diff --git a/.github/workflows/benchmark.yml b/.github/workflows/benchmark.yml index 274ca19c828..6d591200b2a 100644 --- a/.github/workflows/benchmark.yml +++ b/.github/workflows/benchmark.yml @@ -15,8 +15,10 @@ jobs: - name: Use Node.js uses: actions/setup-node@v3 with: - node-version: lts/* - cache: npm + node-version: '*' + cache: 'npm' + cache-dependency-path: 'npm-shrinkwrap.json' + check-latest: true - name: Install dependencies run: npm ci --no-audit && npm prune --production - name: Get size diff --git a/.github/workflows/e2e-tests.yml b/.github/workflows/e2e-tests.yml index 986d6f20ea5..fe5b45bc592 100644 --- a/.github/workflows/e2e-tests.yml +++ b/.github/workflows/e2e-tests.yml @@ -31,13 +31,14 @@ jobs: uses: actions/setup-node@v3 with: node-version: ${{ matrix.node-version }} - cache: npm + cache: 'npm' + cache-dependency-path: 'npm-shrinkwrap.json' check-latest: true - name: Cache verdaccio storage uses: actions/cache@v3 with: path: ./.verdaccio-storage - key: verdaccio-e2e-cli-${{ hashFiles('./package-lock.json') }} + key: verdaccio-e2e-cli-${{ hashFiles('./npm-shrinkwrap.json') }} - name: Install dependencies run: npm ci --no-audit - name: Install pnpm diff --git a/.github/workflows/integration-tests.yml b/.github/workflows/integration-tests.yml index 003cde42e62..c7a11e2dfc1 100644 --- a/.github/workflows/integration-tests.yml +++ b/.github/workflows/integration-tests.yml @@ -47,7 +47,8 @@ jobs: uses: actions/setup-node@v3 with: node-version: ${{ matrix.node-version }} - cache: npm + cache: 'npm' + cache-dependency-path: 'npm-shrinkwrap.json' check-latest: true if: '${{!steps.release-check.outputs.IS_RELEASE}}' - name: Setup Deno diff --git a/.github/workflows/legacy-tests.yml b/.github/workflows/legacy-tests.yml index 83d8e94dbd7..5a30777129b 100644 --- a/.github/workflows/legacy-tests.yml +++ b/.github/workflows/legacy-tests.yml @@ -47,7 +47,8 @@ jobs: uses: actions/setup-node@v3 with: node-version: ${{ matrix.node-version }} - cache: npm + cache: 'npm' + cache-dependency-path: 'npm-shrinkwrap.json' check-latest: true if: '${{!steps.release-check.outputs.IS_RELEASE}}' - name: Setup Deno diff --git a/.github/workflows/pre-release.yml b/.github/workflows/pre-release.yml index 7280c8b5fe2..5a887e26de9 100644 --- a/.github/workflows/pre-release.yml +++ b/.github/workflows/pre-release.yml @@ -11,8 +11,10 @@ jobs: - uses: actions/checkout@v3 - uses: actions/setup-node@v3 with: - node-version: lts/* - cache: npm + node-version: '*' + cache: 'npm' + check-latest: true + cache-dependency-path: 'npm-shrinkwrap.json' registry-url: 'https://registry.npmjs.org' - name: Install core dependencies run: npm ci --no-audit diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml index d336e2a1c5b..4ac9caffaa1 100644 --- a/.github/workflows/release-please.yml +++ b/.github/workflows/release-please.yml @@ -4,51 +4,41 @@ on: branches: - main jobs: - create-release: + release-please: runs-on: ubuntu-latest - outputs: - release_created: ${{ steps.release.outputs.release_created }} steps: - uses: navikt/github-app-token-generator@a3831f44404199df32d8f39f7c0ad9bb8fa18b1c id: get-token with: private-key: ${{ secrets.TOKENS_PRIVATE_KEY }} app-id: ${{ secrets.TOKENS_APP_ID }} - - uses: GoogleCloudPlatform/release-please-action@v3 id: release with: token: ${{ steps.get-token.outputs.token }} release-type: node - package-name: netlify-cli - - publish: - runs-on: ubuntu-latest - needs: create-release - if: ${{ needs.create-release.outputs.release_created }} - steps: + package-name: 'netlify-cli' - uses: actions/checkout@v3 - + if: ${{ steps.release.outputs.release_created }} - uses: actions/setup-node@v3 with: - node-version: lts/* - cache: npm + node-version: '*' + cache: 'npm' + cache-dependency-path: 'npm-shrinkwrap.json' + check-latest: true registry-url: 'https://registry.npmjs.org' - - # when running npm publish dev dependencies won't be installed, but we need the is-ci binary to skip husky - - name: Install is-ci globally - run: npm install -g is-ci - + if: ${{ steps.release.outputs.release_created }} + # required for linting to pass + - name: Install site dependencies + run: npm run site:build:install + if: ${{ steps.release.outputs.release_created }} - name: Install core dependencies run: npm ci --no-audit - - # https://github.com/ossf/package-manager-best-practices/issues/35#issue-1360805761 - - name: Create shrinkwrap - run: | - npm prune --production - rm -rf package-lock.json - npm shrinkwrap - + if: ${{ steps.release.outputs.release_created }} - run: npm publish + if: ${{ steps.release.outputs.release_created }} env: NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}} + # required for tests to pass + NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_AUTH_TOKEN }} + NETLIFY_TEST_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/unit-tests.yml b/.github/workflows/unit-tests.yml index d973cbb18eb..aa4c3dfcc9c 100644 --- a/.github/workflows/unit-tests.yml +++ b/.github/workflows/unit-tests.yml @@ -30,7 +30,8 @@ jobs: uses: actions/setup-node@v3 with: node-version: ${{ matrix.node-version }} - cache: npm + cache: 'npm' + cache-dependency-path: 'npm-shrinkwrap.json' check-latest: true if: '${{!steps.release-check.outputs.IS_RELEASE}}' - name: Install core dependencies diff --git a/.github/workflows/verify-docs.yml b/.github/workflows/verify-docs.yml index dca250bb739..01fc7af781a 100644 --- a/.github/workflows/verify-docs.yml +++ b/.github/workflows/verify-docs.yml @@ -16,8 +16,10 @@ jobs: - name: Use Node.js uses: actions/setup-node@v3 with: - node-version: lts/* - cache: npm + node-version: '*' + cache: 'npm' + cache-dependency-path: 'npm-shrinkwrap.json' + check-latest: true - name: Install core dependencies run: npm ci --no-audit - name: Install site dependencies diff --git a/.npmrc b/.npmrc new file mode 100644 index 00000000000..3438c513308 --- /dev/null +++ b/.npmrc @@ -0,0 +1 @@ +shrinkwrap=true diff --git a/package-lock.json b/npm-shrinkwrap.json similarity index 99% rename from package-lock.json rename to npm-shrinkwrap.json index 6066dc5c33e..854c65ab931 100644 --- a/package-lock.json +++ b/npm-shrinkwrap.json @@ -132,7 +132,6 @@ "graphviz": "^0.0.9", "husky": "^8.0.0", "ini": "^2.0.0", - "is-ci": "^3.0.1", "mock-fs": "^5.1.2", "nock": "^13.2.4", "p-timeout": "^4.0.0", diff --git a/package.json b/package.json index 3a401b8e5d2..2d0ea0983a2 100644 --- a/package.json +++ b/package.json @@ -38,7 +38,7 @@ "url": "https://github.com/netlify/cli/issues" }, "scripts": { - "prepare": "is-ci || husky install node_modules/@netlify/eslint-config-node/.husky/", + "prepare": "husky install node_modules/@netlify/eslint-config-node/.husky/", "start": "node ./bin/run.mjs", "test": "run-s format test:dev", "format": "run-s format:check-fix:*", @@ -72,7 +72,7 @@ }, "config": { "eslint": "--ignore-path .gitignore --cache --format=codeframe --max-warnings=0 \"{src,scripts,site,tests,.github}/**/*.{mjs,cjs,js,md,html}\" \"*.{mjs,cjs,js,md,html}\" \".*.{mjs,cjs,js,md,html}\"", - "prettier": "--ignore-path .gitignore --loglevel=warn \"{src,tools,scripts,site,tests,.github}/**/*.{mjs,cjs,js,md,yml,json,html}\" \"*.{mjs,cjs,js,yml,json,html}\" \".*.{mjs,cjs,js,yml,json,html}\" \"!CHANGELOG.md\" \"!**/*/package-lock.json\" \"!.github/**/*.md\"" + "prettier": "--ignore-path .gitignore --loglevel=warn \"{src,tools,scripts,site,tests,.github}/**/*.{mjs,cjs,js,md,yml,json,html}\" \"*.{mjs,cjs,js,yml,json,html}\" \".*.{mjs,cjs,js,yml,json,html}\" \"!CHANGELOG.md\" \"!npm-shrinkwrap.json\" \"!**/*/package-lock.json\" \"!.github/**/*.md\"" }, "dependencies": { "@fastify/static": "^6.6.0", @@ -193,7 +193,6 @@ "graphviz": "^0.0.9", "husky": "^8.0.0", "ini": "^2.0.0", - "is-ci": "^3.0.1", "mock-fs": "^5.1.2", "nock": "^13.2.4", "p-timeout": "^4.0.0", diff --git a/tools/affected-test.mjs b/tools/affected-test.mjs index 6e92cd4c213..b46e141d400 100755 --- a/tools/affected-test.mjs +++ b/tools/affected-test.mjs @@ -33,7 +33,7 @@ export const getAffectedFiles = (changedFiles) => { // in this case all files are affected if ( - changedFiles.includes('package-lock.json') || + changedFiles.includes('npm-shrinkwrap.json') || changedFiles.includes('package.json') || changedFiles.includes(join('.github', 'workflows', 'main.yml')) ) { diff --git a/tools/tests/affected-files.test.mjs b/tools/tests/affected-files.test.mjs index f6d9255b26d..3168a33333c 100644 --- a/tools/tests/affected-files.test.mjs +++ b/tools/tests/affected-files.test.mjs @@ -44,9 +44,9 @@ test.only('should get all files marked as affected when the package.json is touc t.deepEqual(affectedFiles, mockedTestFiles) }) -test.serial('should get all files marked as affected when the package-lock.json is touched', async (t) => { +test.serial('should get all files marked as affected when the npm-shrinkwrap.json is touched', async (t) => { const consoleStub = t.context.sandbox.stub(console, 'log').callsFake(() => {}) - const { affectedFiles, mockedTestFiles } = await getAffectedFilesFromMock(['package-lock.json']) + const { affectedFiles, mockedTestFiles } = await getAffectedFilesFromMock(['npm-shrinkwrap.json']) t.truthy(consoleStub.firstCall.calledWith('All files are affected based on the changeset')) t.deepEqual(affectedFiles, mockedTestFiles) diff --git a/tools/tests/utils/file-systems.mjs b/tools/tests/utils/file-systems.mjs index 9d3fb49f2f3..7ca5c9ec2f4 100644 --- a/tools/tests/utils/file-systems.mjs +++ b/tools/tests/utils/file-systems.mjs @@ -1,7 +1,7 @@ import { join } from 'path' const baseFiles = { - 'package-lock.json': '', + 'npm-shrinkwrap.json': '', 'README.md': '', }