diff --git a/.eslintrc.js b/.eslintrc.js index d1b0963..9a8de79 100644 --- a/.eslintrc.js +++ b/.eslintrc.js @@ -11,7 +11,7 @@ module.exports = { "plugin:jsdoc/recommended", "plugin:promise/recommended", "plugin:regexp/recommended", - "plugin:security/recommended", + "plugin:security/recommended-legacy", "prettier", ], overrides: [ diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml deleted file mode 100644 index daaa63d..0000000 --- a/.github/FUNDING.yml +++ /dev/null @@ -1 +0,0 @@ -github: Fdawgs diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml index 5927185..21a75fe 100644 --- a/.github/workflows/cd.yml +++ b/.github/workflows/cd.yml @@ -19,6 +19,8 @@ jobs: release: name: Create/Update Release Pull Request runs-on: ubuntu-latest + outputs: + release_created: ${{ steps.release.outputs.release_created }} steps: - name: Release Please id: release @@ -29,24 +31,58 @@ jobs: release-type: node package-name: fastify-floc-off + publish-npm: + name: Publish to NPM + needs: release + if: needs.release.outputs.release_created == 'true' + runs-on: ubuntu-latest + steps: - name: Check out repo - if: steps.release.outputs.release_created uses: actions/checkout@v4 with: persist-credentials: false - name: Setup Node - if: steps.release.outputs.release_created uses: actions/setup-node@v4 with: node-version: lts/* - registry-url: https://registry.npmjs.org/ + registry-url: https://registry.npmjs.org - name: Publish to NPM - if: steps.release.outputs.release_created env: NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} - # Remove dev values from package.json + # Remove dev values from package.json before publishing to reduce package size + run: | + npm pkg delete commitlint devDependencies jest scripts + npm publish --ignore-scripts --provenance --registry https://registry.npmjs.org + + publish-ghp: + name: Publish to GitHub Packages + needs: release + if: needs.release.outputs.release_created == 'true' + runs-on: ubuntu-latest + steps: + - name: Check out repo + uses: actions/checkout@v4 + with: + persist-credentials: false + + - name: Setup Node + uses: actions/setup-node@v4 + with: + node-version: lts/* + registry-url: https://npm.pkg.github.com + scope: "@fdawgs" + + - name: Scope package + run: | + pkgName=$(npm pkg get name | tr -d '"') + npm pkg set name="@fdawgs/$pkgName" + + - name: Publish to GitHub Packages + env: + NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + # Remove dev values from package.json before publishing to reduce package size run: | npm pkg delete commitlint devDependencies jest scripts - npm publish --ignore-scripts --provenance + npm publish --ignore-scripts --registry https://npm.pkg.github.com/@fdawgs diff --git a/.husky/pre-commit b/.husky/pre-commit index a170e00..c613291 100644 --- a/.husky/pre-commit +++ b/.husky/pre-commit @@ -1,4 +1,4 @@ #!/usr/bin/env sh . "$(dirname -- "$0")/_/husky.sh" -npm run lint:prettier && npm run lint:licenses && npm test +npm run lint:licenses && npm test diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md deleted file mode 100644 index 1ce1f26..0000000 --- a/CODE_OF_CONDUCT.md +++ /dev/null @@ -1,127 +0,0 @@ -# Contributor Covenant Code of Conduct - -## Our Pledge - -We as members, contributors, and leaders pledge to make participation in our -community a harassment-free experience for everyone. - -We pledge to act and interact in ways that contribute to an open, welcoming, -diverse, inclusive, and healthy community. - -## Our Standards - -Examples of behavior that contributes to a positive environment for our -community include: - -- Demonstrating empathy and kindness toward other people -- Being respectful of differing opinions, viewpoints, and experiences -- Giving and gracefully accepting constructive feedback -- Accepting responsibility and apologizing to those affected by our mistakes, - and learning from the experience -- Focusing on what is best not just for us as individuals, but for the overall - community - -Examples of unacceptable behavior include: - -- The use of sexualized language or imagery, and sexual attention or advances of - any kind -- Trolling, insulting or derogatory comments, and personal or political attacks -- Public or private harassment -- Publishing others' private information, such as a physical or email address, - without their explicit permission -- Other conduct which could reasonably be considered inappropriate in a - professional setting - -## Enforcement Responsibilities - -Community leaders are responsible for clarifying and enforcing our standards of -acceptable behavior and will take appropriate and fair corrective action in -response to any behavior that they deem inappropriate, threatening, offensive, -or harmful. - -Community leaders have the right and responsibility to remove, edit, or reject -comments, commits, code, wiki edits, issues, and other contributions that are -not aligned to this Code of Conduct, and will communicate reasons for moderation -decisions when appropriate. - -## Scope - -This Code of Conduct applies within all community spaces, and also applies when -an individual is officially representing the community in public spaces. -Examples of representing our community include using an official e-mail address, -posting via an official social media account, or acting as an appointed -representative at an online or offline event. - -## Enforcement - -Instances of abusive, harassing, or otherwise unacceptable behavior may be -reported to the community leader responsible for enforcement at frazer.dev@outlook.com. -All complaints will be reviewed and investigated promptly and fairly. - -All community leaders are obligated to respect the privacy and security of the -reporter of any incident. - -## Enforcement Guidelines - -Community leaders will follow these Community Impact Guidelines in determining -the consequences for any action they deem in violation of this Code of Conduct: - -### 1. Correction - -**Community Impact**: Use of inappropriate language or other behavior deemed -unprofessional or unwelcome in the community. - -**Consequence**: A private, written warning from community leaders, providing -clarity around the nature of the violation and an explanation of why the -behavior was inappropriate. A public apology may be requested. - -### 2. Warning - -**Community Impact**: A violation through a single incident or series of -actions. - -**Consequence**: A warning with consequences for continued behavior. No -interaction with the people involved, including unsolicited interaction with -those enforcing the Code of Conduct, for a specified period of time. This -includes avoiding interactions in community spaces as well as external channels -like social media. Violating these terms may lead to a temporary or permanent -ban. - -### 3. Temporary Ban - -**Community Impact**: A serious violation of community standards, including -sustained inappropriate behavior. - -**Consequence**: A temporary ban from any sort of interaction or public -communication with the community for a specified period of time. No public or -private interaction with the people involved, including unsolicited interaction -with those enforcing the Code of Conduct, is allowed during this period. -Violating these terms may lead to a permanent ban. - -### 4. Permanent Ban - -**Community Impact**: Demonstrating a pattern of violation of community -standards, including sustained inappropriate behavior, harassment of an -individual, or aggression toward or disparagement of classes of individuals. - -**Consequence**: A permanent ban from any sort of public interaction within the -community. - -## Attribution - -This Code of Conduct is adapted from the [Contributor Covenant][homepage], -version 2.1, available at -[https://contributor-covenant.org/version/2/1/code_of_conduct.html][v2.1]. - -Community Impact Guidelines were inspired by -[Mozilla's code of conduct enforcement ladder][mozilla coc]. - -For answers to common questions about this code of conduct, see the FAQ at -[https://contributor-covenant.org/faq][faq]. Translations are available at -[https://contributor-covenant.org/translations][translations]. - -[homepage]: https://contributor-covenant.org -[v2.1]: https://contributor-covenant.org/version/2/1/code_of_conduct.html -[mozilla coc]: https://github.com/mozilla/diversity -[faq]: https://contributor-covenant.org/faq -[translations]: https://contributor-covenant.org/translations diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md deleted file mode 100644 index 0c0c6f4..0000000 --- a/CONTRIBUTING.md +++ /dev/null @@ -1,49 +0,0 @@ -# Contributing - -Contributions are welcome and any help that can be offered is greatly appreciated. -Please take a moment to read the entire contributing guide. - -This repository uses the [Feature Branch Workflow](https://atlassian.com/git/tutorials/comparing-workflows/feature-branch-workflow), -meaning that development should take place in `feat/` branches, with the `main` branch kept in a stable state. -When you submit pull requests, please make sure to fork from and submit back to `main`. - -Other processes and specifications that are in use in this repository are: - -- [Semantic versioning](https://semver.org/) -- [Conventional commits](https://conventionalcommits.org/en/v1.0.0/) following the [@commitlint/config-conventional config](https://github.com/conventional-changelog/commitlint/tree/master/%40commitlint/config-conventional) -- [Prettier](https://prettier.io/) style guide - -## Getting started - -This repository requires that you have [Node.js](https://nodejs.org) >=14.0.0 installed. - -With that in place, you can fork the repository, clone it, and then run `npm i` to install all dependencies. - -### Development workflow - -After cloning the repository and installing all the dependencies, there are several commands available for local development: - -- `npm run lint` - Lints everything in src directory -- `npm run jest` - Runs Jest over all tests in src directory -- `npm test` - Runs `npm run lint` and `npm run jest` together - -## Documentation style - -Documentation (both in markdown files and inline comments) should be written in **British English** where possible. - -Titles and headings should use sentence-style capitalisation, where only the first letter of a sentence and proper nouns are capitalised. - -## Pull request checklist - -Before submitting a pull request back to the main repository, please make sure you have completed the following steps: - -1. Pull request base branch is set to `main`. All pull requests should be forked from and merged back to `main` -2. Run `npm test` to check the code adheres to the defined ESLint style and that it passes the Jest tests -3. Run `npm run lint:prettier:fix` to run the Prettier code formatter over the code -4. Run `npm run lint:licenses` if adding or updating production dependencies to check they use permissive licenses - -Steps 2. and 4. are automatically run by a pre-commit hook added by [Husky](https://typicode.github.io/husky/#/). - -## Issues - -Please file your issues [here](https://github.com/Fdawgs/fastify-floc-off/issues) and try to provide as much information in the template as possible/relevant. diff --git a/README.md b/README.md index 17ba949..0e8fa0a 100644 --- a/README.md +++ b/README.md @@ -51,8 +51,8 @@ server.listen(3000, (err) => { Contributions are welcome, and any help is greatly appreciated! -See [the contributing guide](./CONTRIBUTING.md) for details on how to get started. -Please adhere to this project's [Code of Conduct](./CODE_OF_CONDUCT.md) when contributing. +See [the contributing guide](https://github.com/Fdawgs/.github/blob/main/CONTRIBUTING.md) for details on how to get started. +Please adhere to this project's [Code of Conduct](https://github.com/Fdawgs/.github/blob/main/CODE_OF_CONDUCT.md) when contributing. ## Acknowledgements diff --git a/SECURITY.md b/SECURITY.md deleted file mode 100644 index a4de9d7..0000000 --- a/SECURITY.md +++ /dev/null @@ -1,13 +0,0 @@ -# Security - -## Disclosure policy - -Please email reports about any security-related issues you find to frazer.dev@outlook.com. -Please use a descriptive subject line in your report email, in addition to a reference or link to this repository. -After the initial reply to your report, we will attempt to keep you informed of the progress being made towards a fix. - -In addition, please include the following information along with your report: - -- Your name and affiliation (if any) -- A description of the technical details of the vulnerabilities -- An explanation of who can exploit this vulnerability, and what they gain when doing so diff --git a/package.json b/package.json index bfc245f..c2e0f91 100644 --- a/package.json +++ b/package.json @@ -32,11 +32,12 @@ "jest": "jest", "jest:coverage": "jest --coverage", "lint": "eslint . --cache --ext js,jsx --ignore-path .gitignore", + "lint:fix": "npm run lint -- --fix", "lint:licenses": "node scripts/license-checker.js", "lint:prettier": "prettier . -c -u", "lint:prettier:fix": "prettier . -w -u", "prepare": "husky install", - "test": "npm run lint && npm run jest" + "test": "npm run lint && npm run lint:prettier && npm run jest" }, "commitlint": { "extends": [ @@ -63,24 +64,24 @@ "testTimeout": 10000 }, "devDependencies": { - "@commitlint/cli": "^18.4.3", - "@commitlint/config-conventional": "^18.4.3", + "@commitlint/cli": "^18.4.4", + "@commitlint/config-conventional": "^18.4.4", "@eslint-community/eslint-plugin-eslint-comments": "^4.1.0", - "@types/jest": "^29.5.10", - "eslint": "^8.54.0", + "@types/jest": "^29.5.11", + "eslint": "^8.56.0", "eslint-config-airbnb-base": "^15.0.0", - "eslint-config-prettier": "^9.0.0", - "eslint-plugin-import": "^2.29.0", - "eslint-plugin-jest": "^27.6.0", - "eslint-plugin-jsdoc": "^46.9.0", + "eslint-config-prettier": "^9.1.0", + "eslint-plugin-import": "^2.29.1", + "eslint-plugin-jest": "^27.6.1", + "eslint-plugin-jsdoc": "^48.0.2", "eslint-plugin-promise": "^6.1.1", - "eslint-plugin-regexp": "^2.1.1", - "eslint-plugin-security": "^1.7.1", - "fastify": "^4.24.3", + "eslint-plugin-regexp": "^2.1.2", + "eslint-plugin-security": "^2.1.0", + "fastify": "^4.25.2", "husky": "^8.0.3", "jest": "^29.7.0", "license-checker": "^25.0.1", - "prettier": "^3.1.0", + "prettier": "^3.1.1", "spdx-copyleft": "^1.0.0", "upath": "^2.0.1" },