zx-bulk-release 2.12.1 → 2.13.0-beta.0

package/CHANGELOG.md

@@ -1,3 +1,9 @@
+## [2.12.2](https://github.com/semrel-extra/zx-bulk-release/compare/v2.12.1...v2.12.2) (2023-11-20)
+
+### Fixes & improvements
+* fix: fetch latest npm manifest by default ([e7e6c0d](https://github.com/semrel-extra/zx-bulk-release/commit/e7e6c0dfe0aef34c0cf6a6936cca1057aef8c746))
+* fix: fix `pure` tag parser ([41b961d](https://github.com/semrel-extra/zx-bulk-release/commit/41b961d7eed99061fcc851b7b8ed7fc72813ef46))
+
 ## [2.12.1](https://github.com/semrel-extra/zx-bulk-release/compare/v2.12.0...v2.12.1) (2023-11-02)
 
 ### Fixes & improvements

package/README.md

@@ -25,8 +25,8 @@
 * macOS / linux
 * Node.js >= 16.0.0
 * npm >=7 / yarn >= 3
-* wget
-* tar
+* ~~wget~~
+* ~~tar~~
 * git
 
 ## Usage

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "zx-bulk-release",
   "alias": "bulk-release",
-  "version": "2.12.1",
+  "version": "2.13.0-beta.0",
   "description": "zx-based alternative for multi-semantic-release",
   "type": "module",
   "exports": {
@@ -20,18 +20,20 @@
   "scripts": {
     "test": "NPM_REGISTRY='http://localhost:4873' NPM_TOKEN='mRv6eIuiaggXGb9ZDFCtBA==' c8 uvu ./src/test -i fixtures -i utils && c8 report -r lcov",
     "test:it": "NPM_REGISTRY='http://localhost:4873' NPM_TOKEN='mRv6eIuiaggXGb9ZDFCtBA==' node ./src/test/js/integration.test.js",
-    "docs": "mkdir -p docs && cp ./README.md ./docs/README.md"
+    "docs": "mkdir -p docs && cp ./README.md ./docs/README.md",
+    "publish:beta": "npm publish --tag beta --no-git-tag-version"
   },
   "dependencies": {
     "@semrel-extra/topo": "^1.14.0",
     "cosmiconfig": "^8.3.6",
     "queuefy": "^1.2.1",
-    "zx-extra": "^2.5.5"
+    "tar-stream": "^3.1.6",
+    "zx-extra": "^2.6.4"
   },
   "devDependencies": {
     "c8": "^8.0.1",
     "uvu": "^0.5.6",
-    "verdaccio": "^5.26.3"
+    "verdaccio": "^5.27.0"
   },
   "publishConfig": {
     "access": "public"

package/src/main/js/gh.js

@@ -23,8 +23,15 @@ export const ghRelease = async (pkg) => {
     body: releaseNotes
   })
 
-  const {stdout} = await $.o({cwd})`curl -H 'Authorization: token ${ghToken}' -H 'Accept: application/vnd.github.v3+json' https://api.github.com/repos/${repoName}/releases -d ${releaseData}`
-  const res = JSON.parse(stdout.toString().trim())
+  const res = await (await fetch(`https://api.github.com/repos/${repoName}/releases`, {
+    method: 'POST',
+    headers: {
+      Accept: 'application/vnd.github.v3+json',
+      Authorization: `token ${ghToken}`,
+      'X-GitHub-Api-Version': '2022-11-28'
+    },
+    body: releaseData
+  })).json()
 
   if (ghAssets) {
     // Lol. GH API literally returns pseudourl `...releases/110103594/assets{?name,label}` as shown in the docs
@@ -86,7 +93,17 @@ export const ghUploadAssets = async ({ghToken, ghAssets, uploadUrl, cwd}) => {
 
   return Promise.all(ghAssets.map(async ({name}) => {
     const url = `${uploadUrl}?name=${name}`
-    return $.o({cwd: temp})`curl -H 'Authorization: token ${ghToken}' -H 'Accept: application/vnd.github.v3+json' -H 'Content-Type: application/octet-stream' ${url} --data-binary '@${name}'`
+    // return $.o({cwd: temp})`curl -H 'Authorization: token ${ghToken}' -H 'Accept: application/vnd.github.v3+json' -H 'Content-Type: application/octet-stream' ${url} --data-binary '@${name}'`
+    return fetch(url, {
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/octet-stream',
+        Accept: 'application/vnd.github.v3+json',
+        Authorization: `token ${ghToken}`,
+        'X-GitHub-Api-Version': '2022-11-28'
+      },
+      body: await fs.readFile(path.join(temp, name))
+    })
   }))
 }
 

package/src/main/js/meta.js

@@ -136,7 +136,7 @@ const pure = {
     }
 
     const [n, o = ''] = prerelease.reverse()
-    const name = o === 'x' ? n : `@${o}/${n}`
+    const name = (!o || o === 'x') ? n : `@${o}/${n}`
     const version = tag.slice(0, -1 - n.length - (o ? o.length + 1 : 0))
 
     return {format: this.name, ref: tag, name, version}

package/src/main/js/npm.js

@@ -1,5 +1,8 @@
 import {log} from './log.js'
 import {$, fs, INI, fetch, tempy} from 'zx-extra'
+import {unzip} from './util.js'
+
+// https://stackoverflow.com/questions/19978452/how-to-extract-single-file-from-tar-gz-archive-using-node-js
 
 export const fetchPkg = async (pkg) => {
   const id = `${pkg.name}@${pkg.version}`
@@ -10,9 +13,20 @@ export const fetchPkg = async (pkg) => {
     const {npmRegistry, npmToken, npmConfig} = pkg.config
     const tarballUrl = getTarballUrl(npmRegistry, pkg.name, pkg.version)
     const bearerToken = getBearerToken(npmRegistry, npmToken, npmConfig)
-    const authorization = bearerToken ? `--header='Authorization: ${bearerToken}'` : ''
+    const headers = bearerToken ? {Authorization: bearerToken} : {}
     log({pkg})(`fetching '${id}' from ${npmRegistry}`)
-    await $.raw`wget --timeout=15 --connect-timeout=5 ${authorization} -qO- ${tarballUrl} | tar -xvz --strip-components=1 --exclude='package.json' -C ${cwd}`
+
+    // https://stackoverflow.com/questions/46946380/fetch-api-request-timeout
+    const controller = new AbortController()
+    const timeoutId = setTimeout(() => controller.abort(), 15_000)
+    const tarball = await fetch(tarballUrl, {
+      method: 'GET',
+      headers,
+      signal: controller.signal
+    })
+    clearTimeout(timeoutId)
+
+    await unzip(tarball.body, {cwd, strip: 1, omit: ['package.json']})
 
     log({pkg})(`fetch duration '${id}': ${Date.now() - now}`)
     pkg.fetched = true
@@ -24,7 +38,7 @@ export const fetchPkg = async (pkg) => {
 export const fetchManifest = async (pkg, {nothrow} = {}) => {
   const {npmRegistry, npmToken, npmConfig} = pkg.config
   const bearerToken = getBearerToken(npmRegistry, npmToken, npmConfig)
-  const url = getManifestUrl(npmRegistry, pkg.name, pkg.version)
+  const url = getManifestUrl(npmRegistry, pkg.name, pkg.version || 'latest')
   const reqOpts = bearerToken ? {headers: {authorization: bearerToken}} : {}
 
   try {

package/src/main/js/util.js

@@ -1,3 +1,8 @@
+import zlib from 'node:zlib'
+import fs from 'node:fs/promises'
+import path from 'node:path'
+import tar from 'tar-stream'
+
 export const tpl = (str, context) =>
   str?.replace(/\$\{\{\s*([.a-z0-9]+)\s*}}/gi, (matched, key) => get(context, key) ?? '')
 
@@ -60,3 +65,50 @@ export const getCommonPath = files => {
 
   return p.slice(0, p.lastIndexOf('/') + 1)
 }
+
+// https://stackoverflow.com/questions/19978452/how-to-extract-single-file-from-tar-gz-archive-using-node-js
+export const unzip = (stream, {pick, omit, cwd = process.cwd(), strip = 0} = {}) => new Promise((resolve, reject) => {
+  const extract = tar.extract()
+  const results = []
+
+  extract.on('entry', ({name, type}, stream, cb)=>  {
+    const _name = strip ? name.split('/').slice(strip).join('/') : name
+    const fp = path.join(cwd, _name)
+
+    let data = ''
+    stream.on('data', (chunk) => {
+      if (type !== 'file') {
+        return
+      }
+      if (omit?.includes(_name)) {
+        return
+      }
+      if (pick && !pick.includes(_name)) {
+        return
+      }
+
+      data +=chunk
+    })
+
+    stream.on('end', () => {
+      if (data) {
+        results.push(
+          fs.mkdir(path.dirname(fp), {recursive: true})
+            .then(() => fs.writeFile(fp, data, 'utf8'))
+        )
+      }
+      cb()
+    })
+
+    stream.resume()
+  })
+
+  extract.on('finish', ()=> {
+    resolve(Promise.all(results))
+  })
+
+  // fs.createReadStream('archive.tar.gz')
+  stream
+    .pipe(zlib.createGunzip())
+    .pipe(extract)
+})