@semantic-release/github
Advanced tools
Comparing version 2.1.0 to 2.2.0
@@ -1,8 +0,11 @@ | ||
const {basename} = require('path'); | ||
const {basename, extname} = require('path'); | ||
const {parse} = require('url'); | ||
const {stat} = require('fs-extra'); | ||
const {stat, readFile} = require('fs-extra'); | ||
const {isPlainObject} = require('lodash'); | ||
const parseGithubUrl = require('parse-github-url'); | ||
const GitHubApi = require('github'); | ||
const pEachSeries = require('p-each-series'); | ||
const debug = require('debug')('semantic-release:publish-github'); | ||
const pReduce = require('p-reduce'); | ||
const mime = require('mime'); | ||
const debug = require('debug')('semantic-release:github'); | ||
const globAssets = require('./glob-assets.js'); | ||
const resolveConfig = require('./resolve-config'); | ||
@@ -29,2 +32,3 @@ | ||
await github.gitdata.getReference({owner, repo, ref: `tags/${gitTag}`}); | ||
debug('The git tag %o already exists', gitTag); | ||
} catch (err) { | ||
@@ -35,14 +39,17 @@ // If the error is 404, the tag doesn't exist, otherwise it's an error | ||
} | ||
debug('Create git tag %o with commit %o', ref, gitHead); | ||
debug('Create git tag %o with commit %o', gitTag, gitHead); | ||
await github.gitdata.createReference({owner, repo, ref, sha: gitHead}); | ||
} | ||
const {data: {id, html_url}} = await github.repos.createRelease(release); // eslint-disable-line camelcase | ||
logger.log('Published Github release: %s', html_url); | ||
const {data: {html_url: htmlUrl, upload_url: uploadUrl}} = await github.repos.createRelease(release); | ||
logger.log('Published Github release: %s', htmlUrl); | ||
if (assets && assets.length > 0) { | ||
const globbedAssets = await globAssets(assets); | ||
debug('globed assets: %o', globbedAssets); | ||
// Make requests serially to avoid hitting the rate limit (https://developer.github.com/v3/guides/best-practices-for-integrators/#dealing-with-abuse-rate-limits) | ||
await pEachSeries(assets, async asset => { | ||
const filePath = typeof asset === 'object' ? asset.path : asset; | ||
await pReduce(globbedAssets, async (_, asset) => { | ||
const filePath = isPlainObject(asset) ? asset.path : asset; | ||
let file; | ||
try { | ||
@@ -58,14 +65,25 @@ file = await stat(filePath); | ||
} | ||
const fileName = asset.name || basename(filePath); | ||
const upload = {owner, repo, id, filePath, name: fileName}; | ||
const upload = { | ||
owner, | ||
repo, | ||
url: uploadUrl, | ||
file: await readFile(filePath), | ||
contentType: mime.getType(extname(fileName)) || 'text/plain', | ||
contentLength: file.size, | ||
name: fileName, | ||
}; | ||
debug('file path: %o', filePath); | ||
debug('file name: %o', fileName); | ||
if (asset.label) { | ||
if (isPlainObject(asset) && asset.label) { | ||
upload.label = asset.label; | ||
} | ||
const {data: {browser_download_url}} = await github.repos.uploadAsset(upload); // eslint-disable-line camelcase | ||
logger.log('Published file %s', browser_download_url); | ||
const {data: {browser_download_url: downloadUrl}} = await github.repos.uploadAsset(upload); | ||
logger.log('Published file %s', downloadUrl); | ||
}); | ||
} | ||
}; |
@@ -0,1 +1,3 @@ | ||
const {castArray} = require('lodash'); | ||
module.exports = ({githubToken, githubUrl, githubApiPathPrefix, assets}) => ({ | ||
@@ -5,3 +7,3 @@ githubToken: githubToken || process.env.GH_TOKEN || process.env.GITHUB_TOKEN, | ||
githubApiPathPrefix: githubApiPathPrefix || process.env.GH_PREFIX || process.env.GITHUB_PREFIX, | ||
assets: assets ? (Array.isArray(assets) ? assets : [assets]) : assets, | ||
assets: assets ? castArray(assets) : assets, | ||
}); |
const {parse} = require('url'); | ||
const {isString, isPlainObject, isUndefined, isArray} = require('lodash'); | ||
const parseGithubUrl = require('parse-github-url'); | ||
@@ -14,10 +15,14 @@ const GitHubApi = require('github'); | ||
if (assets && assets.length > 0) { | ||
// Verify that every asset is either a string or an object with path attribute defined | ||
if (!assets.every(asset => typeof asset === 'string' || (typeof asset === 'object' && Boolean(asset.path)))) { | ||
throw new SemanticReleaseError( | ||
'The "assets" options must be an Array of strings or objects with a path property.', | ||
'EINVALIDASSETS' | ||
); | ||
} | ||
if ( | ||
!isUndefined(assets) && | ||
assets !== false && | ||
!( | ||
isArray(assets) && | ||
assets.every(asset => isStringOrStringArray(asset) || (isPlainObject(asset) && isStringOrStringArray(asset.path))) | ||
) | ||
) { | ||
throw new SemanticReleaseError( | ||
'The "assets" options must be an Array of Strings or Objects with a path property.', | ||
'EINVALIDASSETS' | ||
); | ||
} | ||
@@ -57,1 +62,5 @@ | ||
}; | ||
function isStringOrStringArray(value) { | ||
return isString(value) || (isArray(value) && value.every(isString)); | ||
} |
@@ -1,1 +0,1 @@ | ||
{"name":"@semantic-release/github","description":"Set of semantic-release plugins for publishing a Github release","version":"2.1.0","author":"Pierre Vanduynslager (https://twitter.com/@pvdlg_)","bugs":{"url":"https://github.com/semantic-release/github/issues"},"config":{"commitizen":{"path":"cz-conventional-changelog"}},"contributors":["Stephan Bönnemann <stephan@boennemann.me> (http://boennemann.me)","Gregor Martynus (https://twitter.com/gr2m)"],"dependencies":{"@semantic-release/error":"^2.1.0","debug":"^3.1.0","fs-extra":"^4.0.2","github":"^12.0.5","p-each-series":"^1.0.0","parse-github-url":"^1.0.1"},"devDependencies":{"ava":"^0.24.0","clear-module":"^2.1.0","codecov":"^3.0.0","commitizen":"^2.9.6","cz-conventional-changelog":"^2.0.0","eslint-config-prettier":"^2.8.0","eslint-plugin-prettier":"^2.3.0","nock":"^9.1.0","nyc":"^11.2.1","prettier":"~1.8.2","semantic-release":"^10.0.0","sinon":"^4.0.0","xo":"^0.18.2"},"engines":{"node":">=4"},"files":["lib","index.js"],"homepage":"https://github.com/semantic-release/github#readme","keywords":["git","github","publish","release","semantic-release","version"],"license":"MIT","main":"index.js","nyc":{"include":["lib/**/*.js","index.js"],"reporter":["json","text","html"],"all":true},"prettier":{"printWidth":120,"singleQuote":true,"bracketSpacing":false,"trailingComma":"es5"},"publishConfig":{"access":"public"},"repository":{"type":"git","url":"https://github.com/semantic-release/github.git"},"scripts":{"cm":"git-cz","codecov":"codecov -f coverage/coverage-final.json","lint":"xo","pretest":"npm run lint","semantic-release":"semantic-release","test":"nyc ava -v"},"xo":{"extends":["prettier"],"plugins":["prettier"],"rules":{"prettier/prettier":2}}} | ||
{"name":"@semantic-release/github","description":"Set of semantic-release plugins for publishing a Github release","version":"2.2.0","author":"Pierre Vanduynslager (https://twitter.com/@pvdlg_)","bugs":{"url":"https://github.com/semantic-release/github/issues"},"config":{"commitizen":{"path":"cz-conventional-changelog"}},"contributors":["Stephan Bönnemann <stephan@boennemann.me> (http://boennemann.me)","Gregor Martynus (https://twitter.com/gr2m)"],"dependencies":{"@semantic-release/error":"^2.1.0","debug":"^3.1.0","fs-extra":"^4.0.2","github":"^13.0.0","globby":"^7.1.1","lodash":"^4.17.4","mime":"^2.0.3","p-reduce":"^1.0.0","parse-github-url":"^1.0.1"},"devDependencies":{"ava":"^0.24.0","clear-module":"^2.1.0","codecov":"^3.0.0","commitizen":"^2.9.6","cz-conventional-changelog":"^2.0.0","eslint-config-prettier":"^2.8.0","eslint-plugin-prettier":"^2.3.0","nock":"^9.1.0","nyc":"^11.2.1","prettier":"~1.8.2","semantic-release":"^10.0.0","sinon":"^4.0.0","xo":"^0.18.2"},"engines":{"node":">=4"},"files":["lib","index.js"],"homepage":"https://github.com/semantic-release/github#readme","keywords":["git","github","publish","release","semantic-release","version"],"license":"MIT","main":"index.js","nyc":{"include":["lib/**/*.js","index.js"],"reporter":["json","text","html"],"all":true},"prettier":{"printWidth":120,"singleQuote":true,"bracketSpacing":false,"trailingComma":"es5"},"publishConfig":{"access":"public"},"repository":{"type":"git","url":"https://github.com/semantic-release/github.git"},"scripts":{"cm":"git-cz","codecov":"codecov -f coverage/coverage-final.json","lint":"xo","pretest":"npm run lint","semantic-release":"semantic-release","test":"nyc ava -v"},"xo":{"extends":["prettier"],"plugins":["prettier"],"rules":{"prettier/prettier":2}}} |
@@ -11,55 +11,71 @@ # @semantic-release/github | ||
Verify the presence and the validity of the `githubToken` (set via option or environment variable). | ||
Verify the presence and the validity of the `githubToken` (set via option or environment variable) and the `assets` option configuration. | ||
### Options | ||
## publish | ||
| Option | Description | Default | | ||
| --------------------- | --------------------------------------------------------- | ------------------------------------------------------ | | ||
| `githubToken` | **Required.** The token used to authenticate with GitHub. | `process.env.GH_TOKEN` or `process.env.GITHUB_TOKEN` | | ||
| `githubUrl` | The GitHub Enterprise endpoint. | `process.env.GH_URL` or `process.env.GITHUB_URL` | | ||
| `githubApiPathPrefix` | The GitHub Enterprise API prefix. | `process.env.GH_PREFIX` or `process.env.GITHUB_PREFIX` | | ||
Publish a [Github release](https://help.github.com/articles/about-releases), optionnaly uploading files. | ||
## publish | ||
## Configuration | ||
Publish a [Github release](https://help.github.com/articles/about-releases). | ||
### Github Repository authentication | ||
The `Github` authentication configuration is **required** and can be set via [environment variables](#environment-variables). | ||
Only the [personal token](https://help.github.com/articles/creating-a-personal-access-token-for-the-command-line) authentication is supported. | ||
### Environment variables | ||
| Variable | Description | | ||
| ------------------------------ | ----------------------------------------------------------| | ||
| `GH_TOKEN` or `GITHUB_TOKEN` | **Required.** The token used to authenticate with GitHub. | | ||
| `GH_URL` or `GITHUB_URL` | The GitHub Enterprise endpoint. | | ||
| `GH_PREFIX` or `GITHUB_PREFIX` | The GitHub Enterprise API prefix. | | ||
### Options | ||
| Option | Description | Default | | ||
| --------------------- | --------------------------------------------------------- | ------------------------------------------------------ | | ||
| `githubToken` | **Required.** The token used to authenticate with GitHub. | `process.env.GH_TOKEN` or `process.env.GITHUB_TOKEN` | | ||
| `githubUrl` | The GitHub Enterprise endpoint. | `process.env.GH_URL` or `process.env.GITHUB_URL` | | ||
| `githubApiPathPrefix` | The GitHub Enterprise API prefix. | `process.env.GH_PREFIX` or `process.env.GITHUB_PREFIX` | | ||
| `assets` | An array of files to upload to the release. | - | ||
| Option | Description | Default | | ||
| --------------------- | ------------------------------------------------------------------ | ---------------------------------------------------- | | ||
| `githubToken` | **Required.** The token used to authenticate with GitHub. | `GH_TOKEN` or `GITHUB_TOKEN` environment variable. | | ||
| `githubUrl` | The GitHub Enterprise endpoint. | `GH_URL` or `GITHUB_URL` environment variable. | | ||
| `githubApiPathPrefix` | The GitHub Enterprise API prefix. | `GH_PREFIX` or `GITHUB_PREFIX` environment variable. | | ||
| `assets` | An array of files to upload to the release. See [assets](#assets). | - | | ||
#### assets option | ||
#### `assets` | ||
Each element of the array can be a path to the file or an `object` with the properties: | ||
Can be a [glob](https://github.com/isaacs/node-glob#glob-primer) or and `Array` of [globs](https://github.com/isaacs/node-glob#glob-primer) and `Object`s with the following properties | ||
| Property | Description | Default | | ||
| -------- | ------------------------------------------------------------------------ | ------------------------------------ | | ||
| `path` | **Required.** The file path to upload relative to the project directory. | - | | ||
| `name` | The name of the downloadable file on the Github release. | File name extracted from the `path`. | | ||
| `label` | Short description of the file displayed on the Github release. | - | | ||
| Property | Description | Default | | ||
| -------- | -------------------------------------------------------------------------------------------------------- | ------------------------------------ | | ||
| `path` | **Required.** A [glob](https://github.com/isaacs/node-glob#glob-primer) to identify the files to upload. | - | | ||
| `name` | The name of the downloadable file on the Github release. | File name extracted from the `path`. | | ||
| `label` | Short description of the file displayed on the Github release. | - | | ||
## Configuration | ||
Each entry in the `assets` `Array` is globbed individually. A [glob](https://github.com/isaacs/node-glob#glob-primer) can be a `String` (`"dist/**/*.js"` or `"dist/mylib.js"`) or an `Array` of `String`s that will be globbed together (`["dist/**", "!**/*.css"]`). | ||
If a directory is configured, all the files under this directory and its children will be included. | ||
Files can be included enven if they have a match in `.gitignore`. | ||
##### `assets` examples | ||
`'dist/*.js'`: include all the `js` files in the `dist` directory, but not in its sub-directories. | ||
`[['dist', '!**/*.css']]`: include all the files in the `dist` directory and its sub-directories excluding the `css` files. | ||
`[{path: 'dist/MyLibrary.js', label: 'MyLibrary JS distribution'}, {path: 'dist/MyLibrary.css', label: 'MyLibrary CSS distribution'}]`: include the `dist/MyLibrary.js` and `dist/MyLibrary.css` files, and label them `MyLibrary JS distribution` and `MyLibrary CSS distribution` in the Github release. | ||
`[['dist/**/*.{js,css}', '!**/*.min.*'], {path: 'build/MyLibrary.zip', label: 'MyLibrary'}]`: include all the `js` and `css` files in the `dist` directory and its sub-directories excluding the minified version, plus the `build/MyLibrary.zip` file and label it `MyLibrary` in the Github release. | ||
### Usage | ||
The plugins are used by default by [semantic-release](https://github.com/semantic-release/semantic-release) so no specific configuration is requiered if `githubToken`, `githubUrl` and `githubApiPathPrefix` are set via environment variable. | ||
Each individual plugin can be disabled, replaced or used with other plugins in the `package.json`: | ||
```json | ||
{ | ||
"release": { | ||
"verifyConditions": ["@semantic-release/github", "verify-other-condition"], | ||
"getLastRelease": "custom-get-last-release", | ||
"publish": [ | ||
"custom-publish", | ||
{ | ||
"path": "@semantic-release/github", | ||
"assets": [ | ||
{"path": "dist/asset.min.css", "label": "CSS distribution"}, | ||
{"path": "dist/asset.min.js", "label": "JS distribution"} | ||
] | ||
} | ||
] | ||
"verifyConditions": ["@semantic-release/github", "@semantic-release/npm", "verify-other-condition"], | ||
"getLastRelease": "@semantic-release/npm", | ||
"publish": ["@semantic-release/npm", "@semantic-release/github", "other-publish"] | ||
} | ||
@@ -69,3 +85,4 @@ } | ||
The same configuration for Github Enterprise: | ||
Options can be set within the plugin definition in the `semantic-release` configuration file: | ||
```json | ||
@@ -75,2 +92,3 @@ { | ||
"verifyConditions": [ | ||
"@semantic-release/npm", | ||
{ | ||
@@ -83,5 +101,4 @@ "path": "@semantic-release/github", | ||
], | ||
"getLastRelease": "custom-get-last-release", | ||
"publish": [ | ||
"custom-publish", | ||
"@semantic-release/npm", | ||
{ | ||
@@ -88,0 +105,0 @@ "path": "@semantic-release/github", |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 6 instances in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
18543
8
210
113
9
7
+ Addedglobby@^7.1.1
+ Addedlodash@^4.17.4
+ Addedmime@^2.0.3
+ Addedp-reduce@^1.0.0
+ Addedarray-union@1.0.2(transitive)
+ Addedarray-uniq@1.0.3(transitive)
+ Addedbalanced-match@1.0.2(transitive)
+ Addedbrace-expansion@1.1.11(transitive)
+ Addedconcat-map@0.0.1(transitive)
+ Addeddir-glob@2.2.2(transitive)
+ Addedfs.realpath@1.0.0(transitive)
+ Addedgithub@13.1.1(transitive)
+ Addedglob@7.2.3(transitive)
+ Addedglobby@7.1.1(transitive)
+ Addedignore@3.3.10(transitive)
+ Addedinflight@1.0.6(transitive)
+ Addedinherits@2.0.4(transitive)
+ Addedis-stream@1.1.0(transitive)
+ Addedminimatch@3.1.2(transitive)
+ Addedonce@1.4.0(transitive)
+ Addedpath-is-absolute@1.0.1(transitive)
+ Addedpath-type@3.0.0(transitive)
+ Addedpify@3.0.0(transitive)
+ Addedproxy-from-env@1.1.0(transitive)
+ Addedslash@1.0.0(transitive)
+ Addedurl-template@2.0.8(transitive)
+ Addedwrappy@1.0.2(transitive)
- Removedp-each-series@^1.0.0
- Removedfollow-redirects@1.2.6(transitive)
- Removedgithub@12.1.0(transitive)
- Removednetrc@0.1.4(transitive)
- Removedp-each-series@1.0.0(transitive)
Updatedgithub@^13.0.0