chore: use @npmcli/template-oss

This adds `@npmcli/template-oss` to manage GitHub Actions, linting, and other chores. It specifically pins to the latest version of the library in order to allow for the following manual changes: - Files outside of `lib/` to avoid breaking public API - Keeping engines (and testing) on `>=10` - Installs `npm@7` in CI to work with node 10 This surfaced a few bugs which I opted to fix in separate issues: - #432 - #434
npm · Feb 26, 2022 · e628d22 · e628d22
1 parent cb1ca1d
commit e628d22
Show file tree

Hide file tree

Showing 71 changed files with 1,019 additions and 8,834 deletions.
diff --git a/.commitlintrc.js b/.commitlintrc.js
@@ -0,0 +1,11 @@
+// This file is automatically added by @npmcli/template-oss. Do not edit.
+
+module.exports = {
+  extends: ['@commitlint/config-conventional'],
+  // If you change rules be sure to also update release-please.yml
+  rules: {
+    'type-enum': [2, 'always', ['feat', 'fix', 'docs', 'chore', 'deps']],
+    'header-max-length': [2, 'always', 80],
+    'subject-case': [0, 'always', ['lower-case', 'sentence-case', 'start-case']],
+  },
+}
diff --git a/.eslintrc.js b/.eslintrc.js
@@ -0,0 +1,14 @@
+// This file is automatically added by @npmcli/template-oss. Do not edit.
+
+const { readdirSync: readdir } = require('fs')
+
+const localConfigs = readdir(__dirname)
+  .filter((file) => file.startsWith('.eslintrc.local.'))
+  .map((file) => `./${file}`)
+
+module.exports = {
+  extends: [
+    '@npmcli',
+    ...localConfigs,
+  ],
+}
diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
@@ -0,0 +1 @@
+*	@npm/cli-team
diff --git a/.github/ISSUE_TEMPLATE/bug.yml b/.github/ISSUE_TEMPLATE/bug.yml
@@ -0,0 +1,54 @@
+# This file is automatically added by @npmcli/template-oss. Do not edit.
+
+name: Bug
+description: File a bug/issue
+title: "[BUG] <title>"
+labels: [Bug, Needs Triage]
+body:
+- type: checkboxes
+  attributes:
+    label: Is there an existing issue for this?
+    description: Please [search here](./issues) to see if an issue already exists for your problem.
+    options:
+    - label: I have searched the existing issues
+      required: true
+- type: textarea
+  attributes:
+    label: Current Behavior
+    description: A clear & concise description of what you're experiencing.
+  validations:
+    required: false
+- type: textarea
+  attributes:
+    label: Expected Behavior
+    description: A clear & concise description of what you expected to happen.
+  validations:
+    required: false
+- type: textarea
+  attributes:
+    label: Steps To Reproduce
+    description: Steps to reproduce the behavior.
+    value: |
+      1. In this environment...
+      2. With this config...
+      3. Run '...'
+      4. See error...
+  validations:
+    required: false
+- type: textarea
+  attributes:
+    label: Environment
+    description: |
+      examples:
+        - **npm**: 7.6.3
+        - **Node**: 13.14.0
+        - **OS**: Ubuntu 20.04
+        - **platform**: Macbook Pro
+    value: |
+        - npm:
+        - Node:
+        - OS:
+        - platform:
+  validations:
+    required: false
+
diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml
@@ -0,0 +1,3 @@
+# This file is automatically added by @npmcli/template-oss. Do not edit.
+
+blank_issues_enabled: true
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -0,0 +1,16 @@
+# This file is automatically added by @npmcli/template-oss. Do not edit.
+
+version: 2
+updates:
+- package-ecosystem: npm
+  directory: "/"
+  schedule:
+    interval: daily
+  allow:
+    - dependency-type: direct
+  versioning-strategy: increase
+  commit-message:
+    prefix: deps
+    prefix-development: chore
+  labels:
+    - "Dependencies"
diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml
@@ -0,0 +1,23 @@
+# This file is automatically added by @npmcli/template-oss. Do not edit.
+
+name: Audit
+
+on:
+  schedule:
+    # "At 01:00 on Monday" https://crontab.guru/#0_1_*_*_1
+    - cron: "0 1 * * 1"
+  workflow_dispatch:
+
+jobs:
+  audit:
+    name: npm audit
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/setup-node@v2
+        with:
+          node-version: '16'
+      - name: Install deps
+        run: npm i --package-lock
+      - name: Audit
+        run: npm audit
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -0,0 +1,66 @@
+# This file is automatically added by @npmcli/template-oss. Do not edit.
+
+name: CI
+
+on:
+  pull_request:
+  push:
+    branches:
+      - main
+      - latest
+  schedule:
+    # "At 02:00 on Monday" https://crontab.guru/#0_2_*_*_1
+    - cron: "0 2 * * 1"
+
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/setup-node@v2
+        with:
+          node-version: '16'
+      - run: npm i --prefer-online -g npm@latest
+      - run: npm i
+      - run: npm run lint
+
+  test:
+    strategy:
+      fail-fast: false
+      matrix:
+        node-version: [10.0.0, 10.x, 12.13.0, 12.x, 14.15.0, 14.x, 16.13.0, 16.x]
+        platform:
+        - os: ubuntu-latest
+          shell: bash
+        - os: macos-latest
+          shell: bash
+        - os: windows-latest
+          shell: cmd
+    runs-on: ${{ matrix.platform.os }}
+    defaults:
+      run:
+        shell: ${{ matrix.platform.shell }}
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/setup-node@v2
+        with:
+          node-version: ${{ matrix.node-version }}
+        # node 12 and 14 ship with npm@6, which is known to fail when updating itself in windows
+      - name: Update to workable npm (windows)
+        if: matrix.platform.os == 'windows-latest' && (startsWith(matrix.node-version, '12') || startsWith(matrix.node-version, '14'))
+        run: |
+          curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz
+          tar xf npm-7.5.4.tgz
+          cd package
+          node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz
+          cd ..
+          rmdir /s /q package
+      - name: Update to npm7 on node 10
+        if: startsWith(matrix.node-version, '10')
+        run: npm i --prefer-online --no-fund --no-audit -g npm@^7
+      - name: Update npm
+        if: startsWith(matrix.node-version, '10') == false
+        run: npm i --prefer-online --no-fund --no-audit -g npm@latest
+      - run: npm -v
+      - run: npm i
+      - run: npm test --ignore-scripts
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -0,0 +1,38 @@
+# This file is automatically added by @npmcli/template-oss. Do not edit.
+
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ main ]
+  schedule:
+    # "At 03:00 on Monday" https://crontab.guru/#0_3_*_*_1
+    - cron: "0 3 * * 1"
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'javascript' ]
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v2
+
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v1
+      with:
+        languages: ${{ matrix.language }}
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v1
diff --git a/.github/workflows/post-dependabot.yml b/.github/workflows/post-dependabot.yml
@@ -0,0 +1,31 @@
+# This file is automatically added by @npmcli/template-oss. Do not edit.
+
+name: "Post Dependabot Actions"
+on: pull_request
+
+jobs:
+  Install:
+    runs-on: ubuntu-latest
+    if: ${{ github.actor == 'dependabot[bot]' }}
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/setup-node@v2
+        with:
+          node-version: '16'
+      - name: Dependabot metadata
+        id: metadata
+        uses: dependabot/fetch-metadata@v1.1.1
+        with:
+          github-token: "${{ secrets.GITHUB_TOKEN }}"
+      - name: npm install and commit
+        if: ${{contains(steps.metadata.outputs.dependency-names, '@npmcli/template-oss')}}
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          git config --local user.email "ops+npm-cli@npmjs.com"
+          git config --local user.name "npm cli ops bot"
+          gh pr checkout ${{ github.event.pull_request.number }}
+          npm install
+          git add .
+          git commit -am "chore: postinstall for dependabot template-oss PR"
+          git push
diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml
@@ -0,0 +1,27 @@
+# This file is automatically added by @npmcli/template-oss. Do not edit.
+
+name: Pull Request Linting
+
+on:
+  pull_request:
+    types: [opened, reopened, edited, synchronize]
+
+jobs:
+  check:
+    name: Check PR Title or Commits
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+      - uses: actions/setup-node@v2
+        with:
+          node-version: '16'
+      - name: Install deps
+        run: |
+          npm i -D @commitlint/cli @commitlint/config-conventional
+      - name: Check commits OR PR title
+        env:
+          PR_TITLE: ${{ github.event.pull_request.title }}
+        run: |
+          npx commitlint -x @commitlint/config-conventional -V --from origin/main --to ${{ github.event.pull_request.head.sha }} || echo $PR_TITLE | npx commitlint -x @commitlint/config-conventional -V
diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml
@@ -0,0 +1,25 @@
+# This file is automatically added by @npmcli/template-oss. Do not edit.
+
+name: Release Please
+
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  release-please:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: google-github-actions/release-please-action@v2
+        id: release
+        with:
+          package-name: conventional-test
+          release-type: node
+          # If you change changelog-types be sure to also update commitlintrc.js
+          changelog-types: >
+            [{"type":"feat","section":"Features","hidden":false},
+            {"type":"fix","section":"Bug Fixes","hidden":false},
+            {"type":"docs","section":"Documentation","hidden":false},
+            {"type":"deps","section":"Dependencies","hidden":false},
+            {"type":"chore","hidden":true}]
diff --git a/.gitignore b/.gitignore
@@ -1,5 +1,32 @@
-/node_modules
-.*.swp
-coverage/
-.nyc_output/
-.idea
+# This file is automatically added by @npmcli/template-oss. Do not edit.
+
+# ignore everything in the root
+/*
+
+# keep these
+!/.commitlintrc.js
+!/.npmrc
+!/.eslintrc*
+!/.github
+!**/.gitignore
+!/package.json
+!/docs
+!/bin
+!/lib
+!/map.js
+!/tap-snapshots
+!/test
+!/scripts
+!/README*
+!/LICENSE*
+!/SECURITY*
+!/CHANGELOG*
+
+# dont make breaking changes for semver
+!/classes
+!/functions
+!/internal
+!/ranges
+!/preload.js
+!/index.js
+!/range.bnf
diff --git a/.npmrc b/.npmrc
@@ -0,0 +1,3 @@
+;This file is automatically added by @npmcli/template-oss. Do not edit.
+
+package-lock=false
diff --git a/.travis.yml b/.travis.yml
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,4 +1,4 @@
-# changes log
+# CHANGELOG
 
 ## 7.3.0
 

diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
diff --git a/SECURITY.md b/SECURITY.md
@@ -0,0 +1,3 @@
+<!-- This file is automatically added by @npmcli/template-oss. Do not edit. -->
+
+Please send vulnerability reports through [hackerone](https://hackerone.com/github).