.commitlintrc.js

@@ -1,10 +1,9 @@
-// This file is automatically added by @npmcli/template-oss. Do not edit.
+/* This file is automatically added by @npmcli/template-oss. Do not edit. */
 
 module.exports = {
   extends: ['@commitlint/config-conventional'],
-  // If you change rules be sure to also update release-please.yml
   rules: {
-    'type-enum': [2, 'always', ['feat', 'fix', 'docs', 'chore', 'deps']],
+    'type-enum': [2, 'always', ['feat', 'fix', 'docs', 'deps', 'chore']],
     'header-max-length': [2, 'always', 80],
     'subject-case': [0, 'always', ['lower-case', 'sentence-case', 'start-case']],
   },

.eslintrc.js

@@ -1,4 +1,4 @@
-// This file is automatically added by @npmcli/template-oss. Do not edit.
+/* This file is automatically added by @npmcli/template-oss. Do not edit. */
 
 const { readdirSync: readdir } = require('fs')
 
@@ -7,6 +7,7 @@ const localConfigs = readdir(__dirname)
   .map((file) => `./${file}`)
 
 module.exports = {
+  root: true,
   extends: [
     '@npmcli',
     ...localConfigs,

.github/CODEOWNERS

@@ -1 +1,3 @@
-*	@npm/cli-team
+# This file is automatically added by @npmcli/template-oss. Do not edit.
+
+* @npm/cli-team

.github/ISSUE_TEMPLATE/bug.yml

@@ -3,52 +3,52 @@
 name: Bug
 description: File a bug/issue
 title: "[BUG] <title>"
-labels: [Bug, Needs Triage]
+labels: [ Bug, Needs Triage ]
+
 body:
-- type: checkboxes
-  attributes:
-    label: Is there an existing issue for this?
-    description: Please [search here](./issues) to see if an issue already exists for your problem.
-    options:
-    - label: I have searched the existing issues
-      required: true
-- type: textarea
-  attributes:
-    label: Current Behavior
-    description: A clear & concise description of what you're experiencing.
-  validations:
-    required: false
-- type: textarea
-  attributes:
-    label: Expected Behavior
-    description: A clear & concise description of what you expected to happen.
-  validations:
-    required: false
-- type: textarea
-  attributes:
-    label: Steps To Reproduce
-    description: Steps to reproduce the behavior.
-    value: |
-      1. In this environment...
-      2. With this config...
-      3. Run '...'
-      4. See error...
-  validations:
-    required: false
-- type: textarea
-  attributes:
-    label: Environment
-    description: |
-      examples:
-        - **npm**: 7.6.3
-        - **Node**: 13.14.0
-        - **OS**: Ubuntu 20.04
-        - **platform**: Macbook Pro
-    value: |
+  - type: checkboxes
+    attributes:
+      label: Is there an existing issue for this?
+      description: Please [search here](./issues) to see if an issue already exists for your problem.
+      options:
+        - label: I have searched the existing issues
+          required: true
+  - type: textarea
+    attributes:
+      label: Current Behavior
+      description: A clear & concise description of what you're experiencing.
+    validations:
+      required: false
+  - type: textarea
+    attributes:
+      label: Expected Behavior
+      description: A clear & concise description of what you expected to happen.
+    validations:
+      required: false
+  - type: textarea
+    attributes:
+      label: Steps To Reproduce
+      description: Steps to reproduce the behavior.
+      value: |
+        1. In this environment...
+        2. With this config...
+        3. Run '...'
+        4. See error...
+    validations:
+      required: false
+  - type: textarea
+    attributes:
+      label: Environment
+      description: |
+        examples:
+          - **npm**: 7.6.3
+          - **Node**: 13.14.0
+          - **OS**: Ubuntu 20.04
+          - **platform**: Macbook Pro
+      value: |
         - npm:
         - Node:
         - OS:
         - platform:
-  validations:
-    required: false
-
+    validations:
+      required: false

.github/dependabot.yml

@@ -1,16 +1,17 @@
 # This file is automatically added by @npmcli/template-oss. Do not edit.
 
 version: 2
+
 updates:
-- package-ecosystem: npm
-  directory: "/"
-  schedule:
-    interval: daily
-  allow:
-    - dependency-type: direct
-  versioning-strategy: increase
-  commit-message:
-    prefix: deps
-    prefix-development: chore
-  labels:
-    - "Dependencies"
+  - package-ecosystem: npm
+    directory: "/"
+    schedule:
+      interval: daily
+    allow:
+      - dependency-type: direct
+    versioning-strategy: increase-if-necessary
+    commit-message:
+      prefix: deps
+      prefix-development: chore
+    labels:
+      - "Dependencies"

.github/workflows/audit.yml

@@ -3,21 +3,25 @@
 name: Audit
 
 on:
+  workflow_dispatch:
   schedule:
     # "At 01:00 on Monday" https://crontab.guru/#0_1_*_*_1
     - cron: "0 1 * * 1"
-  workflow_dispatch:
 
 jobs:
   audit:
-    name: npm audit
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-node@v2
+      - uses: actions/checkout@v3
+      - name: Setup git user
+        run: |
+          git config --global user.email "ops+npm-cli@npmjs.com"
+          git config --global user.name "npm cli ops bot"
+      - uses: actions/setup-node@v3
         with:
-          node-version: '16'
-      - name: Install deps
-        run: npm i --package-lock
-      - name: Audit
-        run: npm audit
+          node-version: 16.x
+      - name: Update npm to latest
+        run: npm i --prefer-online --no-fund --no-audit -g npm@latest
+      - run: npm -v
+      - run: npm i --ignore-scripts --package-lock
+      - run: npm audit

.github/workflows/ci.yml

@@ -3,7 +3,10 @@
 name: CI
 
 on:
+  workflow_dispatch:
   pull_request:
+    branches:
+      - '*'
   push:
     branches:
       - main
@@ -16,47 +19,68 @@ jobs:
   lint:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-node@v2
+      - uses: actions/checkout@v3
+      - name: Setup git user
+        run: |
+          git config --global user.email "ops+npm-cli@npmjs.com"
+          git config --global user.name "npm cli ops bot"
+      - uses: actions/setup-node@v3
         with:
-          node-version: '16'
-      - run: npm i --prefer-online -g npm@latest
-      - run: npm i
+          node-version: 16.x
+      - name: Update npm to latest
+        run: npm i --prefer-online --no-fund --no-audit -g npm@latest
+      - run: npm -v
+      - run: npm i --ignore-scripts
       - run: npm run lint
 
   test:
     strategy:
       fail-fast: false
       matrix:
-        node-version: [12.13.0, 12.x, 14.15.0, 14.x, 16.13.0, 16.x]
+        node-version:
+          - 12.13.0
+          - 12.x
+          - 14.15.0
+          - 14.x
+          - 16.0.0
+          - 16.x
         platform:
-        - os: ubuntu-latest
-          shell: bash
-        - os: macos-latest
-          shell: bash
-        - os: windows-latest
-          shell: cmd
+          - os: ubuntu-latest
+            shell: bash
+          - os: macos-latest
+            shell: bash
+          - os: windows-latest
+            shell: cmd
     runs-on: ${{ matrix.platform.os }}
     defaults:
       run:
         shell: ${{ matrix.platform.shell }}
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-node@v2
+      - uses: actions/checkout@v3
+      - name: Setup git user
+        run: |
+          git config --global user.email "ops+npm-cli@npmjs.com"
+          git config --global user.name "npm cli ops bot"
+      - uses: actions/setup-node@v3
         with:
           node-version: ${{ matrix.node-version }}
-        # node 12 and 14 ship with npm@6, which is known to fail when updating itself in windows
       - name: Update to workable npm (windows)
-        if: matrix.platform.os == 'windows-latest' && (startsWith(matrix.node-version, '12') || startsWith(matrix.node-version, '14'))
+        # node 12 and 14 ship with npm@6, which is known to fail when updating itself in windows
+        if: matrix.platform.os == 'windows-latest' && (startsWith(matrix.node-version, '12.') || startsWith(matrix.node-version, '14.'))
         run: |
           curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz
           tar xf npm-7.5.4.tgz
           cd package
           node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz
           cd ..
           rmdir /s /q package
-      - name: Update npm
+      - name: Update npm to 7
+        # If we do test on npm 10 it needs npm7
+        if: startsWith(matrix.node-version, '10.')
+        run: npm i --prefer-online --no-fund --no-audit -g npm@7
+      - name: Update npm to latest
+        if: ${{ !startsWith(matrix.node-version, '10.') }}
         run: npm i --prefer-online --no-fund --no-audit -g npm@latest
       - run: npm -v
-      - run: npm i
+      - run: npm i --ignore-scripts
       - run: npm test --ignore-scripts

.github/workflows/codeql-analysis.yml

@@ -4,10 +4,14 @@ name: "CodeQL"
 
 on:
   push:
-    branches: [ main ]
+    branches:
+      - main
+      - latest
   pull_request:
     # The branches below must be a subset of the branches above
-    branches: [ main ]
+    branches:
+      - main
+      - latest
   schedule:
     # "At 03:00 on Monday" https://crontab.guru/#0_3_*_*_1
     - cron: "0 3 * * 1"
@@ -24,15 +28,17 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        language: [ 'javascript' ]
+        language: [ javascript ]
 
     steps:
-    - name: Checkout repository
-      uses: actions/checkout@v2
-
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v1
-      with:
-        languages: ${{ matrix.language }}
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v1
+      - uses: actions/checkout@v3
+      - name: Setup git user
+        run: |
+          git config --global user.email "ops+npm-cli@npmjs.com"
+          git config --global user.name "npm cli ops bot"
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v1
+        with:
+          languages: ${{ matrix.language }}
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v1

.github/workflows/post-dependabot.yml

@@ -1,35 +1,44 @@
 # This file is automatically added by @npmcli/template-oss. Do not edit.
 
-name: "Post Dependabot Actions"
+name: Post Dependabot Actions
+
 on: pull_request
 
 # https://docs.github.com/en/rest/overview/permissions-required-for-github-apps
 permissions:
+  actions: write
   contents: write
 
 jobs:
   Install:
     runs-on: ubuntu-latest
-    if: ${{ github.actor == 'dependabot[bot]' }}
+    if: github.actor == 'dependabot[bot]'
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-node@v2
+      - uses: actions/checkout@v3
+      - name: Setup git user
+        run: |
+          git config --global user.email "ops+npm-cli@npmjs.com"
+          git config --global user.name "npm cli ops bot"
+      - uses: actions/setup-node@v3
         with:
-          node-version: '16'
+          node-version: 16.x
+      - name: Update npm to latest
+        run: npm i --prefer-online --no-fund --no-audit -g npm@latest
+      - run: npm -v
       - name: Dependabot metadata
         id: metadata
         uses: dependabot/fetch-metadata@v1.1.1
         with:
           github-token: "${{ secrets.GITHUB_TOKEN }}"
       - name: npm install and commit
-        if: ${{contains(steps.metadata.outputs.dependency-names, '@npmcli/template-oss')}}
+        if: contains(steps.metadata.outputs.dependency-names, '@npmcli/template-oss')
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: |
-          git config --local user.email "ops+npm-cli@npmjs.com"
-          git config --local user.name "npm cli ops bot"
           gh pr checkout ${{ github.event.pull_request.number }}
-          npm install
+          npm install --ignore-scripts
+          npm run template-oss-apply
           git add .
           git commit -am "chore: postinstall for dependabot template-oss PR"
           git push
+          npm run lint