From 3134ee78bdc92a7bcfd395543db57ad76ac16697 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 19 Jul 2023 16:41:24 -0230 Subject: [PATCH 01/13] Bump word-wrap from 1.2.3 to 1.2.4 (#53) Bumps [word-wrap](https://github.com/jonschlinkert/word-wrap) from 1.2.3 to 1.2.4. - [Release notes](https://github.com/jonschlinkert/word-wrap/releases) - [Commits](https://github.com/jonschlinkert/word-wrap/compare/1.2.3...1.2.4) --- updated-dependencies: - dependency-name: word-wrap dependency-type: indirect ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- yarn.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/yarn.lock b/yarn.lock index e121b20..171346f 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1346,9 +1346,9 @@ which@^2.0.1: isexe "^2.0.0" word-wrap@^1.2.3: - version "1.2.3" - resolved "https://registry.yarnpkg.com/word-wrap/-/word-wrap-1.2.3.tgz#610636f6b1f703891bd34771ccb17fb93b47079c" - integrity sha512-Hz/mrNwitNRh/HUAtM/VT/5VH+ygD6DV7mYKZAtHOrbs8U7lvPS6xf7EJKMF0uW1KJCl0H701g3ZGus+muE5vQ== + version "1.2.4" + resolved "https://registry.yarnpkg.com/word-wrap/-/word-wrap-1.2.4.tgz#cb4b50ec9aca570abd1f52f33cd45b6c61739a9f" + integrity sha512-2V81OA4ugVo5pRo46hAoD2ivUJx8jXmWXfUkY4KFNw0hEptvN0QfH3K4nHiwzGeKl5rFKedV48QVoqYavy4YpA== wrappy@1: version "1.0.2" From d66813657de6bd4238ddde017941ef7c5dafdb54 Mon Sep 17 00:00:00 2001 From: ricky Date: Mon, 11 Sep 2023 12:17:54 -0400 Subject: [PATCH 02/13] Update README.md (#54) Update documentation from `target-name` to `subteam` --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 49910a2..a65d338 100644 --- a/README.md +++ b/README.md @@ -55,7 +55,7 @@ We've added the ability to customize the message posted in Slack and those optio - `icon-url` - `username` -- `target-name` +- `subteam` - `channel` example: From cd5b70541e67d4832154bfdb0501b52dd04c976e Mon Sep 17 00:00:00 2001 From: ricky Date: Tue, 12 Sep 2023 15:22:42 -0400 Subject: [PATCH 03/13] Update README.md (#55) Change `target-name` to `subteam` in documentation to reflect changes --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index a65d338..e08348c 100644 --- a/README.md +++ b/README.md @@ -87,5 +87,5 @@ You can read more about these option in the [API](#API) section below - **`icon-url`** _(optional)_. Url to the avatar used for the bot in Slack. If not set this defaults to the avatar in this repository. - **`username`** _(optional)_. The name of the bot as it appears on Slack. If not set this defaults to `MetaMask bot`. -- **`target-name`** _(optional)_. Use this if you want to ping an individual or subset of individuals on Slack using `@`. +- **`subteam`** _(optional)_. Use this if you want to ping a subteam of individuals on Slack using `@`. - **`channel`** _(optional)_. Use this if you want to post to a channel other than the default: `metamask-dev`. From 11e1f5e15b5a6721ee0c5599d9cd9731305e83c4 Mon Sep 17 00:00:00 2001 From: ricky Date: Mon, 18 Sep 2023 17:38:30 -0400 Subject: [PATCH 04/13] Update README.md (#56) remove extra subteam --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index e08348c..b9a2653 100644 --- a/README.md +++ b/README.md @@ -67,7 +67,7 @@ example: icon-url: https://ricky.codes/me.jpg username: rickybot # re subteam, see: https://api.slack.com/reference/surfaces/formatting#mentioning-groups - subteam: subteam: S042S7RE4AE # @metamask-npm-publishers + subteam: S042S7RE4AE # @metamask-npm-publishers channel: dev-channel ``` From d5972c35d09363649ab9fe6403d8b026b73eb5e3 Mon Sep 17 00:00:00 2001 From: Desi McAdam Date: Mon, 12 Feb 2024 07:38:00 -0700 Subject: [PATCH 05/13] Add Shared Libraries team in codeowners file (#59) * Add Shared Libraries team in codeowners file --- .github/CODEOWNERS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 50bea79..d29104f 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1,4 +1,4 @@ # Lines starting with '#' are comments. # Each line is a file pattern followed by one or more owners. -* @MetaMask/devs +* @MetaMask/shared-libraries-engineers From 7c7f7d67d36db3d462e82bf223b54bb5a17e229e Mon Sep 17 00:00:00 2001 From: MetaMask Bot <37885440+metamaskbot@users.noreply.github.com> Date: Thu, 7 Mar 2024 16:35:12 -0500 Subject: [PATCH 06/13] Enabling MetaMask security code scanner (#60) * Enabling security code scanner * Update security code scanner file --- .github/workflows/security-code-scanner.yml | 43 +++++++++++++++++++++ 1 file changed, 43 insertions(+) create mode 100644 .github/workflows/security-code-scanner.yml diff --git a/.github/workflows/security-code-scanner.yml b/.github/workflows/security-code-scanner.yml new file mode 100644 index 0000000..ced0449 --- /dev/null +++ b/.github/workflows/security-code-scanner.yml @@ -0,0 +1,43 @@ +name: 'MetaMask Security Code Scanner' + +on: + push: + branches: ['main'] + pull_request: + branches: ['main'] + +jobs: + run-security-scan: + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + steps: + - name: MetaMask Security Code Scanner + uses: MetaMask/Security-Code-Scanner@main + with: + repo: ${{ github.repository }} + paths_ignored: | + .storybook/ + '**/__snapshots__/' + '**/*.snap' + '**/*.stories.js' + '**/*.stories.tsx' + '**/*.test.browser.ts*' + '**/*.test.js*' + '**/*.test.ts*' + '**/fixtures/' + '**/jest.config.js' + '**/jest.environment.js' + '**/mocks/' + '**/test*/' + docs/ + e2e/ + merged-packages/ + node_modules + storybook/ + test*/ + rules_excluded: example + project_metrics_token: ${{ secrets.SECURITY_SCAN_METRICS_TOKEN }} + slack_webhook: ${{ secrets.APPSEC_BOT_SLACK_WEBHOOK }} From 09d6568cce1358c249a053a84e5653f07f890469 Mon Sep 17 00:00:00 2001 From: Elliot Winkler Date: Fri, 15 Mar 2024 08:55:35 -0600 Subject: [PATCH 07/13] Run linting and testing GitHub workflows on PRs (#62) Currently, code is not automatically linted and tests are not automatically run on pull requests. This happens because the workflows which would perform these steps are not configured to run on pull requests but only on a push to `main`. This PR modifies the workflows to run on the `pull_request` event. --- .github/workflows/shellcheck.yml | 5 ++++- .github/workflows/test-monorepo.yml | 5 ++++- .github/workflows/test-polyrepo.yml | 5 ++++- .github/workflows/test.yml | 5 ++++- 4 files changed, 16 insertions(+), 4 deletions(-) diff --git a/.github/workflows/shellcheck.yml b/.github/workflows/shellcheck.yml index 51c1a14..4af204f 100644 --- a/.github/workflows/shellcheck.yml +++ b/.github/workflows/shellcheck.yml @@ -3,7 +3,10 @@ name: shellcheck permissions: checks: write -on: [push] +on: + push: + branches: [main] + pull_request: jobs: lint: diff --git a/.github/workflows/test-monorepo.yml b/.github/workflows/test-monorepo.yml index 548b778..6e5884d 100644 --- a/.github/workflows/test-monorepo.yml +++ b/.github/workflows/test-monorepo.yml @@ -1,5 +1,8 @@ name: test-monorepo -on: [push] +on: + push: + branches: [main] + pull_request: jobs: # test npm publish dry-run checkout_publish_skunkworks_dry_run: diff --git a/.github/workflows/test-polyrepo.yml b/.github/workflows/test-polyrepo.yml index 074981b..b916917 100644 --- a/.github/workflows/test-polyrepo.yml +++ b/.github/workflows/test-polyrepo.yml @@ -1,5 +1,8 @@ name: test-polyrepo -on: [push] +on: + push: + branches: [main] + pull_request: jobs: # test npm publish dry-run checkout_publish_controllers_dry_run: diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 11c4db4..3e6b187 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -1,5 +1,8 @@ name: test -on: [push] +on: + push: + branches: [main] + pull_request: jobs: test: runs-on: ubuntu-20.04 From 566cd3d45cd317100a238b37c2aa48ba66c5e33d Mon Sep 17 00:00:00 2001 From: ricky Date: Fri, 15 Mar 2024 11:45:38 -0400 Subject: [PATCH 08/13] Disallow publishing packages with version 0.0.0 (#63) --- scripts/publish.sh | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/scripts/publish.sh b/scripts/publish.sh index fff1cbe..77b8c29 100755 --- a/scripts/publish.sh +++ b/scripts/publish.sh @@ -15,12 +15,18 @@ if [[ -z $PUBLISH_NPM_TAG ]]; then exit 1 fi +CURRENT_PACKAGE_VERSION=$(jq --raw-output .version package.json) + +if [[ "$CURRENT_PACKAGE_VERSION" = "0.0.0" ]]; then + echo "Notice: Invalid version: $CURRENT_PACKAGE_VERSION. aborting publish." + exit 0 +fi + # check param, if it's set (monorepo) we check if it's published before proceeding if [[ -n "$1" ]]; then # check if module is published PACKAGE_NAME=$(jq --raw-output .name package.json) LATEST_PACKAGE_VERSION=$(npm view "$PACKAGE_NAME" dist-tags --workspaces false --json | jq --raw-output --arg tag "$PUBLISH_NPM_TAG" '.[$tag]' || echo "") - CURRENT_PACKAGE_VERSION=$(jq --raw-output .version package.json) if [ "$LATEST_PACKAGE_VERSION" = "$CURRENT_PACKAGE_VERSION" ]; then echo "Notice: This module is already published at $CURRENT_PACKAGE_VERSION. aborting publish." From f861a2bcfe16e6678e96161dbfeb37ca907c23da Mon Sep 17 00:00:00 2001 From: Maarten Zuidhoorn Date: Mon, 15 Apr 2024 17:04:08 +0200 Subject: [PATCH 09/13] Fix Yarn 4 compatibility (#65) --- scripts/main.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/main.sh b/scripts/main.sh index c29343f..358d7a4 100755 --- a/scripts/main.sh +++ b/scripts/main.sh @@ -8,7 +8,7 @@ script_path=$( cd "$(dirname "${BASH_SOURCE[0]}")" ; pwd -P ) if [[ "$(jq 'has("workspaces")' package.json)" = "true" ]]; then echo "Notice: workspaces detected. Treating as monorepo." - yarn workspaces foreach --no-private --verbose exec "$script_path/publish.sh true" + yarn workspaces foreach --all --no-private --verbose exec "$script_path/publish.sh true" exit 0 fi From d9462c843b3779d76303a6c85e4e3bd8591f5d59 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 15 Apr 2024 21:44:50 +0200 Subject: [PATCH 10/13] 5.0.0 (#67) * 5.0.0 * Update CHANGELOG.md --------- Co-authored-by: github-actions Co-authored-by: Maarten Zuidhoorn --- CHANGELOG.md | 10 +++++++++- package.json | 2 +- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index e3eb3c2..6b12c47 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,13 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## [Unreleased] +## [5.0.0] +### Changed +- **BREAKING:** Disallow publishing packages with version 0.0.0 ([#63](https://github.com/MetaMask/action-npm-publish/pull/63)) + +### Fixed +- Fix Yarn 4 compatibility ([#65](https://github.com/MetaMask/action-npm-publish/pull/65)) + ## [4.0.1] ### Changed - Use tag to check latest package version ([#51](https://github.com/MetaMask/action-npm-publish/pull/51)) @@ -74,7 +81,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ### Changed - Initial release ([#1](https://github.com/MetaMask/action-npm-publish/pull/1)) -[Unreleased]: https://github.com/MetaMask/action-npm-publish/compare/v4.0.1...HEAD +[Unreleased]: https://github.com/MetaMask/action-npm-publish/compare/v5.0.0...HEAD +[5.0.0]: https://github.com/MetaMask/action-npm-publish/compare/v4.0.1...v5.0.0 [4.0.1]: https://github.com/MetaMask/action-npm-publish/compare/v4.0.0...v4.0.1 [4.0.0]: https://github.com/MetaMask/action-npm-publish/compare/v3.2.0...v4.0.0 [3.2.0]: https://github.com/MetaMask/action-npm-publish/compare/v3.1.1...v3.2.0 diff --git a/package.json b/package.json index e2ddf5f..c953e82 100644 --- a/package.json +++ b/package.json @@ -15,7 +15,7 @@ "url": "https://github.com/MetaMask/action-npm-publish/issues" }, "homepage": "https://github.com/MetaMask/action-npm-publish#readme", - "version": "4.0.1", + "version": "5.0.0", "main": "index.js", "directories": { "test": "test" From 0e5aa5063b359d0b6608cfa0fdd073d9f90b713f Mon Sep 17 00:00:00 2001 From: ricky Date: Tue, 30 Apr 2024 13:12:49 -0400 Subject: [PATCH 11/13] Improve Dry Run Output (#64) * remove dry-run * add reports.sh * add line breaks * add pkdiff steps * use npx * add shell * fix typo * remove bash * use | * use node 16 * remove npx * add shell * add newline * use variable * report (singular) * upload-artifact (singular) --- action.yml | 14 ++++++++++++++ scripts/publish.sh | 4 ++-- scripts/report.sh | 21 +++++++++++++++++++++ 3 files changed, 37 insertions(+), 2 deletions(-) create mode 100755 scripts/report.sh diff --git a/action.yml b/action.yml index 6662212..56f091b 100644 --- a/action.yml +++ b/action.yml @@ -36,6 +36,20 @@ runs: env: YARN_NPM_AUTH_TOKEN: ${{ inputs.npm-token }} PUBLISH_NPM_TAG: ${{ inputs.npm-tag }} + - id: install-pkdiff + shell: bash + run: npm i -g pkdiff + - id: generate-report + shell: bash + if: inputs.npm-token == '' + run: ${{ github.action_path }}/scripts/report.sh + - id: upload-artifact + if: inputs.npm-token == '' + uses: actions/upload-artifact@v4 + with: + path: | + /tmp/*.tgz + /tmp/*.html - id: name-version shell: bash if: inputs.slack-webhook-url != '' diff --git a/scripts/publish.sh b/scripts/publish.sh index 77b8c29..31aa957 100755 --- a/scripts/publish.sh +++ b/scripts/publish.sh @@ -5,8 +5,8 @@ set -e set -o pipefail if [[ -z $YARN_NPM_AUTH_TOKEN ]]; then - echo "Notice: 'npm-token' not set. Running 'yarn pack --dry-run'." - yarn pack --dry-run + echo "Notice: 'npm-token' not set. Running 'yarn pack'." + yarn pack --out /tmp/%s-%v.tgz exit 0 fi diff --git a/scripts/report.sh b/scripts/report.sh new file mode 100755 index 0000000..be2e144 --- /dev/null +++ b/scripts/report.sh @@ -0,0 +1,21 @@ +#!/usr/bin/env bash + +set -x +set -e +set -o pipefail + +directory="/tmp" + +for file in "$directory"/*.tgz; do + if [ -f "$file" ]; then + echo "Processing $file" + basename=$(basename "$file") + name="${basename%-*}" + name_with_slash="${name/-//}" + echo "$name_with_slash" + pkdiff "$name_with_slash@latest" "$file" \ + --no-exit-code \ + --no-open \ + --output "$directory/$basename.html" + fi +done From 2f741325084003a5208fbf8a3525e82419d1b96d Mon Sep 17 00:00:00 2001 From: Elliot Winkler Date: Wed, 8 May 2024 09:32:01 -0600 Subject: [PATCH 12/13] Don't fail overall if Slack announcement fails (#69) Typically, for a project, this action is run twice: once in dry-run mode (to allow approvers to review the package before it is published) and another time to issue the approval step and then actually publish the package. When the action is run in dry-run mode, an announcement on Slack is created in order to notify approvers. If this fails in any way, however, it halts the release workflow completely and prevents the second instance of the action from running. This means that the package can never be released automatically and must be released manually. This commit fix this problem by instructing GitHub Actions that it is not mandatory for the Slack announcement step to pass in order for the release workflow to continue. --- action.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/action.yml b/action.yml index 56f091b..8699454 100644 --- a/action.yml +++ b/action.yml @@ -83,3 +83,4 @@ runs: env: SLACK_WEBHOOK_URL: ${{ inputs.slack-webhook-url }} SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK + continue-on-error: true From 2490387b45b3f5760f0c9cf381019e056993121b Mon Sep 17 00:00:00 2001 From: ricky Date: Thu, 9 May 2024 11:57:40 -0400 Subject: [PATCH 13/13] remove default channel (#73) --- action.yml | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/action.yml b/action.yml index 8699454..c3b169d 100644 --- a/action.yml +++ b/action.yml @@ -25,7 +25,6 @@ inputs: channel: description: 'The Slack channel to post in' required: false - default: 'metamask-dev' runs: using: 'composite' @@ -70,7 +69,7 @@ runs: echo "FINAL_TEXT=$FINAL_TEXT" >> "$GITHUB_OUTPUT" - name: Post to a Slack channel id: slack - if: inputs.slack-webhook-url != '' + if: ${{ inputs.slack-webhook-url != '' && inputs.channel != '' }} uses: slackapi/slack-github-action@007b2c3c751a190b6f0f040e47ed024deaa72844 with: payload: | @@ -80,6 +79,17 @@ runs: "username": "${{ inputs.username }}", "channel": "#${{ inputs.channel }}" } + - name: Post to a default Slack channel + id: slack + if: ${{ inputs.slack-webhook-url != '' && inputs.channel == '' }} + uses: slackapi/slack-github-action@007b2c3c751a190b6f0f040e47ed024deaa72844 + with: + payload: | + { + "text": "${{ steps.final-text.outputs.FINAL_TEXT }}", + "icon_url": "${{ inputs.icon-url }}", + "username": "${{ inputs.username }}" + } env: SLACK_WEBHOOK_URL: ${{ inputs.slack-webhook-url }} SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK