Skip to content

Commit

Permalink
feat!: postinstall for dependabot template-oss PR
Browse files Browse the repository at this point in the history
BREAKING CHANGE: `pacote` is now compatible with the following semver range for node: `^14.17.0 || ^16.13.0 || >=18.0.0`
  • Loading branch information
lukekarrys committed Sep 21, 2022
1 parent e6cd12a commit 72e9be4
Show file tree
Hide file tree
Showing 14 changed files with 612 additions and 131 deletions.
2 changes: 1 addition & 1 deletion .github/dependabot.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ version: 2

updates:
- package-ecosystem: npm
directory: "/"
directory: /
schedule:
interval: daily
allow:
Expand Down
2 changes: 1 addition & 1 deletion .github/matchers/tap.json
Original file line number Diff line number Diff line change
Expand Up @@ -29,4 +29,4 @@
]
}
]
}
}
26 changes: 18 additions & 8 deletions .github/workflows/audit.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,18 +10,28 @@ on:

jobs:
audit:
name: Audit Dependencies
if: github.repository_owner == 'npm'
runs-on: ubuntu-latest
defaults:
run:
shell: bash
steps:
- uses: actions/checkout@v3
- name: Setup git user
- name: Checkout
uses: actions/checkout@v3
- name: Setup Git User
run: |
git config --global user.email "npm-cli+bot@github.com"
git config --global user.name "npm CLI robot"
- uses: actions/setup-node@v3
- name: Setup Node
uses: actions/setup-node@v3
with:
node-version: 16.x
- name: Update npm to latest
node-version: 18.x
- name: Install npm@latest
run: npm i --prefer-online --no-fund --no-audit -g npm@latest
- run: npm -v
- run: npm i --ignore-scripts --no-audit --no-fund --package-lock
- run: npm audit
- name: npm Version
run: npm -v
- name: Install Dependencies
run: npm i --ignore-scripts --no-audit --no-fund --package-lock
- name: Run Audit
run: npm audit
151 changes: 151 additions & 0 deletions .github/workflows/ci-release.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,151 @@
# This file is automatically added by @npmcli/template-oss. Do not edit.

name: CI - Release

on:
workflow_call:
inputs:
ref:
required: true
type: string
check-sha:
required: true
type: string

jobs:
lint-all:
name: Lint All
if: github.repository_owner == 'npm'
runs-on: ubuntu-latest
defaults:
run:
shell: bash
steps:
- name: Create Check
uses: LouisBrunner/checks-action@v1.3.1
id: check

with:
token: ${{ secrets.GITHUB_TOKEN }}
status: in_progress
name: Lint All
sha: ${{ inputs.check-sha }}
# XXX: this does not work when using the default GITHUB_TOKEN.
# Instead we post the main job url to the PR as a comment which
# will link to all the other checks. To work around this we would
# need to create a GitHub that would create on-demand tokens.
# https://github.com/LouisBrunner/checks-action/issues/18
# details_url:
- name: Checkout
uses: actions/checkout@v3
with:
ref: ${{ inputs.ref }}
- name: Setup Git User
run: |
git config --global user.email "npm-cli+bot@github.com"
git config --global user.name "npm CLI robot"
- name: Setup Node
uses: actions/setup-node@v3
with:
node-version: 18.x
- name: Install npm@latest
run: npm i --prefer-online --no-fund --no-audit -g npm@latest
- name: npm Version
run: npm -v
- name: Install Dependencies
run: npm i --ignore-scripts --no-audit --no-fund
- name: Lint
run: npm run lint --ignore-scripts
- name: Post Lint
run: npm run postlint --ignore-scripts
- name: Conclude Check
uses: LouisBrunner/checks-action@v1.3.1
if: always()
with:
token: ${{ secrets.GITHUB_TOKEN }}
conclusion: ${{ job.status }}
check_id: ${{ steps.check.outputs.check_id }}

test-all:
name: Test All - ${{ matrix.platform.name }} - ${{ matrix.node-version }}
if: github.repository_owner == 'npm'
strategy:
fail-fast: false
matrix:
platform:
- name: Linux
os: ubuntu-latest
shell: bash
- name: macOS
os: macos-latest
shell: bash
node-version:
- 14.17.0
- 14.x
- 16.13.0
- 16.x
- 18.0.0
- 18.x
runs-on: ${{ matrix.platform.os }}
defaults:
run:
shell: ${{ matrix.platform.shell }}
steps:
- name: Create Check
uses: LouisBrunner/checks-action@v1.3.1
id: check

with:
token: ${{ secrets.GITHUB_TOKEN }}
status: in_progress
name: Test All - ${{ matrix.platform.name }} - ${{ matrix.node-version }}
sha: ${{ inputs.check-sha }}
# XXX: this does not work when using the default GITHUB_TOKEN.
# Instead we post the main job url to the PR as a comment which
# will link to all the other checks. To work around this we would
# need to create a GitHub that would create on-demand tokens.
# https://github.com/LouisBrunner/checks-action/issues/18
# details_url:
- name: Checkout
uses: actions/checkout@v3
with:
ref: ${{ inputs.ref }}
- name: Setup Git User
run: |
git config --global user.email "npm-cli+bot@github.com"
git config --global user.name "npm CLI robot"
- name: Setup Node
uses: actions/setup-node@v3
with:
node-version: ${{ matrix.node-version }}
- name: Update Windows npm
# node 12 and 14 ship with npm@6, which is known to fail when updating itself in windows
if: matrix.platform.os == 'windows-latest' && (startsWith(matrix.node-version, '12.') || startsWith(matrix.node-version, '14.'))
run: |
curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz
tar xf npm-7.5.4.tgz
cd package
node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz
cd ..
rmdir /s /q package
- name: Install npm@7
if: startsWith(matrix.node-version, '10.')
run: npm i --prefer-online --no-fund --no-audit -g npm@7
- name: Install npm@latest
if: ${{ !startsWith(matrix.node-version, '10.') }}
run: npm i --prefer-online --no-fund --no-audit -g npm@latest
- name: npm Version
run: npm -v
- name: Install Dependencies
run: npm i --ignore-scripts --no-audit --no-fund
- name: Add Problem Matcher
run: echo "::add-matcher::.github/matchers/tap.json"
- name: Test
run: npm test --ignore-scripts -ws -iwr --if-present
- name: Conclude Check
uses: LouisBrunner/checks-action@v1.3.1
if: always()
with:
token: ${{ secrets.GITHUB_TOKEN }}
conclusion: ${{ job.status }}
check_id: ${{ steps.check.outputs.check_id }}
78 changes: 48 additions & 30 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -5,8 +5,6 @@ name: CI
on:
workflow_dispatch:
pull_request:
branches:
- '*'
push:
branches:
- main
Expand All @@ -17,52 +15,70 @@ on:

jobs:
lint:
name: Lint
if: github.repository_owner == 'npm'
runs-on: ubuntu-latest
defaults:
run:
shell: bash
steps:
- uses: actions/checkout@v3
- name: Setup git user
- name: Checkout
uses: actions/checkout@v3
- name: Setup Git User
run: |
git config --global user.email "npm-cli+bot@github.com"
git config --global user.name "npm CLI robot"
- uses: actions/setup-node@v3
- name: Setup Node
uses: actions/setup-node@v3
with:
node-version: 16.x
- name: Update npm to latest
node-version: 18.x
- name: Install npm@latest
run: npm i --prefer-online --no-fund --no-audit -g npm@latest
- run: npm -v
- run: npm i --ignore-scripts --no-audit --no-fund
- run: npm run lint
- name: npm Version
run: npm -v
- name: Install Dependencies
run: npm i --ignore-scripts --no-audit --no-fund
- name: Lint
run: npm run lint --ignore-scripts
- name: Post Lint
run: npm run postlint --ignore-scripts

test:
name: Test - ${{ matrix.platform.name }} - ${{ matrix.node-version }}
if: github.repository_owner == 'npm'
strategy:
fail-fast: false
matrix:
node-version:
- 12.13.0
- 12.x
- 14.15.0
- 14.x
- 16.0.0
- 16.x
platform:
- os: ubuntu-latest
- name: Linux
os: ubuntu-latest
shell: bash
- os: macos-latest
- name: macOS
os: macos-latest
shell: bash
node-version:
- 14.17.0
- 14.x
- 16.13.0
- 16.x
- 18.0.0
- 18.x
runs-on: ${{ matrix.platform.os }}
defaults:
run:
shell: ${{ matrix.platform.shell }}
steps:
- uses: actions/checkout@v3
- name: Setup git user
- name: Checkout
uses: actions/checkout@v3
- name: Setup Git User
run: |
git config --global user.email "npm-cli+bot@github.com"
git config --global user.name "npm CLI robot"
- uses: actions/setup-node@v3
- name: Setup Node
uses: actions/setup-node@v3
with:
node-version: ${{ matrix.node-version }}
- name: Update to workable npm (windows)
- name: Update Windows npm
# node 12 and 14 ship with npm@6, which is known to fail when updating itself in windows
if: matrix.platform.os == 'windows-latest' && (startsWith(matrix.node-version, '12.') || startsWith(matrix.node-version, '14.'))
run: |
Expand All @@ -72,15 +88,17 @@ jobs:
node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz
cd ..
rmdir /s /q package
- name: Update npm to 7
# If we do test on npm 10 it needs npm7
- name: Install npm@7
if: startsWith(matrix.node-version, '10.')
run: npm i --prefer-online --no-fund --no-audit -g npm@7
- name: Update npm to latest
- name: Install npm@latest
if: ${{ !startsWith(matrix.node-version, '10.') }}
run: npm i --prefer-online --no-fund --no-audit -g npm@latest
- run: npm -v
- name: add tap problem matcher
- name: npm Version
run: npm -v
- name: Install Dependencies
run: npm i --ignore-scripts --no-audit --no-fund
- name: Add Problem Matcher
run: echo "::add-matcher::.github/matchers/tap.json"
- run: npm i --ignore-scripts --no-audit --no-fund
- run: npm test --ignore-scripts
- name: Test
run: npm test --ignore-scripts -iwr
20 changes: 7 additions & 13 deletions .github/workflows/codeql-analysis.yml
Original file line number Diff line number Diff line change
@@ -1,14 +1,13 @@
# This file is automatically added by @npmcli/template-oss. Do not edit.

name: "CodeQL"
name: CodeQL

on:
push:
branches:
- main
- latest
pull_request:
# The branches below must be a subset of the branches above
branches:
- main
- latest
Expand All @@ -24,21 +23,16 @@ jobs:
actions: read
contents: read
security-events: write

strategy:
fail-fast: false
matrix:
language: [ javascript ]

steps:
- uses: actions/checkout@v3
- name: Setup git user
- name: Checkout
uses: actions/checkout@v3
- name: Setup Git User
run: |
git config --global user.email "npm-cli+bot@github.com"
git config --global user.name "npm CLI robot"
- name: Initialize CodeQL
uses: github/codeql-action/init@v1
uses: github/codeql-action/init@v2
with:
languages: ${{ matrix.language }}
languages: javascript
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v1
uses: github/codeql-action/analyze@v2
Loading

0 comments on commit 72e9be4

Please sign in to comment.