ump 3.5.3 → 4.0.0

package/README.md

@@ -21,6 +21,7 @@ For programmatic use (i.e. requiring it as a module in a node.js script), instal
   * `-m`, `--message`:      Message to be used for the commit and tag when `-r` or `-p` is set. Default: Release %s
   * `-r`, `--release`:      If set, runs `git add` and `git commit` for the bumped files and pushes a tagged release.
   * `-p`, `--publish`:      If set, automatically runs with the `--release` flag and then publishes the release to npm.
+  * `-o`, `--otp`:          One-time password for 2FA authentication when publishing to npm.
   * `-a`, `--autostash`:    Default: `true`. Whether to use the `--autostash` flag when running `git pull`
   * `-x`, `--skip-pull`:    If set, skips executing the initial git pull command during a release/publish task. USE WITH CAUTION.
   * `-t`, `--tag-prefix`:   Optional prefix for the version in git tag. (e.g. With `--message "Release %s" --tag-prefix version`, The tag might look like "version 1.2.3" and its commit message "Release version 1.2.3")

package/lib/1password.js

@@ -0,0 +1,27 @@
+import sdk from '@1password/sdk';
+
+
+export const has1PasswordVars = () => {
+  return process.env.OP_NPM_VAULT_ID && process.env.OP_NPM_ITEM_ID && process.env.OP_SERVICE_ACCOUNT_TOKEN;
+};
+
+// Creates an authenticated client.
+export const getTotp = async() => {
+  const vaultId = process.env.OP_NPM_VAULT_ID;
+  const itemId = process.env.OP_NPM_ITEM_ID;
+
+  const client = await sdk.createClient({
+    auth: process.env.OP_SERVICE_ACCOUNT_TOKEN,
+  // Set the following to your own integration name and version.
+    integrationName: 'ump',
+    integrationVersion: 'v1.0.0',
+  });
+
+  const item = await client.items.get(vaultId, itemId);
+
+  let field = item.fields.find((element) => {
+    return element.fieldType === sdk.ItemFieldType.Totp;
+  });
+
+  return field.details.content?.code;
+};

package/lib/commands.js

@@ -7,6 +7,7 @@ import childProcess from 'child_process';
 import {utils, peach} from './utils.js';
 import {config} from './config.js';
 import {log} from './log.js';
+import {has1PasswordVars, getTotp} from './1password.js';
 
 const exec = promisify(childProcess.exec);
 
@@ -19,7 +20,7 @@ const getFlags = (obj) => {
 
     return ` --${key} ${val}`;
   })
-  .filter((_) => !!_)
+  .filter(Boolean)
   .join('');
 };
 
@@ -174,7 +175,24 @@ const commands = {
             .then(() => {
               log.color(`Executed ${command}`, 'cyan');
             })
-            .catch(utils.error);
+            .catch(async(err) => {
+              if (command.includes('npm publish') && err.message.includes('npm error code EOTP')) {
+                if (has1PasswordVars()) {
+                  const flags = getFlags(opts.publishFlags);
+                  const oneTimePassword = await getTotp();
+
+                  log.color('npm publish command failed with EOTP error', 'red');
+                  log.color('Trying again with one-time password', 'cyan');
+
+                  return exec(`npm publish${flags} --otp=${oneTimePassword}`);
+                }
+
+                log.color('One-time password is not set', 'red');
+                log.color('Try using the --otp option to provide a one-time password', 'cyan');
+              }
+
+              utils.error(err);
+            });
           });
 
           return ret;

package/lib/config.js

@@ -86,6 +86,11 @@ Object.assign(config, {
       description: 'If set, automatically runs with the `--release` flag and then publishes the release to npm.',
       type: 'boolean',
     },
+    o: {
+      alias: 'otp',
+      description: 'One-time password for 2FA authentication when publishing to npm.',
+      type: 'string',
+    },
     a: {
       alias: 'autostash',
       description: 'Whether to use the --autostash flag when running `git pull`',

package/lib/log.js

@@ -1,8 +1,8 @@
-import chalk from 'chalk';
+import {styleText} from 'node:util';
 
 const log = {
   color: function(str, color) {
-    const txt = color ? chalk[color](str) : str;
+    const txt = color ? styleText(color, str) : str;
 
     console.log(txt);
   },
@@ -10,9 +10,9 @@ const log = {
     const files = opts.files.join(', ');
 
     console.log('');
-    console.log(chalk.bold('SET FILES:\t'), chalk.yellow(files));
-    console.log(chalk.bold('OLD VERSION:\t'), chalk.yellow(opts.version));
-    console.log(chalk.bold('NEW VERSION:\t'), chalk.yellow(opts.newVersion));
+    console.log(styleText('bold', 'SET FILES:\t'), styleText('yellow', files));
+    console.log(styleText('bold', 'OLD VERSION:\t'), styleText('yellow', opts.version));
+    console.log(styleText('bold', 'NEW VERSION:\t'), styleText('yellow', opts.newVersion));
   },
   tasks: function(tasks) {
     console.log('\nAbout to execute the following:');
@@ -21,7 +21,7 @@ const log = {
     });
   },
   keyValue: function(key, value) {
-    console.log(chalk.dim(key), value);
+    console.log(styleText('dim', key), value);
   },
 };
 

package/lib/utils.js

@@ -4,7 +4,7 @@ import path from 'path';
 import fs from 'fs';
 import util from 'util';
 import {globSync} from 'glob';
-import chalk from 'chalk';
+import {styleText} from 'node:util';
 import rc from 'rc';
 import semver from 'semver';
 import {config} from './config.js';
@@ -118,10 +118,10 @@ const utils = {
 
     // Special case for no releaseType (user just types "ump")
     if (isErr === 'noRelease') {
-      console.log(chalk.yellow(chalk.bold('\nCURRENT VERSION:'), opts.version));
+      console.log(styleText(['yellow', 'bold'], '\nCURRENT VERSION:'));
     } else if (isErr) {
       // All other errors
-      console.log(chalk.red(`\n${config.messages[isErr]}` || config.messages[def]));
+      console.log(styleText('red', `\n${config.messages[isErr]}` || config.messages[def]));
 
       ['releaseType', 'sourceFile', 'version'].forEach((item) => {
         log.keyValue(item, opts[item]);

package/package.json

@@ -1,18 +1,18 @@
 {
   "name": "ump",
   "title": "ump",
-  "version": "3.5.3",
+  "version": "4.0.0",
   "description": "Bump without the B",
   "scripts": {
     "test": "npm run test:clean && npm run test:pre && npm run test:run",
     "test:clean": "rm -rf ./test/testarea",
     "test:pre": "npm run lint && mkdir -p \"./test/testarea\"",
-    "test:run": "node_modules/.bin/mocha --delay --reporter spec",
+    "test:run": "mocha --delay --reporter spec",
     "lint": "eslint *.js bin lib test"
   },
   "repository": {
     "type": "git",
-    "url": "git@github.com:kswedberg/ump.git"
+    "url": "git+ssh://git@github.com/kswedberg/ump.git"
   },
   "type": "module",
   "main": "ump.js",
@@ -25,25 +25,25 @@
     "url": "https://karlswedberg.com/"
   },
   "engines": {
-    "node": ">=14"
+    "node": ">=20.12.0"
   },
   "dependencies": {
-    "@inquirer/confirm": "^6.0.2",
-    "@inquirer/select": "^5.0.2",
-    "chalk": "^5.6.2",
+    "@1password/sdk": "^0.3.1",
+    "@inquirer/confirm": "^6.0.4",
+    "@inquirer/select": "^5.0.4",
     "fs-extra": "^11.3.2",
     "git-config": "^0.0.7",
-    "glob": "^13.0.0",
+    "glob": "^13.0.1",
     "rc": "^1.2.8",
-    "semver": "^7.7.3",
+    "semver": "^7.7.4",
     "update-notifier": "^7.3.1",
     "yargs": "^18.0.0"
   },
   "devDependencies": {
     "@types/mocha": "^10.0.10",
     "chai": "^6.2.1",
-    "eslint": "^9.39.1",
-    "eslint-config-kswedberg": "^7.2.2",
+    "eslint": "^9.39.2",
+    "eslint-config-kswedberg": "^7.2.3",
     "mocha": "^11.7.5"
   },
   "license": "MIT"

package/ump.js

@@ -39,9 +39,14 @@ const ump = async function(options) {
   }
 
 
+  opts.publishFlags = {};
+
+  if (opts.otp) {
+    opts.publishFlags.otp = opts.otp;
+  }
+
   // opts.inquire is set to true automatically for CLI usage
   if (opts.publish && opts.inquire && config.pkgName.startsWith('@')) {
-    opts.publishFlags = {};
     if (opts.access) {
       config.publishPrompt.default = opts.access;
     }