diff --git a/.github/workflows/plan-release.yml b/.github/workflows/plan-release.yml index 99443c9..b2843ad 100644 --- a/.github/workflows/plan-release.yml +++ b/.github/workflows/plan-release.yml @@ -15,77 +15,44 @@ concurrency: cancel-in-progress: true jobs: - is-this-a-release: - name: "Is this a release?" + should-run-release-plan-prepare: + name: Should we run release-plan prepare? runs-on: ubuntu-latest outputs: - command: ${{ steps.check-release.outputs.command }} - + should-prepare: ${{ steps.should-prepare.outputs.should-prepare }} steps: - - uses: actions/checkout@v4 + - uses: release-plan/actions/should-prepare-release@v1 with: - fetch-depth: 2 ref: 'main' - # This will only cause the `is-this-a-release` job to have a "command" of `release` - # when the .release-plan.json file was changed on the last commit. - - id: check-release - run: if git diff --name-only HEAD HEAD~1 | grep -w -q ".release-plan.json"; then echo "command=release"; fi >> $GITHUB_OUTPUT + id: should-prepare create-prepare-release-pr: name: Create Prepare Release PR runs-on: ubuntu-latest timeout-minutes: 5 - needs: is-this-a-release + needs: should-run-release-plan-prepare permissions: contents: write issues: read pull-requests: write - # only run on push event or workflow dispatch if plan wasn't updated (don't create a release plan when we're releasing) - # only run on labeled event if the PR has already been merged - if: ((github.event_name == 'push' || github.event_name == 'workflow_dispatch') && needs.is-this-a-release.outputs.command != 'release') || (github.event_name == 'pull_request_target' && github.event.pull_request.merged == true) - + if: needs.should-run-release-plan-prepare.outputs.should-prepare == 'true' steps: - - uses: actions/checkout@v4 - # We need to download lots of history so that - # github-changelog can discover what's changed since the last release + - uses: release-plan/actions/prepare@v1 + name: Run release-plan prepare with: - fetch-depth: 0 ref: 'main' - - uses: pnpm/action-setup@v4 - - uses: actions/setup-node@v4 - with: - node-version: 22 - cache: pnpm - - run: pnpm install --frozen-lockfile - - name: "Generate Explanation and Prep Changelogs" - id: explanation - run: | - set +e - pnpm release-plan prepare 2> >(tee -a release-plan-stderr.txt >&2) - - if [ $? -ne 0 ]; then - release_plan_output=$(cat release-plan-stderr.txt) - else - release_plan_output=$(jq .description .release-plan.json -r) - rm release-plan-stderr.txt - - if [ $(jq '.solution | length' .release-plan.json) -eq 1 ]; then - new_version=$(jq -r '.solution[].newVersion' .release-plan.json) - echo "new_version=v$new_version" >> $GITHUB_OUTPUT - fi - fi - echo 'text<> $GITHUB_OUTPUT - echo "$release_plan_output" >> $GITHUB_OUTPUT - echo 'EOF' >> $GITHUB_OUTPUT env: GITHUB_AUTH: ${{ secrets.GITHUB_TOKEN }} + id: explanation - - uses: peter-evans/create-pull-request@v7 + - uses: peter-evans/create-pull-request@v8 + name: Create Prepare Release PR with: - commit-message: "Prepare Release ${{ steps.explanation.outputs.new_version}} using 'release-plan'" + commit-message: "Prepare Release ${{ steps.explanation.outputs.new-version}} using 'release-plan'" labels: "internal" + sign-commits: true branch: release-preview - title: Prepare Release ${{ steps.explanation.outputs.new_version }} + title: Prepare Release ${{ steps.explanation.outputs.new-version }} body: | This PR is a preview of the release that [release-plan](https://github.com/embroider-build/release-plan) has prepared. To release you should just merge this PR 👍 diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index ef2c6e8..531161e 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -22,22 +22,20 @@ jobs: runs-on: ubuntu-latest permissions: contents: write - pull-requests: write id-token: write attestations: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: pnpm/action-setup@v4 - - uses: actions/setup-node@v4 + - uses: actions/setup-node@v6 with: node-version: 22 - # This creates an .npmrc that reads the NODE_AUTH_TOKEN environment variable registry-url: 'https://registry.npmjs.org' cache: pnpm + - run: npm install -g npm@latest # ensure that the globally installed npm is new enough to support OIDC - run: pnpm install --frozen-lockfile - name: Publish to NPM run: NPM_CONFIG_PROVENANCE=true pnpm release-plan publish env: GITHUB_AUTH: ${{ secrets.GITHUB_TOKEN }} - NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} diff --git a/package.json b/package.json index c15f288..96c3dec 100644 --- a/package.json +++ b/package.json @@ -12,17 +12,17 @@ "license": "MIT", "author": "", "scripts": { - "lint": "prettier --check .", "format": "prettier --write .", + "lint": "prettier --check .", "new:addon": "rm -rf my-addon; pnpm dlx ember-cli@latest addon my-addon --blueprint ." }, + "dependencies": { + "sort-package-json": "^3.4.0" + }, "devDependencies": { "prettier": "^3.5.3", "prettier-plugin-ember-template-tag": "2.1.0", - "release-plan": "^0.16.0" - }, - "dependencies": { - "sort-package-json": "^3.4.0" + "release-plan": "^0.17.4" }, "packageManager": "pnpm@10.6.5" } diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 587a640..548b4b7 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -19,8 +19,8 @@ importers: specifier: 2.1.0 version: 2.1.0(prettier@3.5.3) release-plan: - specifier: ^0.16.0 - version: 0.16.0 + specifier: ^0.17.4 + version: 0.17.4 tests: devDependencies: @@ -2198,8 +2198,8 @@ packages: resolution: {integrity: sha512-8aCohiDo4jwjOwma4FmYFd3i97urZulL8XL24nIPxuE+GZnfsAyy/g2Shqx6OjUiFKUXZM+Yy+KHnOmmA3FVcg==} engines: {node: '>= 4.0'} - github-changelog@2.0.0: - resolution: {integrity: sha512-JdAwddNCvHkZY/pTMqpoaLEfksaWiTc+beDjBkPEnr7iVlKfu8SeyCT8Sef+KsonRgIj6pl3SiWDPSefWmeicw==} + github-changelog@2.1.4: + resolution: {integrity: sha512-mZQF/YC9OR8XMGpYlLQqG66RiKwlaQZ7rXTZug28oOYkzOXd0acszuvYHVzPlYmns1aDDSwQkbzFxNOYpWhmig==} engines: {node: 18.* || 20.* || >= 22} hasBin: true @@ -2209,6 +2209,7 @@ packages: glob@10.4.5: resolution: {integrity: sha512-7Bv8RF0k6xjo7d4A/PxYLbUCfb6c+Vpd2/mB2yRDlew7Jb5hEXiCD9ibfO7wpk8i4sevK6DFny9h7EYbM3/sHg==} + deprecated: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me hasBin: true glob@5.0.15: @@ -3375,8 +3376,8 @@ packages: resolution: {integrity: sha512-+crtS5QjFRqFCoQmvGduwYWEBng99ZvmFvF+cUJkGYF1L1BfU8C6Zp9T7f5vPAwyLkUExpvK+ANVZmGU49qi4Q==} engines: {node: '>=12'} - release-plan@0.16.0: - resolution: {integrity: sha512-S2hrXACiy39LenrdvPAhSY7PcitS4A4fAxlzoPgYyCiS2OU6Ed+cUKvN4h9/uRyZ/B3AMGywZUIPtIhCUIjTng==} + release-plan@0.17.4: + resolution: {integrity: sha512-CK+RrsvP6JXysgFuqUoOvprAT95J5x8usHzAQh3M1RMQqFScnAyfY6lb1LBsjqW/HUsvLjkLfSp8dJseRHEpEw==} hasBin: true remove-trailing-separator@1.1.0: @@ -3822,6 +3823,7 @@ packages: tar@6.2.1: resolution: {integrity: sha512-DZ4yORTwrbTj/7MZYq2w+/ZFdI6OZ/f9SFHR+71gIVUZhOQPHzVCLpvRnPgyaMpfWxxk/4ONva3GQSyNIKRv6A==} engines: {node: '>=10'} + deprecated: Old versions of tar are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me temp@0.9.4: resolution: {integrity: sha512-yYrrsWnrXMcdsnu/7YMYAofM1ktpL5By7vZhf15CrXijWWrEYZks5AXBudalfSWJLlnen/QUJUB5aoB0kqZUGA==} @@ -6708,7 +6710,7 @@ snapshots: git-repo-info@2.1.1: {} - github-changelog@2.0.0: + github-changelog@2.1.4: dependencies: '@manypkg/get-packages': 2.2.2 chalk: 4.1.2 @@ -7907,7 +7909,7 @@ snapshots: dependencies: rc: 1.2.8 - release-plan@0.16.0: + release-plan@0.17.4: dependencies: '@manypkg/get-packages': 2.2.2 '@npmcli/package-json': 6.1.1 @@ -7917,7 +7919,7 @@ snapshots: cli-highlight: 2.1.11 execa: 9.6.0 fs-extra: 11.3.0 - github-changelog: 2.0.0 + github-changelog: 2.1.4 js-yaml: 4.1.0 latest-version: 9.0.0 parse-github-repo-url: 1.4.1