From 07dde042bbdd4a407dbf7f7a5b8ab2d11abdb8c3 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 15 Dec 2023 16:27:25 -0600 Subject: [PATCH 1/7] fix(deps): update dependency cosmiconfig to v9 (#3105) BREAKING CHANGE: if using `release.config.js` as the name of your config file, it needs to be moved to a `.config/` directory. see https://github.com/cosmiconfig/cosmiconfig/releases/tag/v9.0.0 for more detail --- package-lock.json | 92 +++++++++++++++++++++++++++++++++++++++++++---- package.json | 2 +- 2 files changed, 86 insertions(+), 8 deletions(-) diff --git a/package-lock.json b/package-lock.json index 06089ac3..62dc31b0 100644 --- a/package-lock.json +++ b/package-lock.json @@ -15,7 +15,7 @@ "@semantic-release/npm": "^11.0.0", "@semantic-release/release-notes-generator": "^12.0.0", "aggregate-error": "^5.0.0", - "cosmiconfig": "^8.0.0", + "cosmiconfig": "^9.0.0", "debug": "^4.0.0", "env-ci": "^10.0.0", "execa": "^8.0.0", @@ -327,6 +327,33 @@ "dev": true, "optional": true }, + "node_modules/@commitlint/load/node_modules/cosmiconfig": { + "version": "8.3.6", + "resolved": "https://registry.npmjs.org/cosmiconfig/-/cosmiconfig-8.3.6.tgz", + "integrity": "sha512-kcZ6+W5QzcJ3P1Mt+83OUv/oHFqZHIx8DuxG6eZ5RGMERoLqp4BuGjhHLYGK+Kf5XVkQvqBSmAy/nGWN3qDgEA==", + "dev": true, + "optional": true, + "dependencies": { + "import-fresh": "^3.3.0", + "js-yaml": "^4.1.0", + "parse-json": "^5.2.0", + "path-type": "^4.0.0" + }, + "engines": { + "node": ">=14" + }, + "funding": { + "url": "https://github.com/sponsors/d-fischer" + }, + "peerDependencies": { + "typescript": ">=4.9.5" + }, + "peerDependenciesMeta": { + "typescript": { + "optional": true + } + } + }, "node_modules/@commitlint/resolve-extends": { "version": "18.4.3", "resolved": "https://registry.npmjs.org/@commitlint/resolve-extends/-/resolve-extends-18.4.3.tgz", @@ -3327,14 +3354,14 @@ "integrity": "sha512-ZQBvi1DcpJ4GDqanjucZ2Hj3wEO5pZDS89BWbkcrvdxksJorwUDDZamX9ldFkp9aw2lmBDLgkObEA4DWNJ9FYQ==" }, "node_modules/cosmiconfig": { - "version": "8.3.6", - "resolved": "https://registry.npmjs.org/cosmiconfig/-/cosmiconfig-8.3.6.tgz", - "integrity": "sha512-kcZ6+W5QzcJ3P1Mt+83OUv/oHFqZHIx8DuxG6eZ5RGMERoLqp4BuGjhHLYGK+Kf5XVkQvqBSmAy/nGWN3qDgEA==", + "version": "9.0.0", + "resolved": "https://registry.npmjs.org/cosmiconfig/-/cosmiconfig-9.0.0.tgz", + "integrity": "sha512-itvL5h8RETACmOTFc4UfIyB2RfEHi71Ax6E/PivVxq9NseKbOWpeyHEOIbmAw1rs8Ak0VursQNww7lf7YtUwzg==", "dependencies": { + "env-paths": "^2.2.1", "import-fresh": "^3.3.0", "js-yaml": "^4.1.0", - "parse-json": "^5.2.0", - "path-type": "^4.0.0" + "parse-json": "^5.2.0" }, "engines": { "node": ">=14" @@ -3893,7 +3920,6 @@ "version": "2.2.1", "resolved": "https://registry.npmjs.org/env-paths/-/env-paths-2.2.1.tgz", "integrity": "sha512-+h1lkLKhZMTYjog1VEpJNG7NZJWcuc2DDk/qsqSTRRCOXiLjeQ1d1/udrUGhqMxUgAlwKNZ0cf2uqan5GLuS2A==", - "dev": true, "engines": { "node": ">=6" } @@ -7109,6 +7135,32 @@ "node": ">=16.0.0" } }, + "node_modules/lockfile-lint/node_modules/cosmiconfig": { + "version": "8.3.6", + "resolved": "https://registry.npmjs.org/cosmiconfig/-/cosmiconfig-8.3.6.tgz", + "integrity": "sha512-kcZ6+W5QzcJ3P1Mt+83OUv/oHFqZHIx8DuxG6eZ5RGMERoLqp4BuGjhHLYGK+Kf5XVkQvqBSmAy/nGWN3qDgEA==", + "dev": true, + "dependencies": { + "import-fresh": "^3.3.0", + "js-yaml": "^4.1.0", + "parse-json": "^5.2.0", + "path-type": "^4.0.0" + }, + "engines": { + "node": ">=14" + }, + "funding": { + "url": "https://github.com/sponsors/d-fischer" + }, + "peerDependencies": { + "typescript": ">=4.9.5" + }, + "peerDependenciesMeta": { + "typescript": { + "optional": true + } + } + }, "node_modules/lodash": { "version": "4.17.21", "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", @@ -13344,6 +13396,32 @@ "node": "^18.17 || >=20.6.1" } }, + "node_modules/semantic-release/node_modules/cosmiconfig": { + "version": "8.3.6", + "resolved": "https://registry.npmjs.org/cosmiconfig/-/cosmiconfig-8.3.6.tgz", + "integrity": "sha512-kcZ6+W5QzcJ3P1Mt+83OUv/oHFqZHIx8DuxG6eZ5RGMERoLqp4BuGjhHLYGK+Kf5XVkQvqBSmAy/nGWN3qDgEA==", + "peer": true, + "dependencies": { + "import-fresh": "^3.3.0", + "js-yaml": "^4.1.0", + "parse-json": "^5.2.0", + "path-type": "^4.0.0" + }, + "engines": { + "node": ">=14" + }, + "funding": { + "url": "https://github.com/sponsors/d-fischer" + }, + "peerDependencies": { + "typescript": ">=4.9.5" + }, + "peerDependenciesMeta": { + "typescript": { + "optional": true + } + } + }, "node_modules/semver": { "version": "7.5.4", "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", diff --git a/package.json b/package.json index 1e50202c..6b5c788d 100644 --- a/package.json +++ b/package.json @@ -33,7 +33,7 @@ "@semantic-release/npm": "^11.0.0", "@semantic-release/release-notes-generator": "^12.0.0", "aggregate-error": "^5.0.0", - "cosmiconfig": "^8.0.0", + "cosmiconfig": "^9.0.0", "debug": "^4.0.0", "env-ci": "^10.0.0", "execa": "^8.0.0", From abf8ddd9780904a45f0c002608b08ab1901c0014 Mon Sep 17 00:00:00 2001 From: Matt Travi Date: Fri, 15 Dec 2023 16:47:07 -0600 Subject: [PATCH 2/7] ci(verify): avoid uncancellable workflow https://github.com/semantic-release/.github/issues/19#issuecomment-1800963916 for semantic-release/.github#19 --- .github/workflows/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 8c37a306..dd8d238c 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -70,7 +70,7 @@ jobs: needs: - test_dev - test_matrix - if: always() + if: ${{ !cancelled() }} steps: - name: All matrix versions passed if: ${{ !(contains(needs.*.result, 'failure')) }} From 2904832967c9160d3e293ce4be7a12aef0318a95 Mon Sep 17 00:00:00 2001 From: Matt Travi Date: Fri, 15 Dec 2023 17:01:50 -0600 Subject: [PATCH 3/7] feat(node-versions): dropped support for node v18 and raised the minimum for v20 reasoning for the chosen version: https://github.com/semantic-release/gitlab/pull/647#discussion_r1423131205 BREAKING CHANGE: support for node v18 has been dropped and the minimum for v20 is now v20.8.1 related to https://github.com/semantic-release/semantic-release/discussions/3088 --- .github/workflows/test.yml | 4 ++-- package-lock.json | 2 +- package.json | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index dd8d238c..104b59c8 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -25,9 +25,9 @@ jobs: strategy: matrix: node-version: - - 18.17.0 - - 20.6.1 + - 20.8.1 - 20 + - 21 runs-on: ubuntu-latest timeout-minutes: 5 diff --git a/package-lock.json b/package-lock.json index 62dc31b0..b6adb509 100644 --- a/package-lock.json +++ b/package-lock.json @@ -67,7 +67,7 @@ "testdouble": "3.20.1" }, "engines": { - "node": "^18.17 || >=20.6.1" + "node": ">=20.8.1" } }, "node_modules/@babel/code-frame": { diff --git a/package.json b/package.json index 6b5c788d..65083722 100644 --- a/package.json +++ b/package.json @@ -82,7 +82,7 @@ "testdouble": "3.20.1" }, "engines": { - "node": "^18.17 || >=20.6.1" + "node": ">=20.8.1" }, "files": [ "bin", From 0d0ed9d08a26ed5e146fcba5a58d760f7a1ebd02 Mon Sep 17 00:00:00 2001 From: Matt Travi Date: Sat, 16 Dec 2023 10:12:05 -0600 Subject: [PATCH 4/7] fix(deps): upgraded to the latest version of env-ci BREAKING CHANGE: woodpecker ci users need to upgrade to v1.0.0 or higher to remain supported. see https://github.com/semantic-release/env-ci/releases/tag/v11.0.0 for more information --- package-lock.json | 21 +++++++++++++++++---- package.json | 2 +- 2 files changed, 18 insertions(+), 5 deletions(-) diff --git a/package-lock.json b/package-lock.json index b6adb509..bcc83478 100644 --- a/package-lock.json +++ b/package-lock.json @@ -17,7 +17,7 @@ "aggregate-error": "^5.0.0", "cosmiconfig": "^9.0.0", "debug": "^4.0.0", - "env-ci": "^10.0.0", + "env-ci": "^11.0.0", "execa": "^8.0.0", "figures": "^6.0.0", "find-versions": "^5.1.0", @@ -3905,9 +3905,9 @@ } }, "node_modules/env-ci": { - "version": "10.0.0", - "resolved": "https://registry.npmjs.org/env-ci/-/env-ci-10.0.0.tgz", - "integrity": "sha512-U4xcd/utDYFgMh0yWj07R1H6L5fwhVbmxBCpnL0DbVSDZVnsC82HONw0wxtxNkIAcua3KtbomQvIk5xFZGAQJw==", + "version": "11.0.0", + "resolved": "https://registry.npmjs.org/env-ci/-/env-ci-11.0.0.tgz", + "integrity": "sha512-apikxMgkipkgTvMdRT9MNqWx5VLOci79F4VBd7Op/7OPjjoanjdAvn6fglMCCEf/1bAh8eOiuEVCUs4V3qP3nQ==", "dependencies": { "execa": "^8.0.0", "java-properties": "^1.0.2" @@ -13422,6 +13422,19 @@ } } }, + "node_modules/semantic-release/node_modules/env-ci": { + "version": "10.0.0", + "resolved": "https://registry.npmjs.org/env-ci/-/env-ci-10.0.0.tgz", + "integrity": "sha512-U4xcd/utDYFgMh0yWj07R1H6L5fwhVbmxBCpnL0DbVSDZVnsC82HONw0wxtxNkIAcua3KtbomQvIk5xFZGAQJw==", + "peer": true, + "dependencies": { + "execa": "^8.0.0", + "java-properties": "^1.0.2" + }, + "engines": { + "node": "^18.17 || >=20.6.1" + } + }, "node_modules/semver": { "version": "7.5.4", "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", diff --git a/package.json b/package.json index 65083722..84fbe7b3 100644 --- a/package.json +++ b/package.json @@ -35,7 +35,7 @@ "aggregate-error": "^5.0.0", "cosmiconfig": "^9.0.0", "debug": "^4.0.0", - "env-ci": "^10.0.0", + "env-ci": "^11.0.0", "execa": "^8.0.0", "figures": "^6.0.0", "find-versions": "^5.1.0", From ad8f5b2608256e2ba5a3bc129db1f7c2f222f002 Mon Sep 17 00:00:00 2001 From: Matt Travi Date: Sat, 16 Dec 2023 22:32:03 -0600 Subject: [PATCH 5/7] docs(node-versions): updated the minimum documented node version in the node requirement doc relates to https://github.com/semantic-release/semantic-release/issues/3106 --- docs/support/node-version.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/support/node-version.md b/docs/support/node-version.md index ef344a89..f4d03476 100644 --- a/docs/support/node-version.md +++ b/docs/support/node-version.md @@ -1,6 +1,6 @@ # Node version requirement -**semantic-release** is written using the latest [ECMAScript 2017](https://www.ecma-international.org/publications/standards/Ecma-262.htm) features, without transpilation which **requires Node version 18.0.0 or higher**. +**semantic-release** is written using the latest [ECMAScript 2017](https://www.ecma-international.org/publications/standards/Ecma-262.htm) features, without transpilation which **requires Node version 20.8.1 or higher**. **semantic-release** is meant to be used in a CI environment as a development support tool, not as a production dependency. Therefore, the only constraint is to run the `semantic-release` in a CI environment providing version of Node that meets our version requirement. From 6d2a6f1aa658cfdfa905f19a4c54f38ebdfc94ef Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 5 Jan 2024 14:27:04 -0600 Subject: [PATCH 6/7] fix(deps): update dependency marked to v11 (#3079) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Matt Travi --- package-lock.json | 22 +++++++++++++++++----- package.json | 2 +- 2 files changed, 18 insertions(+), 6 deletions(-) diff --git a/package-lock.json b/package-lock.json index 0be61aee..aeadd263 100644 --- a/package-lock.json +++ b/package-lock.json @@ -27,7 +27,7 @@ "hosted-git-info": "^7.0.0", "import-from-esm": "^1.3.1", "lodash-es": "^4.17.21", - "marked": "^9.0.0", + "marked": "^11.0.0", "marked-terminal": "^6.0.0", "micromatch": "^4.0.2", "p-each-series": "^3.0.0", @@ -7610,14 +7610,14 @@ } }, "node_modules/marked": { - "version": "9.1.6", - "resolved": "https://registry.npmjs.org/marked/-/marked-9.1.6.tgz", - "integrity": "sha512-jcByLnIFkd5gSXZmjNvS1TlmRhCXZjIzHYlaGkPlLIekG55JDR2Z4va9tZwCiP+/RDERiNhMOFu01xd6O5ct1Q==", + "version": "11.1.1", + "resolved": "https://registry.npmjs.org/marked/-/marked-11.1.1.tgz", + "integrity": "sha512-EgxRjgK9axsQuUa/oKMx5DEY8oXpKJfk61rT5iY3aRlgU6QJtUcxU5OAymdhCvWvhYcd9FKmO5eQoX8m9VGJXg==", "bin": { "marked": "bin/marked.js" }, "engines": { - "node": ">= 16" + "node": ">= 18" } }, "node_modules/marked-terminal": { @@ -13335,6 +13335,18 @@ "node": "^18.17 || >=20.6.1" } }, + "node_modules/semantic-release/node_modules/marked": { + "version": "9.1.6", + "resolved": "https://registry.npmjs.org/marked/-/marked-9.1.6.tgz", + "integrity": "sha512-jcByLnIFkd5gSXZmjNvS1TlmRhCXZjIzHYlaGkPlLIekG55JDR2Z4va9tZwCiP+/RDERiNhMOFu01xd6O5ct1Q==", + "peer": true, + "bin": { + "marked": "bin/marked.js" + }, + "engines": { + "node": ">= 16" + } + }, "node_modules/semver": { "version": "7.5.4", "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", diff --git a/package.json b/package.json index c98049fe..e5293257 100644 --- a/package.json +++ b/package.json @@ -45,7 +45,7 @@ "hosted-git-info": "^7.0.0", "import-from-esm": "^1.3.1", "lodash-es": "^4.17.21", - "marked": "^9.0.0", + "marked": "^11.0.0", "marked-terminal": "^6.0.0", "micromatch": "^4.0.2", "p-each-series": "^3.0.0", From 020ea7d7d5aa6c123fe4c97754b6b1b36c0a8e2c Mon Sep 17 00:00:00 2001 From: Killian Hamayada Date: Fri, 5 Jan 2024 21:51:59 +0100 Subject: [PATCH 7/7] fix: use one note reference per tag to prevent conflicts (#2085) Co-authored-by: Matt Travi <126441+travi@users.noreply.github.com> --- index.js | 11 +++++---- lib/git.js | 49 +++++++++++++++++++++++++++++++-------- test/helpers/git-utils.js | 4 ++-- 3 files changed, 48 insertions(+), 16 deletions(-) diff --git a/index.js b/index.js index 67877fb4..19c9f705 100644 --- a/index.js +++ b/index.js @@ -123,12 +123,15 @@ async function run(context, plugins) { if (options.dryRun) { logger.warn(`Skip ${nextRelease.gitTag} tag creation in dry-run mode`); } else { - await addNote({ channels: [...currentRelease.channels, nextRelease.channel] }, nextRelease.gitHead, { + await addNote({ channels: [...currentRelease.channels, nextRelease.channel] }, nextRelease.gitTag, { cwd, env, }); await push(options.repositoryUrl, { cwd, env }); - await pushNotes(options.repositoryUrl, { cwd, env }); + await pushNotes(options.repositoryUrl, nextRelease.gitTag, { + cwd, + env, + }); logger.success( `Add ${nextRelease.channel ? `channel ${nextRelease.channel}` : "default channel"} to tag ${ nextRelease.gitTag @@ -203,9 +206,9 @@ async function run(context, plugins) { } else { // Create the tag before calling the publish plugins as some require the tag to exists await tag(nextRelease.gitTag, nextRelease.gitHead, { cwd, env }); - await addNote({ channels: [nextRelease.channel] }, nextRelease.gitHead, { cwd, env }); + await addNote({ channels: [nextRelease.channel] }, nextRelease.gitTag, { cwd, env }); await push(options.repositoryUrl, { cwd, env }); - await pushNotes(options.repositoryUrl, { cwd, env }); + await pushNotes(options.repositoryUrl, nextRelease.gitTag, { cwd, env }); logger.success(`Created tag ${nextRelease.gitTag}`); } diff --git a/lib/git.js b/lib/git.js index fa251735..979256cf 100644 --- a/lib/git.js +++ b/lib/git.js @@ -2,6 +2,7 @@ import gitLogParser from "git-log-parser"; import getStream from "get-stream"; import { execa } from "execa"; import debugGit from "debug"; +import { merge } from "lodash-es"; import { GIT_NOTE_REF } from "./definitions/constants.js"; const debug = debugGit("semantic-release:git"); @@ -141,13 +142,9 @@ export async function fetch(repositoryUrl, branch, ciBranch, execaOptions) { */ export async function fetchNotes(repositoryUrl, execaOptions) { try { - await execa( - "git", - ["fetch", "--unshallow", repositoryUrl, `+refs/notes/${GIT_NOTE_REF}:refs/notes/${GIT_NOTE_REF}`], - execaOptions - ); + await execa("git", ["fetch", "--unshallow", repositoryUrl, `+refs/notes/*:refs/notes/*`], execaOptions); } catch { - await execa("git", ["fetch", repositoryUrl, `+refs/notes/${GIT_NOTE_REF}:refs/notes/${GIT_NOTE_REF}`], { + await execa("git", ["fetch", repositoryUrl, `+refs/notes/*:refs/notes/*`], { ...execaOptions, reject: false, }); @@ -246,8 +243,8 @@ export async function push(repositoryUrl, execaOptions) { * * @throws {Error} if the push failed. */ -export async function pushNotes(repositoryUrl, execaOptions) { - await execa("git", ["push", repositoryUrl, `refs/notes/${GIT_NOTE_REF}`], execaOptions); +export async function pushNotes(repositoryUrl, ref, execaOptions) { + await execa("git", ["push", repositoryUrl, `refs/notes/${GIT_NOTE_REF}-${ref}`], execaOptions); } /** @@ -307,8 +304,26 @@ export async function isBranchUpToDate(repositoryUrl, branch, execaOptions) { * @return {Object} the parsed JSON note if there is one, an empty object otherwise. */ export async function getNote(ref, execaOptions) { + const handleError = (error) => { + if (error.exitCode === 1) { + return { stdout: "{}" }; + } + + debug(error); + throw error; + }; + try { - return JSON.parse((await execa("git", ["notes", "--ref", GIT_NOTE_REF, "show", ref], execaOptions)).stdout); + return merge( + JSON.parse( + // Used for retro-compatibility + (await execa("git", ["notes", "--ref", GIT_NOTE_REF, "show", ref], execaOptions).catch(handleError)).stdout + ), + JSON.parse( + (await execa("git", ["notes", "--ref", `${GIT_NOTE_REF}-${ref}`, "show", ref], execaOptions).catch(handleError)) + .stdout + ) + ); } catch (error) { if (error.exitCode === 1) { return {}; @@ -327,5 +342,19 @@ export async function getNote(ref, execaOptions) { * @param {Object} [execaOpts] Options to pass to `execa`. */ export async function addNote(note, ref, execaOptions) { - await execa("git", ["notes", "--ref", GIT_NOTE_REF, "add", "-f", "-m", JSON.stringify(note), ref], execaOptions); + await execa( + "git", + ["notes", "--ref", `${GIT_NOTE_REF}-${ref}`, "add", "-f", "-m", JSON.stringify(note), ref], + execaOptions + ); +} + +/** + * Get the reference of a tag + * + * @param {String} tag The tag name to get the reference of. + * @param {Object} [execaOpts] Options to pass to `execa`. + **/ +export async function getTagRef(tag, execaOptions) { + return (await execa("git", ["show-ref", tag, "--hash"], execaOptions)).stdout; } diff --git a/test/helpers/git-utils.js b/test/helpers/git-utils.js index db70cdb8..5cb14770 100644 --- a/test/helpers/git-utils.js +++ b/test/helpers/git-utils.js @@ -315,7 +315,7 @@ export async function rebase(ref, execaOptions) { * @param {Object} [execaOpts] Options to pass to `execa`. */ export async function gitAddNote(note, ref, execaOptions) { - await execa("git", ["notes", "--ref", GIT_NOTE_REF, "add", "-m", note, ref], execaOptions); + await execa("git", ["notes", "--ref", `${GIT_NOTE_REF}-${ref}`, "add", "-m", note, ref], execaOptions); } /** @@ -325,5 +325,5 @@ export async function gitAddNote(note, ref, execaOptions) { * @param {Object} [execaOpts] Options to pass to `execa`. */ export async function gitGetNote(ref, execaOptions) { - return (await execa("git", ["notes", "--ref", GIT_NOTE_REF, "show", ref], execaOptions)).stdout; + return (await execa("git", ["notes", "--ref", `${GIT_NOTE_REF}-${ref}`, "show", ref], execaOptions)).stdout; }