From f6b45539303b6db5fe3c944046b90ecfe597fad0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 17 Jul 2024 17:22:36 +0000 Subject: [PATCH 1/8] chore: bump @npmcli/template-oss from 4.22.0 to 4.23.1 Bumps [@npmcli/template-oss](https://github.com/npm/template-oss) from 4.22.0 to 4.23.1. - [Release notes](https://github.com/npm/template-oss/releases) - [Changelog](https://github.com/npm/template-oss/blob/main/CHANGELOG.md) - [Commits](https://github.com/npm/template-oss/compare/v4.22.0...v4.23.1) --- updated-dependencies: - dependency-name: @npmcli/template-oss dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 15a1305..512dc7d 100644 --- a/package.json +++ b/package.json @@ -5,7 +5,7 @@ "main": "lib/index.js", "devDependencies": { "@npmcli/eslint-config": "^4.0.1", - "@npmcli/template-oss": "4.22.0", + "@npmcli/template-oss": "4.23.1", "tap": "^16.3.2" }, "scripts": { From 90711dadee3aa7e471370e9409594d538a129023 Mon Sep 17 00:00:00 2001 From: Chris Sidi Date: Mon, 22 Jul 2024 19:29:07 -0400 Subject: [PATCH 2/8] chore: postinstall for dependabot template-oss PR --- .github/actions/create-check/action.yml | 2 +- .github/actions/install-latest-npm/action.yml | 2 +- .github/workflows/ci-release.yml | 4 ++-- .github/workflows/post-dependabot.yml | 2 +- .gitignore | 7 ++++--- SECURITY.md | 2 +- package.json | 9 +++++---- 7 files changed, 15 insertions(+), 13 deletions(-) diff --git a/.github/actions/create-check/action.yml b/.github/actions/create-check/action.yml index aa24a5b..d1220c9 100644 --- a/.github/actions/create-check/action.yml +++ b/.github/actions/create-check/action.yml @@ -25,7 +25,7 @@ runs: with: result-encoding: string script: | - const { repo: { owner, repo}, runId, serverUrl } = context + const { repo: { owner, repo}, runId, serverUrl } = context const { JOB_NAME, SHA } = process.env const job = await github.rest.actions.listJobsForWorkflowRun({ diff --git a/.github/actions/install-latest-npm/action.yml b/.github/actions/install-latest-npm/action.yml index 8339dbf..580603d 100644 --- a/.github/actions/install-latest-npm/action.yml +++ b/.github/actions/install-latest-npm/action.yml @@ -44,7 +44,7 @@ runs: MATCH=$SPEC echo "Found compatible version: npm@$MATCH" break - fi + fi done if [ -z $MATCH ]; then diff --git a/.github/workflows/ci-release.yml b/.github/workflows/ci-release.yml index ae2532c..d8d761f 100644 --- a/.github/workflows/ci-release.yml +++ b/.github/workflows/ci-release.yml @@ -61,7 +61,7 @@ jobs: run: npm run postlint --ignore-scripts - name: Conclude Check uses: LouisBrunner/checks-action@v1.6.0 - if: always() + if: steps.create-check.outputs.check-id && always() with: token: ${{ secrets.GITHUB_TOKEN }} conclusion: ${{ job.status }} @@ -151,7 +151,7 @@ jobs: run: npm test --ignore-scripts - name: Conclude Check uses: LouisBrunner/checks-action@v1.6.0 - if: always() + if: steps.create-check.outputs.check-id && always() with: token: ${{ secrets.GITHUB_TOKEN }} conclusion: ${{ job.status }} diff --git a/.github/workflows/post-dependabot.yml b/.github/workflows/post-dependabot.yml index a7ebe12..1ea8693 100644 --- a/.github/workflows/post-dependabot.yml +++ b/.github/workflows/post-dependabot.yml @@ -49,7 +49,7 @@ jobs: id: flags run: | dependabot_dir="${{ steps.metadata.outputs.directory }}" - if [[ "$dependabot_dir" == "/" ]]; then + if [[ "$dependabot_dir" == "/" || "$dependabot_dir" == "/main" ]]; then echo "workspace=-iwr" >> $GITHUB_OUTPUT else # strip leading slash from directory so it works as a diff --git a/.gitignore b/.gitignore index 773cada..2bab6d1 100644 --- a/.gitignore +++ b/.gitignore @@ -2,17 +2,17 @@ # ignore everything in the root /* -# transient test directories -tap-testdir*/ -# keep these !**/.gitignore !/.commitlintrc.js !/.eslintrc.js !/.eslintrc.local.* +!/.git-blame-ignore-revs !/.github/ !/.gitignore !/.npmrc +!/.prettierignore +!/.prettierrc.js !/.release-please-manifest.json !/bin/ !/CHANGELOG* @@ -30,3 +30,4 @@ tap-testdir*/ !/tap-snapshots/ !/test/ !/tsconfig.json +tap-testdir*/ diff --git a/SECURITY.md b/SECURITY.md index 9cd2dea..4fe06a2 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -2,7 +2,7 @@ GitHub takes the security of our software products and services seriously, including the open source code repositories managed through our GitHub organizations, such as [GitHub](https://github.com/GitHub). -If you believe you have found a security vulnerability in this GitHub-owned open source repository, you can report it to us in one of two ways. +If you believe you have found a security vulnerability in this GitHub-owned open source repository, you can report it to us in one of two ways. If the vulnerability you have found is *not* [in scope for the GitHub Bug Bounty Program](https://bounty.github.com/#scope) or if you do not wish to be considered for a bounty reward, please report the issue to us directly through [opensource-security@github.com](mailto:opensource-security@github.com). diff --git a/package.json b/package.json index 512dc7d..ca13e31 100644 --- a/package.json +++ b/package.json @@ -10,12 +10,13 @@ }, "scripts": { "test": "tap", - "lint": "eslint \"**/*.{js,cjs,ts,mjs,jsx,tsx}\"", + "lint": "npm run eslint", "postlint": "template-oss-check", "template-oss-apply": "template-oss-apply --force", - "lintfix": "npm run lint -- --fix", + "lintfix": "npm run eslint -- --fix", "snap": "tap", - "posttest": "npm run lint" + "posttest": "npm run lint", + "eslint": "eslint \"**/*.{js,cjs,ts,mjs,jsx,tsx}\"" }, "repository": { "type": "git", @@ -37,7 +38,7 @@ }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.22.0", + "version": "4.23.1", "publish": true }, "tap": { From b92eb6b67d3769e313472535641b26c54a54377b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 28 Aug 2024 09:48:21 +0000 Subject: [PATCH 3/8] chore: bump @npmcli/template-oss from 4.23.1 to 4.23.3 Bumps [@npmcli/template-oss](https://github.com/npm/template-oss) from 4.23.1 to 4.23.3. - [Release notes](https://github.com/npm/template-oss/releases) - [Changelog](https://github.com/npm/template-oss/blob/main/CHANGELOG.md) - [Commits](https://github.com/npm/template-oss/compare/v4.23.1...v4.23.3) --- updated-dependencies: - dependency-name: @npmcli/template-oss dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index ca13e31..5f78bdd 100644 --- a/package.json +++ b/package.json @@ -5,7 +5,7 @@ "main": "lib/index.js", "devDependencies": { "@npmcli/eslint-config": "^4.0.1", - "@npmcli/template-oss": "4.23.1", + "@npmcli/template-oss": "4.23.3", "tap": "^16.3.2" }, "scripts": { From c11475392c3be71ac43aeb7893881a98ef65f749 Mon Sep 17 00:00:00 2001 From: Chris Sidi Date: Wed, 28 Aug 2024 13:20:22 -0400 Subject: [PATCH 4/8] chore: postinstall for dependabot template-oss PR --- .commitlintrc.js | 1 + .github/workflows/codeql-analysis.yml | 4 ++-- package.json | 2 +- 3 files changed, 4 insertions(+), 3 deletions(-) diff --git a/.commitlintrc.js b/.commitlintrc.js index e9c80b9..b706e52 100644 --- a/.commitlintrc.js +++ b/.commitlintrc.js @@ -7,5 +7,6 @@ module.exports = { 'header-max-length': [2, 'always', 80], 'subject-case': [0], 'body-max-line-length': [0], + 'footer-max-line-length': [0], }, } diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 13efe1b..15c8efe 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -29,8 +29,8 @@ jobs: git config --global user.email "npm-cli+bot@github.com" git config --global user.name "npm CLI robot" - name: Initialize CodeQL - uses: github/codeql-action/init@v2 + uses: github/codeql-action/init@v3 with: languages: javascript - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 + uses: github/codeql-action/analyze@v3 diff --git a/package.json b/package.json index 5f78bdd..de302bd 100644 --- a/package.json +++ b/package.json @@ -38,7 +38,7 @@ }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.23.1", + "version": "4.23.3", "publish": true }, "tap": { From 4ef1235e7383ec27d88b9407442bbbdffb5a76d7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 29 Aug 2024 11:54:23 +0000 Subject: [PATCH 5/8] chore: bump @npmcli/eslint-config from 4.0.5 to 5.0.0 Bumps [@npmcli/eslint-config](https://github.com/npm/eslint-config) from 4.0.5 to 5.0.0. - [Release notes](https://github.com/npm/eslint-config/releases) - [Changelog](https://github.com/npm/eslint-config/blob/main/CHANGELOG.md) - [Commits](https://github.com/npm/eslint-config/compare/v4.0.5...v5.0.0) --- updated-dependencies: - dependency-name: "@npmcli/eslint-config" dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index de302bd..dcf209c 100644 --- a/package.json +++ b/package.json @@ -4,7 +4,7 @@ "description": "User validations for npm", "main": "lib/index.js", "devDependencies": { - "@npmcli/eslint-config": "^4.0.1", + "@npmcli/eslint-config": "^5.0.0", "@npmcli/template-oss": "4.23.3", "tap": "^16.3.2" }, From 5495eff5590528c6c167c0dfe2fb691f8557f61e Mon Sep 17 00:00:00 2001 From: Chris Sidi Date: Tue, 3 Sep 2024 12:37:15 -0400 Subject: [PATCH 6/8] fix!: align to npm 10 node engine range BREAKING CHANGE: `npm-user-validate` now supports node `^18.17.0 || >=20.5.0` --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index dcf209c..62bacb1 100644 --- a/package.json +++ b/package.json @@ -34,7 +34,7 @@ "lib/" ], "engines": { - "node": "^14.17.0 || ^16.13.0 || >=18.0.0" + "node": "^18.17.0 || >=20.5.0" }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", From 4ad3de2b3caa172e28d54c6a88c25081c5f414a2 Mon Sep 17 00:00:00 2001 From: Chris Sidi Date: Tue, 3 Sep 2024 12:37:20 -0400 Subject: [PATCH 7/8] chore: run template-oss-apply --- .github/workflows/ci-release.yml | 19 +++++-------------- .github/workflows/ci.yml | 19 +++++-------------- 2 files changed, 10 insertions(+), 28 deletions(-) diff --git a/.github/workflows/ci-release.yml b/.github/workflows/ci-release.yml index d8d761f..673f9ca 100644 --- a/.github/workflows/ci-release.yml +++ b/.github/workflows/ci-release.yml @@ -87,27 +87,18 @@ jobs: os: windows-latest shell: cmd node-version: - - 14.17.0 - - 14.x - - 16.13.0 - - 16.x - - 18.0.0 + - 18.17.0 - 18.x + - 20.5.0 - 20.x - 22.x exclude: - - platform: { name: macOS, os: macos-latest, shell: bash } - node-version: 14.17.0 - - platform: { name: macOS, os: macos-latest, shell: bash } - node-version: 14.x - platform: { name: macOS, os: macos-13, shell: bash } - node-version: 16.13.0 - - platform: { name: macOS, os: macos-13, shell: bash } - node-version: 16.x - - platform: { name: macOS, os: macos-13, shell: bash } - node-version: 18.0.0 + node-version: 18.17.0 - platform: { name: macOS, os: macos-13, shell: bash } node-version: 18.x + - platform: { name: macOS, os: macos-13, shell: bash } + node-version: 20.5.0 - platform: { name: macOS, os: macos-13, shell: bash } node-version: 20.x - platform: { name: macOS, os: macos-13, shell: bash } diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 28dca18..a44b227 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -64,27 +64,18 @@ jobs: os: windows-latest shell: cmd node-version: - - 14.17.0 - - 14.x - - 16.13.0 - - 16.x - - 18.0.0 + - 18.17.0 - 18.x + - 20.5.0 - 20.x - 22.x exclude: - - platform: { name: macOS, os: macos-latest, shell: bash } - node-version: 14.17.0 - - platform: { name: macOS, os: macos-latest, shell: bash } - node-version: 14.x - platform: { name: macOS, os: macos-13, shell: bash } - node-version: 16.13.0 - - platform: { name: macOS, os: macos-13, shell: bash } - node-version: 16.x - - platform: { name: macOS, os: macos-13, shell: bash } - node-version: 18.0.0 + node-version: 18.17.0 - platform: { name: macOS, os: macos-13, shell: bash } node-version: 18.x + - platform: { name: macOS, os: macos-13, shell: bash } + node-version: 20.5.0 - platform: { name: macOS, os: macos-13, shell: bash } node-version: 20.x - platform: { name: macOS, os: macos-13, shell: bash } From f6aa45fd1d55977c978c22b91d5baa01684d5e1f Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Wed, 4 Sep 2024 20:18:03 -0400 Subject: [PATCH 8/8] chore: release 3.0.0 (#78) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit :robot: I have created a release *beep* *boop* --- ## [3.0.0](https://github.com/npm/npm-user-validate/compare/v2.0.1...v3.0.0) (2024-09-03) ### ⚠️ BREAKING CHANGES * `npm-user-validate` now supports node `^18.17.0 || >=20.5.0` ### Bug Fixes * [`5495eff`](https://github.com/npm/npm-user-validate/commit/5495eff5590528c6c167c0dfe2fb691f8557f61e) [#77](https://github.com/npm/npm-user-validate/pull/77) align to npm 10 node engine range (@hashtagchris) ### Chores * [`4ad3de2`](https://github.com/npm/npm-user-validate/commit/4ad3de2b3caa172e28d54c6a88c25081c5f414a2) [#77](https://github.com/npm/npm-user-validate/pull/77) run template-oss-apply (@hashtagchris) * [`4ef1235`](https://github.com/npm/npm-user-validate/commit/4ef1235e7383ec27d88b9407442bbbdffb5a76d7) [#75](https://github.com/npm/npm-user-validate/pull/75) bump @npmcli/eslint-config from 4.0.5 to 5.0.0 (@dependabot[bot]) * [`c114753`](https://github.com/npm/npm-user-validate/commit/c11475392c3be71ac43aeb7893881a98ef65f749) [#76](https://github.com/npm/npm-user-validate/pull/76) postinstall for dependabot template-oss PR (@hashtagchris) * [`b92eb6b`](https://github.com/npm/npm-user-validate/commit/b92eb6b67d3769e313472535641b26c54a54377b) [#76](https://github.com/npm/npm-user-validate/pull/76) bump @npmcli/template-oss from 4.23.1 to 4.23.3 (@dependabot[bot]) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- .release-please-manifest.json | 2 +- CHANGELOG.md | 11 +++++++++++ package.json | 2 +- 3 files changed, 13 insertions(+), 2 deletions(-) diff --git a/.release-please-manifest.json b/.release-please-manifest.json index b725ab0..d4f6f29 100644 --- a/.release-please-manifest.json +++ b/.release-please-manifest.json @@ -1,3 +1,3 @@ { - ".": "2.0.1" + ".": "3.0.0" } diff --git a/CHANGELOG.md b/CHANGELOG.md index ec93b41..3803e74 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,16 @@ # Changelog +## [3.0.0](https://github.com/npm/npm-user-validate/compare/v2.0.1...v3.0.0) (2024-09-03) +### ⚠️ BREAKING CHANGES +* `npm-user-validate` now supports node `^18.17.0 || >=20.5.0` +### Bug Fixes +* [`5495eff`](https://github.com/npm/npm-user-validate/commit/5495eff5590528c6c167c0dfe2fb691f8557f61e) [#77](https://github.com/npm/npm-user-validate/pull/77) align to npm 10 node engine range (@hashtagchris) +### Chores +* [`4ad3de2`](https://github.com/npm/npm-user-validate/commit/4ad3de2b3caa172e28d54c6a88c25081c5f414a2) [#77](https://github.com/npm/npm-user-validate/pull/77) run template-oss-apply (@hashtagchris) +* [`4ef1235`](https://github.com/npm/npm-user-validate/commit/4ef1235e7383ec27d88b9407442bbbdffb5a76d7) [#75](https://github.com/npm/npm-user-validate/pull/75) bump @npmcli/eslint-config from 4.0.5 to 5.0.0 (@dependabot[bot]) +* [`c114753`](https://github.com/npm/npm-user-validate/commit/c11475392c3be71ac43aeb7893881a98ef65f749) [#76](https://github.com/npm/npm-user-validate/pull/76) postinstall for dependabot template-oss PR (@hashtagchris) +* [`b92eb6b`](https://github.com/npm/npm-user-validate/commit/b92eb6b67d3769e313472535641b26c54a54377b) [#76](https://github.com/npm/npm-user-validate/pull/76) bump @npmcli/template-oss from 4.23.1 to 4.23.3 (@dependabot[bot]) + ## [2.0.1](https://github.com/npm/npm-user-validate/compare/v2.0.0...v2.0.1) (2024-05-06) ### Documentation diff --git a/package.json b/package.json index 62bacb1..8c66f8f 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "npm-user-validate", - "version": "2.0.1", + "version": "3.0.0", "description": "User validations for npm", "main": "lib/index.js", "devDependencies": {