From d37a27485f9270e6f4adc6495a316574e26f1763 Mon Sep 17 00:00:00 2001 From: Geo Bosincianu Date: Thu, 14 Oct 2021 15:06:00 +0300 Subject: [PATCH] fix(build): previous bump with several dep versions chore(ownership): add "frontenders" to maintainers Repo owners: @Tradeshift/docsapi Fix set-value vulnerability Upgrade tradeshift-scripts to 3.0.1 npm audit fix fix(deps): ZTN-5885 ZTN-5555 Bump tradeshift-scripts chore: regenerate package-lock to fix ZTN-ZTN-6792 SRE-2491 Set correct repo owner chore(deps): bump elliptic from 6.5.2 to 6.5.3 chore(deps): bump ini from 1.3.5 to 1.3.8 chore(deps): bump tmpl from 1.0.4 to 1.0.5 chore(deps): bump semver-regex from 3.1.2 to 3.1.3 --- .github/workflows/commit-lint.yml | 25 ------- .github/workflows/main.yml | 118 ------------------------------ .github/workflows/npm-publish.yml | 65 ---------------- .github/workflows/pr-sonar.yml | 25 ------- 4 files changed, 233 deletions(-) delete mode 100644 .github/workflows/commit-lint.yml delete mode 100644 .github/workflows/main.yml delete mode 100644 .github/workflows/npm-publish.yml delete mode 100644 .github/workflows/pr-sonar.yml diff --git a/.github/workflows/commit-lint.yml b/.github/workflows/commit-lint.yml deleted file mode 100644 index a8678fa..0000000 --- a/.github/workflows/commit-lint.yml +++ /dev/null @@ -1,25 +0,0 @@ -name: Semantic release -on: [pull_request] - -jobs: - semantic-release: - runs-on: self-hosted - steps: - - uses: actions/checkout@v2 - with: - fetch-depth: 0 - - name: Dry-run release - uses: tradeshift/actions-semantic-release@v1 - id: semantic-release - with: - branches: | - [ - 'master' - ] - dry_run: true - check_name: Semantic release - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - name: Lint commit messages - uses: tradeshift/commitlint-github-action@v3 diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml deleted file mode 100644 index 6eec9ff..0000000 --- a/.github/workflows/main.yml +++ /dev/null @@ -1,118 +0,0 @@ -name: Test & release - -on: [push] - -jobs: - validate: - name: Build and test - runs-on: ubuntu-latest - timeout-minutes: 10 - strategy: - matrix: - node: [12, 14] - steps: - - name: ⬇️ Checkout repo - uses: actions/checkout@v2 - - - name: ⎔ Setup node - uses: actions/setup-node@v2 - with: - node-version: ${{ matrix.node }} - registry-url: 'https://npm.pkg.github.com' - cache: 'npm' - - - name: 📥 Download deps - run: npm install - env: - NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} - - - name: ▶️ Run validate script - run: npm run validate - - - name: Publish Test Report - uses: tradeshift/action-junit-report@v1 - if: ${{ always() }} - with: - check_name: Unit tests - report_paths: 'build/junit**/*.xml' - github_token: ${{ secrets.GITHUB_TOKEN }} - - crossbrowser-test: - name: Crossbrowser test - runs-on: ubuntu-latest - timeout-minutes: 10 - steps: - - name: ⬇️ Checkout repo - uses: actions/checkout@v2 - - - name: ⎔ Setup node - uses: actions/setup-node@v2 - with: - node-version: 14 - registry-url: 'https://npm.pkg.github.com' - cache: 'npm' - - - name: 📥 Download deps - run: npm install - env: - NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} - - - name: ▶️ Run test - run: npm run test:integration - env: - BROWSERSTACK_USER: ${{ secrets.BROWSERSTACK_USER }} - BROWSERSTACK_KEY: ${{ secrets.BROWSERSTACK_KEY }} - - - name: Publish Test Report - uses: tradeshift/action-junit-report@v1 - if: ${{ always() }} - with: - check_name: Crossbrowser tests - report_paths: 'build/junit**/*.xml' - github_token: ${{ secrets.GITHUB_TOKEN }} - - release: - name: 🚀 Release - needs: [validate, crossbrowser-test] - runs-on: ubuntu-latest - if: ${{ !github.event.fork && - contains('refs/heads/master,refs/heads/beta,refs/heads/next,refs/heads/alpha', - github.ref) && github.event_name == 'push' }} - steps: - - name: ⬇️ Checkout repo - uses: actions/checkout@v2 - - - name: ⎔ Setup node - uses: actions/setup-node@v2 - with: - node-version: 14 - registry-url: 'https://npm.pkg.github.com' - cache: 'npm' - - - name: 📥 Download deps - run: npm install - env: - NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} - - - name: 🏗 Run build script - run: npm run --if-present build - - - name: 🚀 Release - uses: tradeshift/actions-semantic-release@v1 - id: semantic-release - with: - branches: | - [ - '+([0-9])?(.{+([0-9]),x}).x', - 'master', - 'main', - 'next', - 'next-major', - {name: 'beta', prerelease: true}, - {name: 'alpha', prerelease: true} - ] - registry: https://npm.pkg.github.com/ - npm_publish: true - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/npm-publish.yml b/.github/workflows/npm-publish.yml deleted file mode 100644 index c8ebda2..0000000 --- a/.github/workflows/npm-publish.yml +++ /dev/null @@ -1,65 +0,0 @@ -name: npm publish -on: - issue_comment: - types: [created] - -jobs: - pr_commented: - # This job only runs for pull request comments - name: PR comment - if: github.event.comment.body == 'npm publish' - runs-on: ubuntu-latest - steps: - - name: 👍 Acknowledge - uses: actions/github-script@0.3.0 - with: - github-token: ${{ secrets.GITHUB_TOKEN }} - script: | - const { issue: { number: issue_number }, repo: { owner, repo }, payload } = context; - github.reactions.createForIssueComment({ - owner, - repo, - comment_id: payload.comment.id, - content: '+1', - }); - - - name: ⬇️ Checkout repo - uses: actions/checkout@v2 - - name: ⬇️ Checkout PR - run: | - git fetch origin pull/${{ github.event.issue.number }}/head:pr-find-commit - git checkout pr-find-commit - - - uses: actions/setup-node@v2 - with: - node-version: 14 - registry-url: 'https://npm.pkg.github.com/' - cache: 'npm' - - - name: 📥 Download deps - run: npm install - env: - NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} - - - name: 🏗 Run build script - run: npm run --if-present build - - - name: 📦 Set pre-release version - run: npm version --no-git-tag-version 0.0.0-$(git rev-parse HEAD) - - - name: 🚀 Release - run: npm publish --tag=pre - env: - NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - - name: 'Comment PR' - uses: actions/github-script@0.3.0 - with: - github-token: ${{ secrets.GITHUB_TOKEN }} - script: | - const { issue: { number: issue_number }, repo: { owner, repo } } = context; - const { name: packageName, version } = require(`${process.env.GITHUB_WORKSPACE}/package.json`); - const body = `Pre-release of \`${packageName}\` successfully published :rocket:\n\n` + - `\`\`\`\nnpm install ${packageName}@${version}\n\`\`\`\n\n` + - "Happy testing :tophat:"; - github.issues.createComment({ issue_number, owner, repo, body }); diff --git a/.github/workflows/pr-sonar.yml b/.github/workflows/pr-sonar.yml deleted file mode 100644 index aa3dcc5..0000000 --- a/.github/workflows/pr-sonar.yml +++ /dev/null @@ -1,25 +0,0 @@ -name: Sonarqube scanner -on: - pull_request: - push: - branches: - - master - -jobs: - build: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - name: fetching - if: contains(github.ref, 'pull') - run: | - git fetch origin ${{ github.event.pull_request.head.sha }} - git checkout ${{ github.event.pull_request.head.sha }} - - name: SonarQube Scan - uses: tradeshift/actions-sonarqube@v2 - with: - ca-cert: ${{ secrets.MTLS_CACERT }} - client-cert: ${{ secrets.MTLS_CERT }} - client-key: ${{ secrets.MTLS_KEY }} - token: ${{ secrets.SONAR_TOKEN }} - host: 'https://sonar.ts.sv'