "^9.0.0",