Compare commits

...

13 Commits

Author SHA1 Message Date
Peter McEvoy
5177c1a4cf
Merge b0f1a15a39 into 802632921f 2025-02-13 23:16:22 +00:00
Peter McEvoy
b0f1a15a39 Parse use-node-version key from .npmrc 2025-02-13 18:16:16 -05:00
Peter McEvoy
626bea34d5 Install ini package for parsing INI files 2025-02-13 18:08:58 -05:00
Peter McEvoy
3b8b03f6c1 Add .npmrc unit and E2E tests 2025-02-13 18:08:04 -05:00
dependabot[bot]
802632921f
Bump @actions/glob from 0.4.0 to 0.5.0 (#1200)
* Bump @actions/glob from 0.4.0 to 0.5.0

Bumps [@actions/glob](https://github.com/actions/toolkit/tree/HEAD/packages/glob) from 0.4.0 to 0.5.0.
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/glob/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/glob)

---
updated-dependencies:
- dependency-name: "@actions/glob"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix for check-dist and license failures

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Aparna Jyothi <aparnajyothi-y@github.com>
2025-01-27 13:02:45 -06:00
dependabot[bot]
1d0ff469b7
Bump undici from 5.28.4 to 5.28.5 (#1205)
* Bump undici from 5.28.4 to 5.28.5

Bumps [undici](https://github.com/nodejs/undici) from 5.28.4 to 5.28.5.
- [Release notes](https://github.com/nodejs/undici/releases)
- [Commits](https://github.com/nodejs/undici/compare/v5.28.4...v5.28.5)

---
updated-dependencies:
- dependency-name: undici
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix for check-dist and license failures

* npm run updates

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Aparna Jyothi <aparnajyothi-y@github.com>
2025-01-22 13:15:11 -06:00
dependabot[bot]
574f09a9fa
Bump @types/jest from 29.5.12 to 29.5.14 (#1201)
Bumps [@types/jest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jest) from 29.5.12 to 29.5.14.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jest)

---
updated-dependencies:
- dependency-name: "@types/jest"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-21 15:43:11 -06:00
dependabot[bot]
260f8702db
Bump semver from 7.6.0 to 7.6.3 (#1196)
* Bump semver from 7.6.0 to 7.6.3

Bumps [semver](https://github.com/npm/node-semver) from 7.6.0 to 7.6.3.
- [Release notes](https://github.com/npm/node-semver/releases)
- [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md)
- [Commits](https://github.com/npm/node-semver/compare/v7.6.0...v7.6.3)

---
updated-dependencies:
- dependency-name: semver
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix for check-dist & license check failures

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Aparna Jyothi <aparnajyothi-y@github.com>
2025-01-21 14:01:34 -06:00
dependabot[bot]
111c4beff8
Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 (#1195)
Bumps [actions/publish-immutable-action](https://github.com/actions/publish-immutable-action) from 0.0.3 to 0.0.4.
- [Release notes](https://github.com/actions/publish-immutable-action/releases)
- [Commits](https://github.com/actions/publish-immutable-action/compare/0.0.3...v0.0.4)

---
updated-dependencies:
- dependency-name: actions/publish-immutable-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-21 09:25:29 -06:00
dependabot[bot]
0bc26deefe
Bump pnpm/action-setup from 2 to 4 (#1194)
Bumps [pnpm/action-setup](https://github.com/pnpm/action-setup) from 2 to 4.
- [Release notes](https://github.com/pnpm/action-setup/releases)
- [Commits](https://github.com/pnpm/action-setup/compare/v2...v4)

---
updated-dependencies:
- dependency-name: pnpm/action-setup
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-21 09:25:11 -06:00
Priya Gupta
8f9cc178b6
Use the new cache service: upgrade @actions/cache to ^4.0.0 (#1191)
* upgrade `@actions/cache` to `^4.0.0`

* Review licenses & update types

* updated package-lock.json
2025-01-16 14:28:35 -06:00
HarithaVattikuti
5eef37b631
Create dependabot.yml (#1192) 2025-01-16 13:30:19 -06:00
Ben Wells
fbeca22fb2
Update README.md (#1193) 2025-01-16 08:49:29 -06:00
42 changed files with 20521 additions and 3980 deletions

22
.github/dependabot.yml vendored Normal file
View File

@ -0,0 +1,22 @@
# To get started with Dependabot version updates, you'll need to specify which
# package ecosystems to update and where the package manifests are located.
# Please see the documentation for all configuration options:
# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
version: 2
updates:
# Enable version updates for npm
- package-ecosystem: 'npm'
# Look for `package.json` and `lock` files in the `root` directory
directory: '/'
# Check the npm registry for updates every day (weekdays)
schedule:
interval: 'weekly'
# Enable version updates for GitHub Actions
- package-ecosystem: 'github-actions'
# Workflow files stored in the default location of `.github/workflows`
# You don't need to specify `/.github/workflows` for `directory`. You can use `directory: "/"`.
directory: '/'
schedule:
interval: 'weekly'

View File

@ -46,7 +46,7 @@ jobs:
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- name: Install pnpm - name: Install pnpm
uses: pnpm/action-setup@v2 uses: pnpm/action-setup@v4
with: with:
version: 6.10.0 version: 6.10.0
- name: Generate pnpm file - name: Generate pnpm file

View File

@ -17,4 +17,4 @@ jobs:
uses: actions/checkout@v4 uses: actions/checkout@v4
- name: Publish - name: Publish
id: publish id: publish
uses: actions/publish-immutable-action@0.0.3 uses: actions/publish-immutable-action@v0.0.4

View File

@ -159,7 +159,7 @@ jobs:
matrix: matrix:
os: [ubuntu-latest, windows-latest, macos-latest, macos-13] os: [ubuntu-latest, windows-latest, macos-latest, macos-13]
node-version-file: node-version-file:
[.nvmrc, .tool-versions, .tool-versions-node, package.json] [.nvmrc, .tool-versions, .tool-versions-node, package.json, .npmrc]
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- name: Setup node from node version file - name: Setup node from node version file

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

BIN
.licenses/npm/@protobuf-ts/plugin.dep.yml generated Normal file

Binary file not shown.

BIN
.licenses/npm/@protobuf-ts/protoc.dep.yml generated Normal file

Binary file not shown.

Binary file not shown.

BIN
.licenses/npm/@protobuf-ts/runtime.dep.yml generated Normal file

Binary file not shown.

BIN
.licenses/npm/camel-case.dep.yml generated Normal file

Binary file not shown.

BIN
.licenses/npm/commander.dep.yml generated Normal file

Binary file not shown.

BIN
.licenses/npm/dot-object.dep.yml generated Normal file

Binary file not shown.

BIN
.licenses/npm/fs.realpath.dep.yml generated Normal file

Binary file not shown.

BIN
.licenses/npm/inherits.dep.yml generated Normal file

Binary file not shown.

BIN
.licenses/npm/lodash.dep.yml generated Normal file

Binary file not shown.

BIN
.licenses/npm/lower-case.dep.yml generated Normal file

Binary file not shown.

BIN
.licenses/npm/no-case.dep.yml generated Normal file

Binary file not shown.

BIN
.licenses/npm/pascal-case.dep.yml generated Normal file

Binary file not shown.

BIN
.licenses/npm/path-is-absolute.dep.yml generated Normal file

Binary file not shown.

BIN
.licenses/npm/path-to-regexp.dep.yml generated Normal file

Binary file not shown.

BIN
.licenses/npm/prettier.dep.yml generated Normal file

Binary file not shown.

BIN
.licenses/npm/ts-poet.dep.yml generated Normal file

Binary file not shown.

BIN
.licenses/npm/twirp-ts.dep.yml generated Normal file

Binary file not shown.

BIN
.licenses/npm/typescript.dep.yml generated Normal file

Binary file not shown.

Binary file not shown.

BIN
.licenses/npm/yaml.dep.yml generated Normal file

Binary file not shown.

View File

@ -204,6 +204,15 @@ If the runner is not able to access github.com, any Nodejs versions requested du
- [Publishing to npmjs and GPR with yarn](docs/advanced-usage.md#publish-to-npmjs-and-gpr-with-yarn) - [Publishing to npmjs and GPR with yarn](docs/advanced-usage.md#publish-to-npmjs-and-gpr-with-yarn)
- [Using private packages](docs/advanced-usage.md#use-private-packages) - [Using private packages](docs/advanced-usage.md#use-private-packages)
## Recommended permissions
When using the `setup-node` action in your GitHub Actions workflow, it is recommended to set the following permissions to ensure proper functionality:
```yaml
permissions:
contents: read # access to check out code and install dependencies
```
## License ## License
The scripts and documentation in this project are released under the [MIT License](LICENSE) The scripts and documentation in this project are released under the [MIT License](LICENSE)

1
__tests__/data/.npmrc Normal file
View File

@ -0,0 +1 @@
use-node-version=20.0.0

View File

@ -103,10 +103,13 @@ describe('main tests', () => {
${''} | ${''} ${''} | ${''}
${'unknown format'} | ${'unknown format'} ${'unknown format'} | ${'unknown format'}
${' 14.1.0 '} | ${'14.1.0'} ${' 14.1.0 '} | ${'14.1.0'}
${'use-node-version=lts/iron'} | ${'lts/iron'}
${'{"volta": {"node": ">=14.0.0 <=17.0.0"}}'}| ${'>=14.0.0 <=17.0.0'} ${'{"volta": {"node": ">=14.0.0 <=17.0.0"}}'}| ${'>=14.0.0 <=17.0.0'}
${'{"volta": {"extends": "./package.json"}}'}| ${'18.0.0'} ${'{"volta": {"extends": "./package.json"}}'}| ${'18.0.0'}
${'{"engines": {"node": "17.0.0"}}'} | ${'17.0.0'} ${'{"engines": {"node": "17.0.0"}}'} | ${'17.0.0'}
${'{}'} | ${null} ${'{}'} | ${null}
${'[section]use-node-version=16'} | ${null}
${'[section]\nuse-node-version=20'} | ${null}
`.it('parses "$contents"', ({contents, expected}) => { `.it('parses "$contents"', ({contents, expected}) => {
const existsSpy = jest.spyOn(fs, 'existsSync'); const existsSpy = jest.spyOn(fs, 'existsSync');
existsSpy.mockImplementation(() => true); existsSpy.mockImplementation(() => true);

10752
dist/cache-save/index.js vendored

File diff suppressed because it is too large Load Diff

11699
dist/setup/index.js vendored

File diff suppressed because it is too large Load Diff

1973
package-lock.json generated

File diff suppressed because it is too large Load Diff

View File

@ -25,19 +25,20 @@
"author": "GitHub", "author": "GitHub",
"license": "MIT", "license": "MIT",
"dependencies": { "dependencies": {
"@actions/cache": "^3.2.4", "@actions/cache": "^4.0.0",
"@actions/core": "^1.10.0", "@actions/core": "^1.11.1",
"@actions/exec": "^1.1.0", "@actions/exec": "^1.1.1",
"@actions/github": "^5.1.1", "@actions/github": "^5.1.1",
"@actions/glob": "^0.4.0", "@actions/glob": "^0.5.0",
"@actions/http-client": "^2.2.1", "@actions/http-client": "^2.2.1",
"@actions/io": "^1.0.2", "@actions/io": "^1.0.2",
"@actions/tool-cache": "^2.0.1", "@actions/tool-cache": "^2.0.1",
"semver": "^7.6.0", "ini": "^5.0.0",
"semver": "^7.6.3",
"uuid": "^9.0.1" "uuid": "^9.0.1"
}, },
"devDependencies": { "devDependencies": {
"@types/jest": "^29.5.12", "@types/jest": "^29.5.14",
"@types/node": "^20.11.25", "@types/node": "^20.11.25",
"@types/semver": "^7.5.8", "@types/semver": "^7.5.8",
"@typescript-eslint/eslint-plugin": "^5.54.0", "@typescript-eslint/eslint-plugin": "^5.54.0",

3
src/ini.d.ts vendored Normal file
View File

@ -0,0 +1,3 @@
declare module 'ini' {
function parse(ini: string): Record<string, string | object>;
}

View File

@ -3,6 +3,7 @@ import * as exec from '@actions/exec';
import * as io from '@actions/io'; import * as io from '@actions/io';
import fs from 'fs'; import fs from 'fs';
import * as INI from 'ini';
import path from 'path'; import path from 'path';
export function getNodeVersionFromFile(versionFilePath: string): string | null { export function getNodeVersionFromFile(versionFilePath: string): string | null {
@ -56,6 +57,25 @@ export function getNodeVersionFromFile(versionFilePath: string): string | null {
core.info('Node version file is not JSON file'); core.info('Node version file is not JSON file');
} }
// Try parsing the file as an NPM `.npmrc` file.
//
// If the file contents contain the use-node-version key, we conclude it's an
// `.npmrc` file.
if (contents.match(/use-node-version *=/)) {
const manifest = INI.parse(contents);
const key = 'use-node-version';
if (key in manifest && typeof manifest[key] === 'string') {
const version = manifest[key];
core.info(`Using node version ${version} from global INI ${key}`);
return version;
}
// We didn't find the key `use-node-version` in the global scope of the
// `.npmrc` file, so we return.
return null;
}
const found = contents.match(/^(?:node(js)?\s+)?v?(?<version>[^\s]+)$/m); const found = contents.match(/^(?:node(js)?\s+)?v?(?<version>[^\s]+)$/m);
return found?.groups?.version ?? contents.trim(); return found?.groups?.version ?? contents.trim();
} }