New Upstream Release - node-npm-bundled
Ready changes
Summary
Merged new upstream version: 3.0.0 (was: 2.0.1).
Resulting package
Built on 2023-08-07T10:20 (took 12m16s)
The resulting binary packages can be installed (if you have the apt repository enabled) by running one of:
apt install -t fresh-releases node-npm-bundled
Lintian Result
Diff
diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
new file mode 100644
index 0000000..2c54b0d
--- /dev/null
+++ b/.github/CODEOWNERS
@@ -0,0 +1,3 @@
+# This file is automatically added by @npmcli/template-oss. Do not edit.
+
+* @npm/cli-team
diff --git a/.github/ISSUE_TEMPLATE/bug.yml b/.github/ISSUE_TEMPLATE/bug.yml
new file mode 100644
index 0000000..d043192
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/bug.yml
@@ -0,0 +1,54 @@
+# This file is automatically added by @npmcli/template-oss. Do not edit.
+
+name: Bug
+description: File a bug/issue
+title: "[BUG] <title>"
+labels: [ Bug, Needs Triage ]
+
+body:
+ - type: checkboxes
+ attributes:
+ label: Is there an existing issue for this?
+ description: Please [search here](./issues) to see if an issue already exists for your problem.
+ options:
+ - label: I have searched the existing issues
+ required: true
+ - type: textarea
+ attributes:
+ label: Current Behavior
+ description: A clear & concise description of what you're experiencing.
+ validations:
+ required: false
+ - type: textarea
+ attributes:
+ label: Expected Behavior
+ description: A clear & concise description of what you expected to happen.
+ validations:
+ required: false
+ - type: textarea
+ attributes:
+ label: Steps To Reproduce
+ description: Steps to reproduce the behavior.
+ value: |
+ 1. In this environment...
+ 2. With this config...
+ 3. Run '...'
+ 4. See error...
+ validations:
+ required: false
+ - type: textarea
+ attributes:
+ label: Environment
+ description: |
+ examples:
+ - **npm**: 7.6.3
+ - **Node**: 13.14.0
+ - **OS**: Ubuntu 20.04
+ - **platform**: Macbook Pro
+ value: |
+ - npm:
+ - Node:
+ - OS:
+ - platform:
+ validations:
+ required: false
diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml
new file mode 100644
index 0000000..d640909
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/config.yml
@@ -0,0 +1,3 @@
+# This file is automatically added by @npmcli/template-oss. Do not edit.
+
+blank_issues_enabled: true
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..8da2a45
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,17 @@
+# This file is automatically added by @npmcli/template-oss. Do not edit.
+
+version: 2
+
+updates:
+ - package-ecosystem: npm
+ directory: /
+ schedule:
+ interval: daily
+ allow:
+ - dependency-type: direct
+ versioning-strategy: increase-if-necessary
+ commit-message:
+ prefix: deps
+ prefix-development: chore
+ labels:
+ - "Dependencies"
diff --git a/.github/matchers/tap.json b/.github/matchers/tap.json
new file mode 100644
index 0000000..2c81ea9
--- /dev/null
+++ b/.github/matchers/tap.json
@@ -0,0 +1,32 @@
+{
+ "//@npmcli/template-oss": "This file is automatically added by @npmcli/template-oss. Do not edit.",
+ "problemMatcher": [
+ {
+ "owner": "tap",
+ "pattern": [
+ {
+ "regexp": "^\\s*not ok \\d+ - (.*)",
+ "message": 1
+ },
+ {
+ "regexp": "^\\s*---"
+ },
+ {
+ "regexp": "^\\s*at:"
+ },
+ {
+ "regexp": "^\\s*line:\\s*(\\d+)",
+ "line": 1
+ },
+ {
+ "regexp": "^\\s*column:\\s*(\\d+)",
+ "column": 1
+ },
+ {
+ "regexp": "^\\s*file:\\s*(.*)",
+ "file": 1
+ }
+ ]
+ }
+ ]
+}
diff --git a/.github/settings.yml b/.github/settings.yml
new file mode 100644
index 0000000..1019e26
--- /dev/null
+++ b/.github/settings.yml
@@ -0,0 +1,2 @@
+---
+_extends: '.github:npm-cli/settings.yml'
diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml
new file mode 100644
index 0000000..60bb334
--- /dev/null
+++ b/.github/workflows/audit.yml
@@ -0,0 +1,37 @@
+# This file is automatically added by @npmcli/template-oss. Do not edit.
+
+name: Audit
+
+on:
+ workflow_dispatch:
+ schedule:
+ # "At 08:00 UTC (01:00 PT) on Monday" https://crontab.guru/#0_8_*_*_1
+ - cron: "0 8 * * 1"
+
+jobs:
+ audit:
+ name: Audit Dependencies
+ if: github.repository_owner == 'npm'
+ runs-on: ubuntu-latest
+ defaults:
+ run:
+ shell: bash
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v3
+ - name: Setup Git User
+ run: |
+ git config --global user.email "npm-cli+bot@github.com"
+ git config --global user.name "npm CLI robot"
+ - name: Setup Node
+ uses: actions/setup-node@v3
+ with:
+ node-version: 18.x
+ - name: Install npm@latest
+ run: npm i --prefer-online --no-fund --no-audit -g npm@latest
+ - name: npm Version
+ run: npm -v
+ - name: Install Dependencies
+ run: npm i --ignore-scripts --no-audit --no-fund --package-lock
+ - name: Run Audit
+ run: npm audit
diff --git a/.github/workflows/ci-release.yml b/.github/workflows/ci-release.yml
new file mode 100644
index 0000000..9cc6b28
--- /dev/null
+++ b/.github/workflows/ci-release.yml
@@ -0,0 +1,154 @@
+# This file is automatically added by @npmcli/template-oss. Do not edit.
+
+name: CI - Release
+
+on:
+ workflow_call:
+ inputs:
+ ref:
+ required: true
+ type: string
+ check-sha:
+ required: true
+ type: string
+
+jobs:
+ lint-all:
+ name: Lint All
+ if: github.repository_owner == 'npm'
+ runs-on: ubuntu-latest
+ defaults:
+ run:
+ shell: bash
+ steps:
+ - name: Create Check
+ uses: LouisBrunner/checks-action@v1.3.1
+ id: check
+
+ with:
+ token: ${{ secrets.GITHUB_TOKEN }}
+ status: in_progress
+ name: Lint All
+ sha: ${{ inputs.check-sha }}
+ # XXX: this does not work when using the default GITHUB_TOKEN.
+ # Instead we post the main job url to the PR as a comment which
+ # will link to all the other checks. To work around this we would
+ # need to create a GitHub that would create on-demand tokens.
+ # https://github.com/LouisBrunner/checks-action/issues/18
+ # details_url:
+ - name: Checkout
+ uses: actions/checkout@v3
+ with:
+ ref: ${{ inputs.ref }}
+ - name: Setup Git User
+ run: |
+ git config --global user.email "npm-cli+bot@github.com"
+ git config --global user.name "npm CLI robot"
+ - name: Setup Node
+ uses: actions/setup-node@v3
+ with:
+ node-version: 18.x
+ - name: Install npm@latest
+ run: npm i --prefer-online --no-fund --no-audit -g npm@latest
+ - name: npm Version
+ run: npm -v
+ - name: Install Dependencies
+ run: npm i --ignore-scripts --no-audit --no-fund
+ - name: Lint
+ run: npm run lint --ignore-scripts
+ - name: Post Lint
+ run: npm run postlint --ignore-scripts
+ - name: Conclude Check
+ uses: LouisBrunner/checks-action@v1.3.1
+ if: always()
+ with:
+ token: ${{ secrets.GITHUB_TOKEN }}
+ conclusion: ${{ job.status }}
+ check_id: ${{ steps.check.outputs.check_id }}
+
+ test-all:
+ name: Test All - ${{ matrix.platform.name }} - ${{ matrix.node-version }}
+ if: github.repository_owner == 'npm'
+ strategy:
+ fail-fast: false
+ matrix:
+ platform:
+ - name: Linux
+ os: ubuntu-latest
+ shell: bash
+ - name: macOS
+ os: macos-latest
+ shell: bash
+ - name: Windows
+ os: windows-latest
+ shell: cmd
+ node-version:
+ - 14.17.0
+ - 14.x
+ - 16.13.0
+ - 16.x
+ - 18.0.0
+ - 18.x
+ runs-on: ${{ matrix.platform.os }}
+ defaults:
+ run:
+ shell: ${{ matrix.platform.shell }}
+ steps:
+ - name: Create Check
+ uses: LouisBrunner/checks-action@v1.3.1
+ id: check
+
+ with:
+ token: ${{ secrets.GITHUB_TOKEN }}
+ status: in_progress
+ name: Test All - ${{ matrix.platform.name }} - ${{ matrix.node-version }}
+ sha: ${{ inputs.check-sha }}
+ # XXX: this does not work when using the default GITHUB_TOKEN.
+ # Instead we post the main job url to the PR as a comment which
+ # will link to all the other checks. To work around this we would
+ # need to create a GitHub that would create on-demand tokens.
+ # https://github.com/LouisBrunner/checks-action/issues/18
+ # details_url:
+ - name: Checkout
+ uses: actions/checkout@v3
+ with:
+ ref: ${{ inputs.ref }}
+ - name: Setup Git User
+ run: |
+ git config --global user.email "npm-cli+bot@github.com"
+ git config --global user.name "npm CLI robot"
+ - name: Setup Node
+ uses: actions/setup-node@v3
+ with:
+ node-version: ${{ matrix.node-version }}
+ - name: Update Windows npm
+ # node 12 and 14 ship with npm@6, which is known to fail when updating itself in windows
+ if: matrix.platform.os == 'windows-latest' && (startsWith(matrix.node-version, '12.') || startsWith(matrix.node-version, '14.'))
+ run: |
+ curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz
+ tar xf npm-7.5.4.tgz
+ cd package
+ node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz
+ cd ..
+ rmdir /s /q package
+ - name: Install npm@7
+ if: startsWith(matrix.node-version, '10.')
+ run: npm i --prefer-online --no-fund --no-audit -g npm@7
+ - name: Install npm@latest
+ if: ${{ !startsWith(matrix.node-version, '10.') }}
+ run: npm i --prefer-online --no-fund --no-audit -g npm@latest
+ - name: npm Version
+ run: npm -v
+ - name: Install Dependencies
+ run: npm i --ignore-scripts --no-audit --no-fund
+ - name: Add Problem Matcher
+ run: echo "::add-matcher::.github/matchers/tap.json"
+ - name: Test
+ run: npm test --ignore-scripts
+ - name: Conclude Check
+ uses: LouisBrunner/checks-action@v1.3.1
+ if: always()
+ with:
+ token: ${{ secrets.GITHUB_TOKEN }}
+ conclusion: ${{ job.status }}
+ check_id: ${{ steps.check.outputs.check_id }}
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
new file mode 100644
index 0000000..a6c934a
--- /dev/null
+++ b/.github/workflows/ci.yml
@@ -0,0 +1,157 @@
+# This file is automatically added by @npmcli/template-oss. Do not edit.
+
+name: CI
+
+on:
+ workflow_dispatch:
+ pull_request:
+ push:
+ branches:
+ - main
+ - latest
+ schedule:
+ # "At 09:00 UTC (02:00 PT) on Monday" https://crontab.guru/#0_9_*_*_1
+ - cron: "0 9 * * 1"
+
+jobs:
+ engines:
+ name: Engines - ${{ matrix.platform.name }} - ${{ matrix.node-version }}
+ if: github.repository_owner == 'npm'
+ strategy:
+ fail-fast: false
+ matrix:
+ platform:
+ - name: Linux
+ os: ubuntu-latest
+ shell: bash
+ node-version:
+ - 14.17.0
+ - 16.13.0
+ - 18.0.0
+ runs-on: ${{ matrix.platform.os }}
+ defaults:
+ run:
+ shell: ${{ matrix.platform.shell }}
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v3
+ - name: Setup Git User
+ run: |
+ git config --global user.email "npm-cli+bot@github.com"
+ git config --global user.name "npm CLI robot"
+ - name: Setup Node
+ uses: actions/setup-node@v3
+ with:
+ node-version: ${{ matrix.node-version }}
+ - name: Update Windows npm
+ # node 12 and 14 ship with npm@6, which is known to fail when updating itself in windows
+ if: matrix.platform.os == 'windows-latest' && (startsWith(matrix.node-version, '12.') || startsWith(matrix.node-version, '14.'))
+ run: |
+ curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz
+ tar xf npm-7.5.4.tgz
+ cd package
+ node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz
+ cd ..
+ rmdir /s /q package
+ - name: Install npm@7
+ if: startsWith(matrix.node-version, '10.')
+ run: npm i --prefer-online --no-fund --no-audit -g npm@7
+ - name: Install npm@latest
+ if: ${{ !startsWith(matrix.node-version, '10.') }}
+ run: npm i --prefer-online --no-fund --no-audit -g npm@latest
+ - name: npm Version
+ run: npm -v
+ - name: Install Dependencies
+ run: npm i --ignore-scripts --no-audit --no-fund --engines-strict
+
+ lint:
+ name: Lint
+ if: github.repository_owner == 'npm'
+ runs-on: ubuntu-latest
+ defaults:
+ run:
+ shell: bash
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v3
+ - name: Setup Git User
+ run: |
+ git config --global user.email "npm-cli+bot@github.com"
+ git config --global user.name "npm CLI robot"
+ - name: Setup Node
+ uses: actions/setup-node@v3
+ with:
+ node-version: 18.x
+ - name: Install npm@latest
+ run: npm i --prefer-online --no-fund --no-audit -g npm@latest
+ - name: npm Version
+ run: npm -v
+ - name: Install Dependencies
+ run: npm i --ignore-scripts --no-audit --no-fund
+ - name: Lint
+ run: npm run lint --ignore-scripts
+ - name: Post Lint
+ run: npm run postlint --ignore-scripts
+
+ test:
+ name: Test - ${{ matrix.platform.name }} - ${{ matrix.node-version }}
+ if: github.repository_owner == 'npm'
+ strategy:
+ fail-fast: false
+ matrix:
+ platform:
+ - name: Linux
+ os: ubuntu-latest
+ shell: bash
+ - name: macOS
+ os: macos-latest
+ shell: bash
+ - name: Windows
+ os: windows-latest
+ shell: cmd
+ node-version:
+ - 14.17.0
+ - 14.x
+ - 16.13.0
+ - 16.x
+ - 18.0.0
+ - 18.x
+ runs-on: ${{ matrix.platform.os }}
+ defaults:
+ run:
+ shell: ${{ matrix.platform.shell }}
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v3
+ - name: Setup Git User
+ run: |
+ git config --global user.email "npm-cli+bot@github.com"
+ git config --global user.name "npm CLI robot"
+ - name: Setup Node
+ uses: actions/setup-node@v3
+ with:
+ node-version: ${{ matrix.node-version }}
+ - name: Update Windows npm
+ # node 12 and 14 ship with npm@6, which is known to fail when updating itself in windows
+ if: matrix.platform.os == 'windows-latest' && (startsWith(matrix.node-version, '12.') || startsWith(matrix.node-version, '14.'))
+ run: |
+ curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz
+ tar xf npm-7.5.4.tgz
+ cd package
+ node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz
+ cd ..
+ rmdir /s /q package
+ - name: Install npm@7
+ if: startsWith(matrix.node-version, '10.')
+ run: npm i --prefer-online --no-fund --no-audit -g npm@7
+ - name: Install npm@latest
+ if: ${{ !startsWith(matrix.node-version, '10.') }}
+ run: npm i --prefer-online --no-fund --no-audit -g npm@latest
+ - name: npm Version
+ run: npm -v
+ - name: Install Dependencies
+ run: npm i --ignore-scripts --no-audit --no-fund
+ - name: Add Problem Matcher
+ run: echo "::add-matcher::.github/matchers/tap.json"
+ - name: Test
+ run: npm test --ignore-scripts
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
new file mode 100644
index 0000000..66b9498
--- /dev/null
+++ b/.github/workflows/codeql-analysis.yml
@@ -0,0 +1,38 @@
+# This file is automatically added by @npmcli/template-oss. Do not edit.
+
+name: CodeQL
+
+on:
+ push:
+ branches:
+ - main
+ - latest
+ pull_request:
+ branches:
+ - main
+ - latest
+ schedule:
+ # "At 10:00 UTC (03:00 PT) on Monday" https://crontab.guru/#0_10_*_*_1
+ - cron: "0 10 * * 1"
+
+jobs:
+ analyze:
+ name: Analyze
+ runs-on: ubuntu-latest
+ permissions:
+ actions: read
+ contents: read
+ security-events: write
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v3
+ - name: Setup Git User
+ run: |
+ git config --global user.email "npm-cli+bot@github.com"
+ git config --global user.name "npm CLI robot"
+ - name: Initialize CodeQL
+ uses: github/codeql-action/init@v2
+ with:
+ languages: javascript
+ - name: Perform CodeQL Analysis
+ uses: github/codeql-action/analyze@v2
diff --git a/.github/workflows/post-dependabot.yml b/.github/workflows/post-dependabot.yml
new file mode 100644
index 0000000..88ac403
--- /dev/null
+++ b/.github/workflows/post-dependabot.yml
@@ -0,0 +1,121 @@
+# This file is automatically added by @npmcli/template-oss. Do not edit.
+
+name: Post Dependabot
+
+on: pull_request
+
+permissions:
+ contents: write
+
+jobs:
+ template-oss:
+ name: template-oss
+ if: github.repository_owner == 'npm' && github.actor == 'dependabot[bot]'
+ runs-on: ubuntu-latest
+ defaults:
+ run:
+ shell: bash
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v3
+ with:
+ ref: ${{ github.event.pull_request.head.ref }}
+ - name: Setup Git User
+ run: |
+ git config --global user.email "npm-cli+bot@github.com"
+ git config --global user.name "npm CLI robot"
+ - name: Setup Node
+ uses: actions/setup-node@v3
+ with:
+ node-version: 18.x
+ - name: Install npm@latest
+ run: npm i --prefer-online --no-fund --no-audit -g npm@latest
+ - name: npm Version
+ run: npm -v
+ - name: Install Dependencies
+ run: npm i --ignore-scripts --no-audit --no-fund
+ - name: Fetch Dependabot Metadata
+ id: metadata
+ uses: dependabot/fetch-metadata@v1
+ with:
+ github-token: ${{ secrets.GITHUB_TOKEN }}
+
+ # Dependabot can update multiple directories so we output which directory
+ # it is acting on so we can run the command for the correct root or workspace
+ - name: Get Dependabot Directory
+ if: contains(steps.metadata.outputs.dependency-names, '@npmcli/template-oss')
+ id: flags
+ run: |
+ dependabot_dir="${{ steps.metadata.outputs.directory }}"
+ if [[ "$dependabot_dir" == "/" ]]; then
+ echo "::set-output name=workspace::-iwr"
+ else
+ # strip leading slash from directory so it works as a
+ # a path to the workspace flag
+ echo "::set-output name=workspace::-w ${dependabot_dir#/}"
+ fi
+
+ - name: Apply Changes
+ if: steps.flags.outputs.workspace
+ id: apply
+ run: |
+ npm run template-oss-apply ${{ steps.flags.outputs.workspace }}
+ if [[ `git status --porcelain` ]]; then
+ echo "::set-output name=changes::true"
+ fi
+ # This only sets the conventional commit prefix. This workflow can't reliably determine
+ # what the breaking change is though. If a BREAKING CHANGE message is required then
+ # this PR check will fail and the commit will be amended with stafftools
+ if [[ "${{ steps.dependabot-metadata.outputs.update-type }}" == "version-update:semver-major" ]]; then
+ prefix='feat!'
+ else
+ prefix='chore!'
+ fi
+ echo "::set-output name=message::$prefix: postinstall for dependabot template-oss PR"
+
+ # This step will fail if template-oss has made any workflow updates. It is impossible
+ # for a workflow to update other workflows. In the case it does fail, we continue
+ # and then try to apply only a portion of the changes in the next step
+ - name: Push All Changes
+ if: steps.apply.outputs.changes
+ id: push
+ continue-on-error: true
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ run: |
+ git commit -am "${{ steps.apply.outputs.message }}"
+ git push
+
+ # If the previous step failed, then reset the commit and remove any workflow changes
+ # and attempt to commit and push again. This is helpful because we will have a commit
+ # with the correct prefix that we can then --amend with @npmcli/stafftools later.
+ - name: Push All Changes Except Workflows
+ if: steps.apply.outputs.changes && steps.push-all.outcome == 'failure'
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ run: |
+ git reset HEAD~
+ git checkout HEAD -- .github/workflows/
+ git clean -fd .github/workflows/
+ git commit -am "${{ steps.apply.outputs.message }}"
+ git push
+
+ # Check if all the necessary template-oss changes were applied. Since we continued
+ # on errors in one of the previous steps, this check will fail if our follow up
+ # only applied a portion of the changes and we need to followup manually.
+ #
+ # Note that this used to run `lint` and `postlint` but that will fail this action
+ # if we've also shipped any linting changes separate from template-oss. We do
+ # linting in another action, so we want to fail this one only if there are
+ # template-oss changes that could not be applied.
+ - name: Check Changes
+ if: steps.apply.outputs.changes
+ run: |
+ npm exec --offline ${{ steps.flags.outputs.workspace }} -- template-oss-check
+
+ - name: Fail on Breaking Change
+ if: steps.apply.outputs.changes && startsWith(steps.apply.outputs.message, 'feat!')
+ run: |
+ echo "This PR has a breaking change. Run 'npx -p @npmcli/stafftools gh template-oss-fix'"
+ echo "for more information on how to fix this with a BREAKING CHANGE footer."
+ exit 1
diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml
new file mode 100644
index 0000000..1a1d1ee
--- /dev/null
+++ b/.github/workflows/pull-request.yml
@@ -0,0 +1,48 @@
+# This file is automatically added by @npmcli/template-oss. Do not edit.
+
+name: Pull Request
+
+on:
+ pull_request:
+ types:
+ - opened
+ - reopened
+ - edited
+ - synchronize
+
+jobs:
+ commitlint:
+ name: Lint Commits
+ if: github.repository_owner == 'npm'
+ runs-on: ubuntu-latest
+ defaults:
+ run:
+ shell: bash
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v3
+ with:
+ fetch-depth: 0
+ - name: Setup Git User
+ run: |
+ git config --global user.email "npm-cli+bot@github.com"
+ git config --global user.name "npm CLI robot"
+ - name: Setup Node
+ uses: actions/setup-node@v3
+ with:
+ node-version: 18.x
+ - name: Install npm@latest
+ run: npm i --prefer-online --no-fund --no-audit -g npm@latest
+ - name: npm Version
+ run: npm -v
+ - name: Install Dependencies
+ run: npm i --ignore-scripts --no-audit --no-fund
+ - name: Run Commitlint on Commits
+ id: commit
+ continue-on-error: true
+ run: |
+ npx --offline commitlint -V --from origin/${{ github.base_ref }} --to ${{ github.event.pull_request.head.sha }}
+ - name: Run Commitlint on PR Title
+ if: steps.commit.outcome == 'failure'
+ run: |
+ echo ${{ github.event.pull_request.title }} | npx --offline commitlint -V
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
new file mode 100644
index 0000000..1ed3865
--- /dev/null
+++ b/.github/workflows/release.yml
@@ -0,0 +1,235 @@
+# This file is automatically added by @npmcli/template-oss. Do not edit.
+
+name: Release
+
+on:
+ push:
+ branches:
+ - main
+ - latest
+
+permissions:
+ contents: write
+ pull-requests: write
+ checks: write
+
+jobs:
+ release:
+ outputs:
+ pr: ${{ steps.release.outputs.pr }}
+ releases: ${{ steps.release.outputs.releases }}
+ release-flags: ${{ steps.release.outputs.release-flags }}
+ branch: ${{ steps.release.outputs.pr-branch }}
+ pr-number: ${{ steps.release.outputs.pr-number }}
+ comment-id: ${{ steps.pr-comment.outputs.result }}
+ check-id: ${{ steps.check.outputs.check_id }}
+ name: Release
+ if: github.repository_owner == 'npm'
+ runs-on: ubuntu-latest
+ defaults:
+ run:
+ shell: bash
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v3
+ - name: Setup Git User
+ run: |
+ git config --global user.email "npm-cli+bot@github.com"
+ git config --global user.name "npm CLI robot"
+ - name: Setup Node
+ uses: actions/setup-node@v3
+ with:
+ node-version: 18.x
+ - name: Install npm@latest
+ run: npm i --prefer-online --no-fund --no-audit -g npm@latest
+ - name: npm Version
+ run: npm -v
+ - name: Install Dependencies
+ run: npm i --ignore-scripts --no-audit --no-fund
+ - name: Release Please
+ id: release
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ run: |
+ npx --offline template-oss-release-please ${{ github.ref_name }}
+ - name: Post Pull Request Comment
+ if: steps.release.outputs.pr-number
+ uses: actions/github-script@v6
+ id: pr-comment
+ env:
+ PR_NUMBER: ${{ steps.release.outputs.pr-number }}
+ with:
+ script: |
+ const repo = { owner: context.repo.owner, repo: context.repo.repo }
+ const issue = { ...repo, issue_number: process.env.PR_NUMBER }
+
+ const { data: workflow } = await github.rest.actions.getWorkflowRun({ ...repo, run_id: context.runId })
+
+ let body = '## Release Manager\n\n'
+
+ const comments = await github.paginate(github.rest.issues.listComments, issue)
+ let commentId = comments?.find(c => c.user.login === 'github-actions[bot]' && c.body.startsWith(body))?.id
+
+ body += `- Release workflow run: ${workflow.html_url}`
+ if (commentId) {
+ await github.rest.issues.updateComment({ ...repo, comment_id: commentId, body })
+ } else {
+ const { data: comment } = await github.rest.issues.createComment({ ...issue, body })
+ commentId = comment?.id
+ }
+
+ return commentId
+ - name: Create Check
+ uses: LouisBrunner/checks-action@v1.3.1
+ id: check
+ if: steps.release.outputs.pr-number
+ with:
+ token: ${{ secrets.GITHUB_TOKEN }}
+ status: in_progress
+ name: Release
+ sha: ${{ steps.release.outputs.pr-sha }}
+ # XXX: this does not work when using the default GITHUB_TOKEN.
+ # Instead we post the main job url to the PR as a comment which
+ # will link to all the other checks. To work around this we would
+ # need to create a GitHub that would create on-demand tokens.
+ # https://github.com/LouisBrunner/checks-action/issues/18
+ # details_url:
+
+ update:
+ needs: release
+ outputs:
+ sha: ${{ steps.commit.outputs.sha }}
+ check-id: ${{ steps.check.outputs.check_id }}
+ name: Update - Release
+ if: github.repository_owner == 'npm' && needs.release.outputs.pr
+ runs-on: ubuntu-latest
+ defaults:
+ run:
+ shell: bash
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v3
+ with:
+ fetch-depth: 0
+ ref: ${{ needs.release.outputs.branch }}
+ - name: Setup Git User
+ run: |
+ git config --global user.email "npm-cli+bot@github.com"
+ git config --global user.name "npm CLI robot"
+ - name: Setup Node
+ uses: actions/setup-node@v3
+ with:
+ node-version: 18.x
+ - name: Install npm@latest
+ run: npm i --prefer-online --no-fund --no-audit -g npm@latest
+ - name: npm Version
+ run: npm -v
+ - name: Install Dependencies
+ run: npm i --ignore-scripts --no-audit --no-fund
+ - name: Run Post Pull Request Actions
+ env:
+ RELEASE_PR_NUMBER: ${{ needs.release.outputs.pr-number }}
+ RELEASE_COMMENT_ID: ${{ needs.release.outputs.comment-id }}
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ run: |
+ npm exec --offline -- template-oss-release-manager
+ npm run rp-pull-request --ignore-scripts --if-present
+ - name: Commit
+ id: commit
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ run: |
+ git commit --all --amend --no-edit || true
+ git push --force-with-lease
+ echo "::set-output name=sha::$(git rev-parse HEAD)"
+ - name: Create Check
+ uses: LouisBrunner/checks-action@v1.3.1
+ id: check
+
+ with:
+ token: ${{ secrets.GITHUB_TOKEN }}
+ status: in_progress
+ name: Release
+ sha: ${{ steps.commit.outputs.sha }}
+ # XXX: this does not work when using the default GITHUB_TOKEN.
+ # Instead we post the main job url to the PR as a comment which
+ # will link to all the other checks. To work around this we would
+ # need to create a GitHub that would create on-demand tokens.
+ # https://github.com/LouisBrunner/checks-action/issues/18
+ # details_url:
+ - name: Conclude Check
+ uses: LouisBrunner/checks-action@v1.3.1
+ if: always()
+ with:
+ token: ${{ secrets.GITHUB_TOKEN }}
+ conclusion: ${{ job.status }}
+ check_id: ${{ needs.release.outputs.check-id }}
+
+ ci:
+ name: CI - Release
+ needs: [ release, update ]
+ if: needs.release.outputs.pr
+ uses: ./.github/workflows/ci-release.yml
+ with:
+ ref: ${{ needs.release.outputs.branch }}
+ check-sha: ${{ needs.update.outputs.sha }}
+
+ post-ci:
+ needs: [ release, update, ci ]
+ name: Post CI - Release
+ if: github.repository_owner == 'npm' && needs.release.outputs.pr && always()
+ runs-on: ubuntu-latest
+ defaults:
+ run:
+ shell: bash
+ steps:
+ - name: Get Needs Result
+ id: needs-result
+ run: |
+ result=""
+ if [[ "${{ contains(needs.*.result, 'failure') }}" == "true" ]]; then
+ result="failure"
+ elif [[ "${{ contains(needs.*.result, 'cancelled') }}" == "true" ]]; then
+ result="cancelled"
+ else
+ result="success"
+ fi
+ echo "::set-output name=result::$result"
+ - name: Conclude Check
+ uses: LouisBrunner/checks-action@v1.3.1
+ if: always()
+ with:
+ token: ${{ secrets.GITHUB_TOKEN }}
+ conclusion: ${{ steps.needs-result.outputs.result }}
+ check_id: ${{ needs.update.outputs.check-id }}
+
+ post-release:
+ needs: release
+ name: Post Release - Release
+ if: github.repository_owner == 'npm' && needs.release.outputs.releases
+ runs-on: ubuntu-latest
+ defaults:
+ run:
+ shell: bash
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v3
+ - name: Setup Git User
+ run: |
+ git config --global user.email "npm-cli+bot@github.com"
+ git config --global user.name "npm CLI robot"
+ - name: Setup Node
+ uses: actions/setup-node@v3
+ with:
+ node-version: 18.x
+ - name: Install npm@latest
+ run: npm i --prefer-online --no-fund --no-audit -g npm@latest
+ - name: npm Version
+ run: npm -v
+ - name: Install Dependencies
+ run: npm i --ignore-scripts --no-audit --no-fund
+ - name: Run Post Release Actions
+ env:
+ RELEASES: ${{ needs.release.outputs.releases }}
+ run: |
+ npm run rp-release --ignore-scripts --if-present ${{ join(fromJSON(needs.release.outputs.release-flags), ' ') }}
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..0ec3c84
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,28 @@
+# This file is automatically added by @npmcli/template-oss. Do not edit.
+
+# ignore everything in the root
+/*
+
+# keep these
+!**/.gitignore
+!/.commitlintrc.js
+!/.eslintrc.js
+!/.eslintrc.local.*
+!/.github/
+!/.gitignore
+!/.npmrc
+!/.release-please-manifest.json
+!/bin/
+!/CHANGELOG*
+!/CODE_OF_CONDUCT.md
+!/docs/
+!/lib/
+!/LICENSE*
+!/map.js
+!/package.json
+!/README*
+!/release-please-config.json
+!/scripts/
+!/SECURITY.md
+!/tap-snapshots/
+!/test/
diff --git a/.release-please-manifest.json b/.release-please-manifest.json
new file mode 100644
index 0000000..d4f6f29
--- /dev/null
+++ b/.release-please-manifest.json
@@ -0,0 +1,3 @@
+{
+ ".": "3.0.0"
+}
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 71d00bb..a77d8e9 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,19 @@
# Changelog
+## [3.0.0](https://github.com/npm/npm-bundled/compare/v2.0.1...v3.0.0) (2022-10-14)
+
+### ⚠️ BREAKING CHANGES
+
+* `npm-bundled` is now compatible with the following semver range for node: `^14.17.0 || ^16.13.0 || >=18.0.0`
+
+### Features
+
+* [`7682b9e`](https://github.com/npm/npm-bundled/commit/7682b9ef3059b92fab54a89190d8e6a7b3c25425) [#23](https://github.com/npm/npm-bundled/pull/23) postinstall for dependabot template-oss PR (@lukekarrys)
+
+### Dependencies
+
+* [`3a21cbe`](https://github.com/npm/npm-bundled/commit/3a21cbe987497d1830d8c382c4fa7e9e1547723b) [#30](https://github.com/npm/npm-bundled/pull/30) bump npm-normalize-package-bin from 2.0.0 to 3.0.0
+
## [2.0.1](https://github.com/npm/npm-bundled/compare/v2.0.0...v2.0.1) (2022-08-25)
diff --git a/debian/changelog b/debian/changelog
index 3cfd6aa..83976e0 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+node-npm-bundled (3.0.0-1) UNRELEASED; urgency=low
+
+ * New upstream release.
+
+ -- Debian Janitor <janitor@jelmer.uk> Mon, 07 Aug 2023 10:09:05 -0000
+
node-npm-bundled (2.0.1-2) unstable; urgency=medium
[ Debian Janitor ]
diff --git a/package.json b/package.json
index e4c0106..f41066a 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
{
"name": "npm-bundled",
- "version": "2.0.1",
+ "version": "3.0.0",
"description": "list things in node_modules that are bundledDependencies, or transitive dependencies thereof",
"main": "lib/index.js",
"repository": {
@@ -10,8 +10,8 @@
"author": "GitHub Inc.",
"license": "ISC",
"devDependencies": {
- "@npmcli/eslint-config": "^3.1.0",
- "@npmcli/template-oss": "3.5.0",
+ "@npmcli/eslint-config": "^4.0.0",
+ "@npmcli/template-oss": "4.5.1",
"mkdirp": "^1.0.4",
"mutate-fs": "^2.1.1",
"rimraf": "^3.0.2",
@@ -19,14 +19,10 @@
},
"scripts": {
"test": "tap",
- "preversion": "npm test",
- "postversion": "npm publish",
- "postpublish": "git push origin --all; git push origin --tags",
"lint": "eslint \"**/*.js\"",
"postlint": "template-oss-check",
"template-oss-apply": "template-oss-apply --force",
"lintfix": "npm run lint -- --fix",
- "prepublishOnly": "git push origin --follow-tags",
"snap": "tap",
"posttest": "npm run lint"
},
@@ -35,13 +31,19 @@
"lib/"
],
"dependencies": {
- "npm-normalize-package-bin": "^2.0.0"
+ "npm-normalize-package-bin": "^3.0.0"
},
"engines": {
- "node": "^12.13.0 || ^14.15.0 || >=16.0.0"
+ "node": "^14.17.0 || ^16.13.0 || >=18.0.0"
},
"templateOSS": {
"//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.",
- "version": "3.5.0"
+ "version": "4.5.1"
+ },
+ "tap": {
+ "nyc-arg": [
+ "--exclude",
+ "tap-snapshots/**"
+ ]
}
}
diff --git a/release-please-config.json b/release-please-config.json
new file mode 100644
index 0000000..73d1e35
--- /dev/null
+++ b/release-please-config.json
@@ -0,0 +1,36 @@
+{
+ "exclude-packages-from-root": true,
+ "group-pull-request-title-pattern": "chore: release ${version}",
+ "pull-request-title-pattern": "chore: release${component} ${version}",
+ "changelog-sections": [
+ {
+ "type": "feat",
+ "section": "Features",
+ "hidden": false
+ },
+ {
+ "type": "fix",
+ "section": "Bug Fixes",
+ "hidden": false
+ },
+ {
+ "type": "docs",
+ "section": "Documentation",
+ "hidden": false
+ },
+ {
+ "type": "deps",
+ "section": "Dependencies",
+ "hidden": false
+ },
+ {
+ "type": "chore",
+ "hidden": true
+ }
+ ],
+ "packages": {
+ ".": {
+ "package-name": ""
+ }
+ }
+}
Debdiff
File lists identical (after any substitutions)
No differences were encountered in the control files