From cf4be527b8553fc17f30c8785c1c02ca37def016 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mateusz=20Burzy=C5=84ski?= Date: Sun, 24 May 2026 12:45:51 +0200 Subject: [PATCH 1/6] add pkg.pr.new --- .github/workflows/pkg-pr-new.yml | 31 +++++++++++++++++++++++++++++++ package.json | 1 + pnpm-lock.yaml | 9 +++++++++ 3 files changed, 41 insertions(+) create mode 100644 .github/workflows/pkg-pr-new.yml diff --git a/.github/workflows/pkg-pr-new.yml b/.github/workflows/pkg-pr-new.yml new file mode 100644 index 00000000..d7348e9b --- /dev/null +++ b/.github/workflows/pkg-pr-new.yml @@ -0,0 +1,31 @@ +name: pkg-pr-new + +on: pull_request + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +permissions: {} + +jobs: + publish: + name: Publish + runs-on: ubuntu-latest + + steps: + - name: Check out repo + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + with: + persist-credentials: false + + - uses: ./.github/actions/ci-setup + with: + skip-cache: true # avoid cache poisoning attacks + + - name: Build + run: pnpm build + + - run: + | # zizmor: ignore[use-trusted-publishing] we're not publishing to npm here + pnpm exec pkg-pr-new publish --pnpm --packageManager=pnpm --commentWithDev --commentWithSha diff --git a/package.json b/package.json index 51a42aff..830c7dac 100644 --- a/package.json +++ b/package.json @@ -42,6 +42,7 @@ "@types/semver": "^7.5.0", "fs-fixture": "^2.13.0", "oxfmt": "^0.48.0", + "pkg-pr-new": "^0.0.71", "rolldown": "^1.0.1", "typescript": "^5.8.3", "vitest": "^4.1.6" diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index c11cd8d3..e1f898f7 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -83,6 +83,9 @@ importers: oxfmt: specifier: ^0.48.0 version: 0.48.0 + pkg-pr-new: + specifier: ^0.0.71 + version: 0.0.71 rolldown: specifier: ^1.0.1 version: 1.0.1 @@ -1062,6 +1065,10 @@ packages: resolution: {integrity: sha512-uB80kBFb/tfd68bVleG9T5GGsGPjJrLAUpR5PZIrhBnIaRTQRjqdJSsIKkOP6OAIFbj7GOrcudc5pNjZ+geV2g==} engines: {node: '>=6'} + pkg-pr-new@0.0.71: + resolution: {integrity: sha512-Ln7I7NaOXN6CjBLVrNqsWOo6mIaNW4chH4eCR2t4tnQSmYtyQiWCqlMG6bL2JYCT1MOiKEiDObnnzePGh0TNFQ==} + hasBin: true + possible-typed-array-names@1.1.0: resolution: {integrity: sha512-/+5VFTchJDoVj3bhoqi6UeymcD00DAwb1nJwamzPvHEszJ4FpF6SNNbUbOS8yI56qHzdV8eK0qEfOSiodkTdxg==} engines: {node: '>= 0.4'} @@ -2358,6 +2365,8 @@ snapshots: pify@4.0.1: {} + pkg-pr-new@0.0.71: {} + possible-typed-array-names@1.1.0: {} prettier@2.8.8: {} From 4f914b551a8f9ef04f88cf8a2a47386d189a8122 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mateusz=20Burzy=C5=84ski?= Date: Sun, 24 May 2026 12:47:55 +0200 Subject: [PATCH 2/6] tweak CODEOWNERS and remove release-pr workflow --- .github/CODEOWNERS | 9 +- .github/workflows/release-pr.yml | 242 ------------------------------- scripts/release-pr.ts | 19 --- 3 files changed, 4 insertions(+), 266 deletions(-) delete mode 100644 .github/workflows/release-pr.yml delete mode 100644 scripts/release-pr.ts diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 73b552ae..c014f4af 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1,5 +1,4 @@ -/.github/workflows/** @Andarist @emmatown -/action.yml @Andarist @emmatown -/scripts/bump.ts @Andarist @emmatown -/scripts/release.ts @Andarist @emmatown -/scripts/release-pr.ts @Andarist @emmatown +/.github/workflows/** @Andarist @bluwy @emmatown +/action.yml @Andarist @bluwy @emmatown +/scripts/bump.ts @Andarist @bluwy @emmatown +/scripts/release.ts @Andarist @bluwy @emmatown diff --git a/.github/workflows/release-pr.yml b/.github/workflows/release-pr.yml deleted file mode 100644 index c77c6e50..00000000 --- a/.github/workflows/release-pr.yml +++ /dev/null @@ -1,242 +0,0 @@ -name: Release PR - -on: - issue_comment: - types: [created] - -concurrency: - group: ${{ github.workflow }}-${{ github.run_id }} - cancel-in-progress: true - -permissions: {} - -jobs: - release_check: - name: Validate release request - if: github.repository == 'changesets/action' && github.event.issue.pull_request && startsWith(github.event.comment.body, '/release-pr') - timeout-minutes: 5 - runs-on: ubuntu-latest - - permissions: - contents: read # to inspect the pull request commit state (changesets/action) - issues: write # to add and remove reactions on the triggering comment (changesets/action) - pull-requests: read # to inspect the pull request head state (changesets/action) - - steps: - - id: report_in_progress - run: | - in_progress_reaction_id=$(gh api "/repos/$GH_REPO/issues/comments/$COMMENT_ID/reactions" -f content='eyes' --jq '.id') - echo "in_progress_reaction_id=$in_progress_reaction_id" >> "$GITHUB_OUTPUT" - env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - GH_REPO: ${{ github.repository }} - COMMENT_ID: ${{ github.event.comment.id }} - - - id: parse_command - run: | - if [[ "$COMMENT_BODY" =~ ^/release-pr[[:space:]]+([0-9a-fA-F]{7,40})[[:space:]]*$ ]] - then - echo "requested_sha=${BASH_REMATCH[1]}" >> "$GITHUB_OUTPUT" - else - echo "Expected '/release-pr ' where is a 7-40 character commit SHA." - exit 1 - fi - env: - COMMENT_BODY: ${{ github.event.comment.body }} - - - id: check_authorization - run: | - if [[ "$AUTHOR_ASSOCIATION" == 'MEMBER' || "$AUTHOR_ASSOCIATION" == 'OWNER' || "$AUTHOR_ASSOCIATION" == 'COLLABORATOR' ]] - then - echo "User is authorized to release" - else - echo "User is not authorized to release" - exit 1 - fi - env: - AUTHOR_ASSOCIATION: ${{ github.event.comment.author_association }} - - - id: resolve_requested_sha - run: | - requested_sha=$(echo "$REQUESTED_SHA" | tr '[:upper:]' '[:lower:]') - - mapfile -t matches < <( - gh api "/repos/$GH_REPO/pulls/$ISSUE_NUMBER/commits" --paginate --jq '.[].sha' | - awk -v sha="$requested_sha" 'index(tolower($0), sha) == 1 { print $0 }' - ) - - if [[ ${#matches[@]} -eq 0 ]] - then - echo "Requested SHA $REQUESTED_SHA is not part of this pull request." - exit 1 - fi - - if [[ ${#matches[@]} -gt 1 ]] - then - echo "Requested SHA $REQUESTED_SHA is ambiguous for this pull request." - exit 1 - fi - - resolved_sha="${matches[0]}" - pr_head_sha=$(gh pr view "$ISSUE_NUMBER" --json headRefOid --jq '.headRefOid') - - if [[ "$resolved_sha" != "$pr_head_sha" ]] - then - echo "Requested SHA $resolved_sha is not the current PR head $pr_head_sha." - exit 1 - fi - - echo "resolved_sha=$resolved_sha" >> "$GITHUB_OUTPUT" - echo "pr_head_sha=$pr_head_sha" >> "$GITHUB_OUTPUT" - env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - GH_REPO: ${{ github.repository }} - ISSUE_NUMBER: ${{ github.event.issue.number }} - REQUESTED_SHA: ${{ steps.parse_command.outputs.requested_sha }} - - - id: get_pr_head_repository - run: | - head_repository=$(gh pr view "$ISSUE_NUMBER" --json headRepositoryOwner,headRepository --jq '.headRepositoryOwner.login + "/" + .headRepository.name') - echo "head_repository=$head_repository" >> "$GITHUB_OUTPUT" - env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - ISSUE_NUMBER: ${{ github.event.issue.number }} - - outputs: - in_progress_reaction_id: ${{ steps.report_in_progress.outputs.in_progress_reaction_id }} - requested_sha: ${{ steps.parse_command.outputs.requested_sha }} - resolved_sha: ${{ steps.resolve_requested_sha.outputs.resolved_sha }} - pr_head_sha: ${{ steps.resolve_requested_sha.outputs.pr_head_sha }} - head_repository: ${{ steps.get_pr_head_repository.outputs.head_repository }} - - release: - name: Release snapshot - if: github.repository == 'changesets/action' - timeout-minutes: 20 - runs-on: ubuntu-latest - needs: release_check - - permissions: - contents: write # to create the release commit and publish snapshot artifacts (changesets/action) - issues: write # to add and remove reactions on the triggering comment (changesets/action) - pull-requests: write # to comment on the pull request with the release result (changesets/action) - - steps: - - name: Check out repo - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - with: - persist-credentials: false - - - uses: ./.github/actions/ci-setup - with: - skip-cache: true # avoid cache poisoning attacks - - - name: Fetch validated commit from pull request head repository - run: | - git remote add pr-head "https://github.com/$HEAD_REPOSITORY.git" - git fetch --no-tags pr-head "$RESOLVED_SHA" - env: - HEAD_REPOSITORY: ${{ needs.release_check.outputs.head_repository }} - RESOLVED_SHA: ${{ needs.release_check.outputs.resolved_sha }} - - - name: Checkout validated commit - run: git checkout --detach "$RESOLVED_SHA" - env: - RESOLVED_SHA: ${{ needs.release_check.outputs.resolved_sha }} - - - name: Check if Version Packages PR - id: check_version_packages - run: | - version_packages=$(gh pr view "$ISSUE_NUMBER" --json headRefName --jq '.headRefName|startswith("changeset-release/")') - echo "version_packages=$version_packages" >> "$GITHUB_OUTPUT" - env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - ISSUE_NUMBER: ${{ github.event.issue.number }} - - - name: Reset Version Packages PR - if: steps.check_version_packages.outputs.version_packages == 'true' - run: git reset --hard HEAD~1 - - - name: Create snapshot version - run: pnpm changeset version --snapshot "pr$ISSUE_NUMBER" - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - ISSUE_NUMBER: ${{ github.event.issue.number }} - - - name: Build - run: pnpm build - - - name: Setup Git user - run: | - git config --global user.name "github-actions[bot]" - git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com" - - - name: Release snapshot version - run: pnpm release:pr - - - name: Add success reaction - run: gh api "/repos/$GH_REPO/issues/comments/$COMMENT_ID/reactions" -f content='rocket' - env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - GH_REPO: ${{ github.repository }} - COMMENT_ID: ${{ github.event.comment.id }} - - - name: Remove in-progress reaction - run: gh api -X DELETE "/repos/$GH_REPO/issues/comments/$COMMENT_ID/reactions/$IN_PROGRESS_REACTION_ID" - env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - GH_REPO: ${{ github.repository }} - COMMENT_ID: ${{ github.event.comment.id }} - IN_PROGRESS_REACTION_ID: ${{ needs.release_check.outputs.in_progress_reaction_id }} - - - name: Comment success - run: | - published_commit="$(git rev-parse HEAD)" - body="The release for \`$RESOLVED_SHA\` triggered by [this comment]($COMMENT_URL) has [succeeded]($RUN_URL). Published commit: [$GH_REPO@$published_commit](https://github.com/$GH_REPO/commit/$published_commit)." - gh pr comment "$ISSUE_NUMBER" --body "$body" - env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - GH_REPO: ${{ github.repository }} - ISSUE_NUMBER: ${{ github.event.issue.number }} - COMMENT_URL: ${{ github.event.comment.url }} - RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} - RESOLVED_SHA: ${{ needs.release_check.outputs.resolved_sha }} - - report-failure-if-needed: - name: Report failure - needs: [release_check, release] - timeout-minutes: 2 - runs-on: ubuntu-latest - if: failure() && github.repository == 'changesets/action' && (needs.release_check.result == 'failure' || needs.release.result == 'failure') - - permissions: - issues: write # to add and remove reactions on the triggering comment (changesets/action) - pull-requests: write # to comment on the pull request with the failure result (changesets/action) - - steps: - - name: Add failure reaction - run: gh api "/repos/$GH_REPO/issues/comments/$COMMENT_ID/reactions" -f content='-1' - env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - GH_REPO: ${{ github.repository }} - COMMENT_ID: ${{ github.event.comment.id }} - - - name: Remove in-progress reaction - run: gh api -X DELETE "/repos/$GH_REPO/issues/comments/$COMMENT_ID/reactions/$IN_PROGRESS_REACTION_ID" - env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - GH_REPO: ${{ github.repository }} - COMMENT_ID: ${{ github.event.comment.id }} - IN_PROGRESS_REACTION_ID: ${{ needs.release_check.outputs.in_progress_reaction_id }} - - - name: Comment failure - run: | - body="The release for \`$REQUESTED_SHA\` triggered by [this comment]($COMMENT_URL) has [failed]($RUN_URL)." - gh pr comment "$ISSUE_NUMBER" --body "$body" - env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - GH_REPO: ${{ github.repository }} - ISSUE_NUMBER: ${{ github.event.issue.number }} - COMMENT_URL: ${{ github.event.comment.url }} - RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} - REQUESTED_SHA: ${{ needs.release_check.outputs.requested_sha }} diff --git a/scripts/release-pr.ts b/scripts/release-pr.ts deleted file mode 100644 index 715bdff8..00000000 --- a/scripts/release-pr.ts +++ /dev/null @@ -1,19 +0,0 @@ -import path from "node:path"; -import { exec } from "@actions/exec"; -import pkgJson from "../package.json" with { type: "json" }; - -const tag = `v${pkgJson.version}`; -const releaseLine = "pr-release"; - -process.chdir(path.join(import.meta.dirname, "..")); - -await exec("git", ["checkout", "--detach"]); -await exec("git", ["add", "--force", "dist"]); -await exec("git", ["commit", "-m", tag]); - -await exec("git", [ - "push", - "--force", - "origin", - `HEAD:refs/heads/${releaseLine}`, -]); From 79a0643eb42ba2e8f90f2345e4fccbf59bdc241b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mateusz=20Burzy=C5=84ski?= Date: Sun, 24 May 2026 13:51:21 +0200 Subject: [PATCH 3/6] tweak --- package.json | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/package.json b/package.json index 830c7dac..88f00c6a 100644 --- a/package.json +++ b/package.json @@ -3,7 +3,7 @@ "version": "1.8.0", "license": "MIT", "type": "module", - "main": "dist/index.js", + "exports": "./dist/index.js", "scripts": { "build": "rolldown -c", "test": "vitest", @@ -13,8 +13,7 @@ "format:fix": "oxfmt", "changeset": "changeset", "bump": "node --experimental-strip-types ./scripts/bump.ts", - "release": "node --experimental-strip-types ./scripts/release.ts", - "release:pr": "node --experimental-strip-types ./scripts/release-pr.ts" + "release": "node --experimental-strip-types ./scripts/release.ts" }, "dependencies": { "@actions/core": "^3.0.1", From 962764bc545d6e207a4f5e667ef815aad5cf7df2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mateusz=20Burzy=C5=84ski?= Date: Sun, 24 May 2026 13:51:53 +0200 Subject: [PATCH 4/6] try no compact --- .github/workflows/pkg-pr-new.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pkg-pr-new.yml b/.github/workflows/pkg-pr-new.yml index d7348e9b..09a27830 100644 --- a/.github/workflows/pkg-pr-new.yml +++ b/.github/workflows/pkg-pr-new.yml @@ -28,4 +28,4 @@ jobs: - run: | # zizmor: ignore[use-trusted-publishing] we're not publishing to npm here - pnpm exec pkg-pr-new publish --pnpm --packageManager=pnpm --commentWithDev --commentWithSha + pnpm exec pkg-pr-new publish --pnpm --packageManager=pnpm --commentWithDev --commentWithSha --no-compact From f50762a5f91dcad4d8a29e202be1fa00832ec18d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mateusz=20Burzy=C5=84ski?= Date: Sun, 24 May 2026 13:54:59 +0200 Subject: [PATCH 5/6] no template --- .github/workflows/pkg-pr-new.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pkg-pr-new.yml b/.github/workflows/pkg-pr-new.yml index 09a27830..5c578959 100644 --- a/.github/workflows/pkg-pr-new.yml +++ b/.github/workflows/pkg-pr-new.yml @@ -28,4 +28,4 @@ jobs: - run: | # zizmor: ignore[use-trusted-publishing] we're not publishing to npm here - pnpm exec pkg-pr-new publish --pnpm --packageManager=pnpm --commentWithDev --commentWithSha --no-compact + pnpm exec pkg-pr-new publish --pnpm --packageManager=pnpm --commentWithDev --commentWithSha --no-compact --no-template From b4392ca0f815a17a28119a5303ac97b6227e94a9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mateusz=20Burzy=C5=84ski?= Date: Sun, 24 May 2026 14:12:27 +0200 Subject: [PATCH 6/6] add explicit files --- package.json | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/package.json b/package.json index 88f00c6a..8e61c2a0 100644 --- a/package.json +++ b/package.json @@ -4,6 +4,10 @@ "license": "MIT", "type": "module", "exports": "./dist/index.js", + "files": [ + "dist", + "action.yml" + ], "scripts": { "build": "rolldown -c", "test": "vitest",