diff --git a/.github/workflows/plan-release.yml b/.github/workflows/plan-release.yml index f9a16c8..b2843ad 100644 --- a/.github/workflows/plan-release.yml +++ b/.github/workflows/plan-release.yml @@ -15,79 +15,44 @@ concurrency: cancel-in-progress: true jobs: - is-this-a-release: - name: "Is this a release?" + should-run-release-plan-prepare: + name: Should we run release-plan prepare? runs-on: ubuntu-latest outputs: - command: ${{ steps.check-release.outputs.command }} - + should-prepare: ${{ steps.should-prepare.outputs.should-prepare }} steps: - - uses: actions/checkout@v4 + - uses: release-plan/actions/should-prepare-release@v1 with: - fetch-depth: 2 ref: 'main' - # This will only cause the `is-this-a-release` job to have a "command" of `release` - # when the .release-plan.json file was changed on the last commit. - - id: check-release - run: if git diff --name-only HEAD HEAD~1 | grep -w -q ".release-plan.json"; then echo "command=release"; fi >> $GITHUB_OUTPUT + id: should-prepare create-prepare-release-pr: name: Create Prepare Release PR runs-on: ubuntu-latest timeout-minutes: 5 - needs: is-this-a-release + needs: should-run-release-plan-prepare permissions: contents: write issues: read pull-requests: write - # only run on push event or workflow dispatch if plan wasn't updated (don't create a release plan when we're releasing) - # only run on labeled event if the PR has already been merged - if: ((github.event_name == 'push' || github.event_name == 'workflow_dispatch') && needs.is-this-a-release.outputs.command != 'release') || (github.event_name == 'pull_request_target' && github.event.pull_request.merged == true) - + if: needs.should-run-release-plan-prepare.outputs.should-prepare == 'true' steps: - - uses: actions/checkout@v4 - # We need to download lots of history so that - # github-changelog can discover what's changed since the last release + - uses: release-plan/actions/prepare@v1 + name: Run release-plan prepare with: - fetch-depth: 0 ref: 'main' - - uses: pnpm/action-setup@v4 - with: - version: 9 - - uses: actions/setup-node@v4 - with: - node-version: 18 - cache: pnpm - - run: pnpm install --frozen-lockfile - - name: "Generate Explanation and Prep Changelogs" - id: explanation - run: | - set +e - pnpm release-plan prepare 2> >(tee -a release-plan-stderr.txt >&2) - - if [ $? -ne 0 ]; then - release_plan_output=$(cat release-plan-stderr.txt) - else - release_plan_output=$(jq .description .release-plan.json -r) - rm release-plan-stderr.txt - - if [ $(jq '.solution | length' .release-plan.json) -eq 1 ]; then - new_version=$(jq -r '.solution[].newVersion' .release-plan.json) - echo "new_version=v$new_version" >> $GITHUB_OUTPUT - fi - fi - echo 'text<> $GITHUB_OUTPUT - echo "$release_plan_output" >> $GITHUB_OUTPUT - echo 'EOF' >> $GITHUB_OUTPUT env: GITHUB_AUTH: ${{ secrets.GITHUB_TOKEN }} + id: explanation - - uses: peter-evans/create-pull-request@v7 + - uses: peter-evans/create-pull-request@v8 + name: Create Prepare Release PR with: - commit-message: "Prepare Release ${{ steps.explanation.outputs.new_version}} using 'release-plan'" + commit-message: "Prepare Release ${{ steps.explanation.outputs.new-version}} using 'release-plan'" labels: "internal" + sign-commits: true branch: release-preview - title: Prepare Release ${{ steps.explanation.outputs.new_version }} + title: Prepare Release ${{ steps.explanation.outputs.new-version }} body: | This PR is a preview of the release that [release-plan](https://github.com/embroider-build/release-plan) has prepared. To release you should just merge this PR 👍 diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 6dbd296..174a0b0 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -22,19 +22,17 @@ jobs: runs-on: ubuntu-latest permissions: contents: write - pull-requests: write id-token: write attestations: write steps: - - uses: actions/checkout@v4 - - uses: pnpm/action-setup@v4 + - uses: actions/checkout@v6 + - uses: pnpm/action-setup@v5 with: version: 9 - - uses: actions/setup-node@v4 + - uses: actions/setup-node@v6 with: - node-version: 18 - # This creates an .npmrc that reads the NODE_AUTH_TOKEN environment variable + node-version: 24 registry-url: 'https://registry.npmjs.org' cache: pnpm - run: pnpm install --frozen-lockfile @@ -42,4 +40,3 @@ jobs: run: NPM_CONFIG_PROVENANCE=true pnpm release-plan publish env: GITHUB_AUTH: ${{ secrets.GITHUB_TOKEN }} - NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} diff --git a/package.json b/package.json index fc8493b..296e286 100644 --- a/package.json +++ b/package.json @@ -11,6 +11,6 @@ "license": "MIT", "author": "", "devDependencies": { - "release-plan": "^0.16.0" + "release-plan": "^0.18.0" } } diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 396149e..140a0a7 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -9,8 +9,8 @@ importers: .: devDependencies: release-plan: - specifier: ^0.16.0 - version: 0.16.0 + specifier: ^0.18.0 + version: 0.18.0 '@ember/app-tsconfig': {} @@ -335,8 +335,8 @@ packages: resolution: {integrity: sha512-kVCxPF3vQM/N0B1PmoqVUqgHP+EeVjmZSQn+1oCRPxd2P21P2F19lIgbR3HBosbB1PUhOAoctJnfEn2GbN2eZA==} engines: {node: '>=18'} - github-changelog@2.0.0: - resolution: {integrity: sha512-JdAwddNCvHkZY/pTMqpoaLEfksaWiTc+beDjBkPEnr7iVlKfu8SeyCT8Sef+KsonRgIj6pl3SiWDPSefWmeicw==} + github-changelog@2.1.4: + resolution: {integrity: sha512-mZQF/YC9OR8XMGpYlLQqG66RiKwlaQZ7rXTZug28oOYkzOXd0acszuvYHVzPlYmns1aDDSwQkbzFxNOYpWhmig==} engines: {node: 18.* || 20.* || >= 22} hasBin: true @@ -346,11 +346,12 @@ packages: glob@10.4.5: resolution: {integrity: sha512-7Bv8RF0k6xjo7d4A/PxYLbUCfb6c+Vpd2/mB2yRDlew7Jb5hEXiCD9ibfO7wpk8i4sevK6DFny9h7EYbM3/sHg==} + deprecated: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me hasBin: true glob@7.2.3: resolution: {integrity: sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==} - deprecated: Glob versions prior to v9 are no longer supported + deprecated: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me graceful-fs@4.2.10: resolution: {integrity: sha512-9ByhssR2fPVsNZj478qUUbKfmL0+t5BDVyjShtyZZLiK7ZDAArFFfopyOTj0M05wE2tJPisA4iTnnXl2YoPvOA==} @@ -713,8 +714,8 @@ packages: resolution: {integrity: sha512-+crtS5QjFRqFCoQmvGduwYWEBng99ZvmFvF+cUJkGYF1L1BfU8C6Zp9T7f5vPAwyLkUExpvK+ANVZmGU49qi4Q==} engines: {node: '>=12'} - release-plan@0.16.0: - resolution: {integrity: sha512-S2hrXACiy39LenrdvPAhSY7PcitS4A4fAxlzoPgYyCiS2OU6Ed+cUKvN4h9/uRyZ/B3AMGywZUIPtIhCUIjTng==} + release-plan@0.18.0: + resolution: {integrity: sha512-WzP+O+XRF4AqhTDQK84FovY+TxHyC8J7QWoOwxnrvVjyHns417l1FUldboRhBYua5Pej6Yg/2jH1dEH2MRNHeA==} hasBin: true require-directory@2.1.1: @@ -826,6 +827,7 @@ packages: tar@6.2.1: resolution: {integrity: sha512-DZ4yORTwrbTj/7MZYq2w+/ZFdI6OZ/f9SFHR+71gIVUZhOQPHzVCLpvRnPgyaMpfWxxk/4ONva3GQSyNIKRv6A==} engines: {node: '>=10'} + deprecated: Old versions of tar are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me thenify-all@1.6.0: resolution: {integrity: sha512-RNxQH/qI8/t3thXJDwcstUO4zeqo64+Uy/+sNVRBx4Xn2OX+OZ9oP+iJnNFqplFra2ZUVeKCSa2oVWi3T4uVmA==} @@ -1286,7 +1288,7 @@ snapshots: '@sec-ant/readable-stream': 0.4.1 is-stream: 4.0.1 - github-changelog@2.0.0: + github-changelog@2.1.4: dependencies: '@manypkg/get-packages': 2.2.2 chalk: 4.1.2 @@ -1656,7 +1658,7 @@ snapshots: dependencies: rc: 1.2.8 - release-plan@0.16.0: + release-plan@0.18.0: dependencies: '@manypkg/get-packages': 2.2.2 '@npmcli/package-json': 6.1.1 @@ -1666,7 +1668,7 @@ snapshots: cli-highlight: 2.1.11 execa: 9.5.2 fs-extra: 11.3.0 - github-changelog: 2.0.0 + github-changelog: 2.1.4 js-yaml: 4.1.0 latest-version: 9.0.0 parse-github-repo-url: 1.4.1