Bump ws from 7.5.5 to 7.5.10 (#216)

Bumps [ws](https://github.com/websockets/ws) from 7.5.5 to 7.5.10.
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](https://github.com/websockets/ws/compare/7.5.5...7.5.10)

---
updated-dependencies:
- dependency-name: ws
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

.github/FUNDING.yml

@@ -0,0 +1 @@
+github: [mathieudutour]

.github/workflows/test.yml

@@ -9,7 +9,10 @@ jobs:
   test:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version-file: package.json
       - run: npm ci
       - run: npm run test
       - run: npm run check

README.md

@@ -14,25 +14,24 @@ jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
       - name: Bump version and push tag
         id: tag_version
-        uses: mathieudutour/github-tag-action@v5.6
+        uses: mathieudutour/github-tag-action@v6.2
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
       - name: Create a GitHub release
-        uses: actions/create-release@v1
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        uses: ncipollo/release-action@v1
         with:
-          tag_name: ${{ steps.tag_version.outputs.new_tag }}
-          release_name: Release ${{ steps.tag_version.outputs.new_tag }}
+          tag: ${{ steps.tag_version.outputs.new_tag }}
+          name: Release ${{ steps.tag_version.outputs.new_tag }}
           body: ${{ steps.tag_version.outputs.changelog }}
 ```
 
 ### 📥 Inputs
 
 - **github_token** _(required)_ - Required for permission to tag the repo. Usually `${{ secrets.GITHUB_TOKEN }}`.
+- **commit_sha** _(optional)_ - The commit SHA value to add the tag. If specified, it uses this value instead GITHUB_SHA. It could be useful when a previous step merged a branch into github.ref.
 
 #### Fetch all tags
 
@@ -45,7 +44,8 @@ jobs:
 
 #### Customize the tag
 
-- **default_bump** _(optional)_ - Which type of bump to use when [none is explicitly provided](#bumping) (default: `patch`). You can also set `false` to avoid generating a new tag when none is explicitly provided.
+- **default_bump** _(optional)_ - Which type of bump to use when [none is explicitly provided](#bumping) when commiting to a release branch (default: `patch`). You can also set `false` to avoid generating a new tag when none is explicitly provided. Can be `patch, minor or major`.
+- **default_prerelease_bump** _(optional)_ - Which type of bump to use when [none is explicitly provided](#bumping) when commiting to a prerelease branch (default: `prerelease`). You can also set `false` to avoid generating a new tag when none is explicitly provided. Can be `prerelease, prepatch, preminor or premajor`.
 - **custom_tag** _(optional)_ - Custom tag name. If specified, it overrides bump settings.
 - **create_annotated_tag** _(optional)_ - Boolean to create an annotated rather than a lightweight one (default: `false`).
 - **tag_prefix** _(optional)_ - A prefix to the tag name (default: `v`).

action.yml

@@ -8,6 +8,8 @@ outputs:
     description: "Generated tag without the prefix"
   previous_tag:
     description: "Previous tag (or `0.0.0`)"
+  previous_version:
+    description: "The value of the previous tag (or 0.0.0 if none) without the prefix. Note that if custom_tag is set, this will be undefined."
   release_type:
     description: "The computed release type (`major`, `minor`, `patch` or `custom` - can be prefixed with `pre`)"
   changelog:
@@ -17,9 +19,13 @@ inputs:
     description: "Required for permission to tag the repo."
     required: true
   default_bump:
-    description: "Which type of bump to use when none explicitly provided (default: `patch`)."
+    description: "Which type of bump to use when none explicitly provided when commiting to a release branch (default: `patch`)."
     required: false
     default: "patch"
+  default_prerelease_bump:
+    description: "Which type of bump to use when none explicitly provided when commiting to a prerelease branch (default: `prerelease`)."
+    required: false
+    default: "prerelease"
   tag_prefix:
     description: "A prefix to the tag name (default: `v`)."
     required: false
@@ -40,6 +46,9 @@ inputs:
   pre_release_branches:
     description: "Comma separated list of branches (bash reg exp accepted) that will generate pre-release tags."
     required: false
+  commit_sha:
+    description: "The commit SHA value to add the tag. If specified, it uses this value instead GITHUB_SHA. It could be useful when a previous step merged a branch into github.ref."
+    required: false
   create_annotated_tag:
     description: "Boolean to create an annotated tag rather than lightweight."
     required: false
@@ -54,7 +63,7 @@ inputs:
     default: "false"
 
 runs:
-  using: "node12"
+  using: "node20"
   main: "lib/main.js"
 branding:
   icon: "git-merge"

package.json

@@ -1,6 +1,6 @@
 {
   "name": "github-tag-action",
-  "version": "5.6.0",
+  "version": "6.2.0",
   "private": true,
   "description": "A GitHub Action to automatically bump and tag master, on merge, with the latest SemVer formatted version.",
   "main": "lib/main.js",
@@ -18,27 +18,31 @@
     "node",
     "setup"
   ],
+  "engines": {
+    "node": ">=20"
+  },
   "author": "Mathieu Dutour",
   "license": "MIT",
   "dependencies": {
-    "@actions/core": "^1.2.6",
-    "@actions/exec": "^1.0.4",
+    "@actions/core": "^1.10.0",
+    "@actions/exec": "^1.1.0",
     "@actions/github": "^4.0.0",
     "@semantic-release/commit-analyzer": "^8.0.1",
     "@semantic-release/release-notes-generator": "^9.0.1",
-    "conventional-changelog-conventionalcommits": "^4.5.0",
-    "semver": "^7.3.4"
+    "conventional-changelog-conventionalcommits": "^4.6.1",
+    "semver": "^7.3.5"
   },
   "devDependencies": {
-    "@octokit/rest": "^18.0.12",
-    "@types/js-yaml": "^3.12.5",
-    "@types/node": "^14.14.19",
-    "@types/semver": "^7.1.0",
-    "jest": "^26.6.3",
-    "jest-circus": "^26.6.3",
-    "js-yaml": "^3.14.0",
-    "prettier": "2.2.1",
-    "ts-jest": "^26.4.4",
-    "typescript": "^4.1.3"
+    "@octokit/rest": "^18.12.0",
+    "@types/jest": "^27.0.2",
+    "@types/js-yaml": "^4.0.4",
+    "@types/node": "^20.11.16",
+    "@types/semver": "^7.3.9",
+    "jest": "^27.3.1",
+    "jest-circus": "^27.3.1",
+    "js-yaml": "^4.1.0",
+    "prettier": "2.4.1",
+    "ts-jest": "^27.0.7",
+    "typescript": "^4.4.4"
   }
 }

src/action.ts

@@ -17,15 +17,21 @@ import { Await } from './ts';
 
 export default async function main() {
   const defaultBump = core.getInput('default_bump') as ReleaseType | 'false';
+  const defaultPreReleaseBump = core.getInput('default_prerelease_bump') as
+    | ReleaseType
+    | 'false';
   const tagPrefix = core.getInput('tag_prefix');
   const customTag = core.getInput('custom_tag');
   const releaseBranches = core.getInput('release_branches');
   const preReleaseBranches = core.getInput('pre_release_branches');
   const appendToPreReleaseTag = core.getInput('append_to_pre_release_tag');
-  const createAnnotatedTag = !!core.getInput('create_annotated_tag');
+  const createAnnotatedTag = /true/i.test(
+    core.getInput('create_annotated_tag')
+  );
   const dryRun = core.getInput('dry_run');
   const customReleaseRules = core.getInput('custom_release_rules');
   const shouldFetchAllTags = core.getInput('fetch_all_tags');
+  const commitSha = core.getInput('commit_sha');
 
   let mappedReleaseRules;
   if (customReleaseRules) {
@@ -39,8 +45,9 @@ export default async function main() {
     return;
   }
 
-  if (!GITHUB_SHA) {
-    core.setFailed('Missing GITHUB_SHA.');
+  const commitRef = commitSha || GITHUB_SHA;
+  if (!commitRef) {
+    core.setFailed('Missing commit_sha or GITHUB_SHA.');
     return;
   }
 
@@ -54,9 +61,11 @@ export default async function main() {
   const isPullRequest = isPr(GITHUB_REF);
   const isPrerelease = !isReleaseBranch && !isPullRequest && isPreReleaseBranch;
 
-  const identifier = appendToPreReleaseTag
-    ? appendToPreReleaseTag
-    : currentBranch;
+  // Sanitize identifier according to
+  // https://semver.org/#backusnaur-form-grammar-for-valid-semver-versions
+  const identifier = (
+    appendToPreReleaseTag ? appendToPreReleaseTag : currentBranch
+  ).replace(/[^a-zA-Z0-9-]/g, '-');
 
   const prefixRegex = new RegExp(`^${tagPrefix}`);
 
@@ -76,7 +85,7 @@ export default async function main() {
   let newVersion: string;
 
   if (customTag) {
-    commits = await getCommits(latestTag.commit.sha, GITHUB_SHA);
+    commits = await getCommits(latestTag.commit.sha, commitRef);
 
     core.setOutput('release_type', 'custom');
     newVersion = customTag;
@@ -112,7 +121,7 @@ export default async function main() {
     core.setOutput('previous_version', previousVersion.version);
     core.setOutput('previous_tag', previousTag.name);
 
-    commits = await getCommits(previousTag.commit.sha, GITHUB_SHA);
+    commits = await getCommits(previousTag.commit.sha, commitRef);
 
     let bump = await analyzeCommits(
       {
@@ -124,13 +133,31 @@ export default async function main() {
       { commits, logger: { log: console.info.bind(console) } }
     );
 
-    if (!bump && defaultBump === 'false') {
+    // Determine if we should continue with tag creation based on main vs prerelease branch
+    let shouldContinue = true;
+    if (isPrerelease) {
+      if (!bump && defaultPreReleaseBump === 'false') {
+        shouldContinue = false;
+      }
+    } else {
+      if (!bump && defaultBump === 'false') {
+        shouldContinue = false;
+      }
+    }
+
+    // Default bump is set to false and we did not find an automatic bump
+    if (!shouldContinue) {
       core.debug(
         'No commit specifies the version bump. Skipping the tag creation.'
       );
       return;
     }
 
+    // If we don't have an automatic bump for the prerelease, just set our bump as the default
+    if (isPrerelease && !bump) {
+      bump = defaultPreReleaseBump;
+    }
+
     // If somebody uses custom release rules on a prerelease branch they might create a 'preprepatch' bump.
     const preReg = /^pre/;
     if (isPrerelease && preReg.test(bump)) {
@@ -138,7 +165,7 @@ export default async function main() {
     }
 
     const releaseType: ReleaseType = isPrerelease
-      ? `pre${bump || defaultBump}`
+      ? `pre${bump}`
       : bump || defaultBump;
     core.setOutput('release_type', releaseType);
 
@@ -175,7 +202,7 @@ export default async function main() {
       commits,
       logger: { log: console.info.bind(console) },
       options: {
-        repositoryUrl: `https://github.com/${process.env.GITHUB_REPOSITORY}`,
+        repositoryUrl: `${process.env.GITHUB_SERVER_URL}/${process.env.GITHUB_REPOSITORY}`,
       },
       lastRelease: { gitTag: latestTag.name },
       nextRelease: { gitTag: newTag, version: newVersion },
@@ -201,5 +228,5 @@ export default async function main() {
     return;
   }
 
-  await createTag(newTag, createAnnotatedTag, GITHUB_SHA);
+  await createTag(newTag, createAnnotatedTag, commitRef);
 }

src/defaults.ts

@@ -17,17 +17,16 @@ type ChangelogRule = {
  * https://github.com/conventional-changelog/conventional-changelog/blob/master/packages/conventional-changelog-angular/writer-opts.js
  * https://github.com/conventional-changelog/conventional-changelog/blob/master/packages/conventional-changelog-conventionalcommits/writer-opts.js
  */
-export const defaultChangelogRules: Readonly<
-  Record<string, ChangelogRule>
-> = Object.freeze({
-  feat: { type: 'feat', section: 'Features' },
-  fix: { type: 'fix', section: 'Bug Fixes' },
-  perf: { type: 'perf', section: 'Performance Improvements' },
-  revert: { type: 'revert', section: 'Reverts' },
-  docs: { type: 'docs', section: 'Documentation' },
-  style: { type: 'style', section: 'Styles' },
-  refactor: { type: 'refactor', section: 'Code Refactoring' },
-  test: { type: 'test', section: 'Tests' },
-  build: { type: 'build', section: 'Build Systems' },
-  ci: { type: 'ci', section: 'Continuous Integration' },
-});
+export const defaultChangelogRules: Readonly<Record<string, ChangelogRule>> =
+  Object.freeze({
+    feat: { type: 'feat', section: 'Features' },
+    fix: { type: 'fix', section: 'Bug Fixes' },
+    perf: { type: 'perf', section: 'Performance Improvements' },
+    revert: { type: 'revert', section: 'Reverts' },
+    docs: { type: 'docs', section: 'Documentation' },
+    style: { type: 'style', section: 'Styles' },
+    refactor: { type: 'refactor', section: 'Code Refactoring' },
+    test: { type: 'test', section: 'Tests' },
+    build: { type: 'build', section: 'Build Systems' },
+    ci: { type: 'ci', section: 'Continuous Integration' },
+  });

src/main.ts

@@ -4,7 +4,7 @@ import action from './action';
 async function run() {
   try {
     await action();
-  } catch (error) {
+  } catch (error: any) {
     core.setFailed(error.message);
   }
 }

src/utils.ts

@@ -15,13 +15,17 @@ export async function getValidTags(
   const tags = await listTags(shouldFetchAllTags);
 
   const invalidTags = tags.filter(
-    (tag) => !valid(tag.name.replace(prefixRegex, ''))
+    (tag) =>
+      !prefixRegex.test(tag.name) || !valid(tag.name.replace(prefixRegex, ''))
   );
 
   invalidTags.forEach((name) => core.debug(`Found Invalid Tag: ${name}.`));
 
   const validTags = tags
-    .filter((tag) => valid(tag.name.replace(prefixRegex, '')))
+    .filter(
+      (tag) =>
+        prefixRegex.test(tag.name) && valid(tag.name.replace(prefixRegex, ''))
+    )
     .sort((a, b) =>
       rcompare(a.name.replace(prefixRegex, ''), b.name.replace(prefixRegex, ''))
     );
@@ -31,7 +35,10 @@ export async function getValidTags(
   return validTags;
 }
 
-export async function getCommits(baseRef: string, headRef: string) {
+export async function getCommits(
+  baseRef: string,
+  headRef: string
+): Promise<{ message: string; hash: string | null }[]> {
   const commits = await compareCommits(baseRef, headRef);
 
   return commits
@@ -56,7 +63,11 @@ export function getLatestTag(
   tagPrefix: string
 ) {
   return (
-    tags.find((tag) => !prerelease(tag.name.replace(prefixRegex, ''))) || {
+    tags.find(
+      (tag) =>
+        prefixRegex.test(tag.name) &&
+        !prerelease(tag.name.replace(prefixRegex, ''))
+    ) || {
       name: `${tagPrefix}0.0.0`,
       commit: {
         sha: 'HEAD',
@@ -111,9 +122,8 @@ export function mapCustomReleaseRules(customReleaseTypes: string) {
       return true;
     })
     .map((customReleaseRule) => {
-      const [type, release, section] = customReleaseRule.split(
-        releaseTypeSeparator
-      );
+      const [type, release, section] =
+        customReleaseRule.split(releaseTypeSeparator);
       const defaultRule = defaultChangelogRules[type.toLowerCase()];
 
       return {

tests/action.test.ts

@@ -7,12 +7,17 @@ import {
   setBranch,
   setCommitSha,
   setInput,
+  setRepository,
 } from './helper.test';
 
 jest.spyOn(core, 'debug').mockImplementation(() => {});
 jest.spyOn(core, 'info').mockImplementation(() => {});
 jest.spyOn(console, 'info').mockImplementation(() => {});
 
+beforeAll(() => {
+  setRepository('https://github.com', 'org/repo');
+});
+
 const mockCreateTag = jest
   .spyOn(github, 'createTag')
   .mockResolvedValue(undefined);
@@ -448,6 +453,80 @@ describe('github-tag-action', () => {
       setInput('pre_release_branches', 'prerelease');
     });
 
+    it('does not create tag without commits and default_bump set to false', async () => {
+      /*
+       * Given
+       */
+      setInput('default_prerelease_bump', 'false');
+      const commits: any[] = [];
+      jest
+        .spyOn(utils, 'getCommits')
+        .mockImplementation(async (sha) => commits);
+
+      const validTags = [
+        {
+          name: 'v1.2.3',
+          commit: { sha: '012345', url: '' },
+          zipball_url: '',
+          tarball_url: 'string',
+          node_id: 'string',
+        },
+      ];
+      jest
+        .spyOn(utils, 'getValidTags')
+        .mockImplementation(async () => validTags);
+
+      /*
+       * When
+       */
+      await action();
+
+      /*
+       * Then
+       */
+      expect(mockCreateTag).not.toBeCalled();
+      expect(mockSetFailed).not.toBeCalled();
+    });
+
+    it('does create prerelease tag', async () => {
+      /*
+       * Given
+       */
+      setInput('default_prerelease_bump', 'prerelease');
+      const commits = [{ message: 'this is my first fix', hash: null }];
+      jest
+        .spyOn(utils, 'getCommits')
+        .mockImplementation(async (sha) => commits);
+
+      const validTags = [
+        {
+          name: 'v1.2.3',
+          commit: { sha: '012345', url: '' },
+          zipball_url: '',
+          tarball_url: 'string',
+          node_id: 'string',
+        },
+      ];
+      jest
+        .spyOn(utils, 'getValidTags')
+        .mockImplementation(async () => validTags);
+
+      /*
+       * When
+       */
+      await action();
+
+      /*
+       * Then
+       */
+      expect(mockCreateTag).toHaveBeenCalledWith(
+        'v1.2.4-prerelease.0',
+        expect.any(Boolean),
+        expect.any(String)
+      );
+      expect(mockSetFailed).not.toBeCalled();
+    });
+
     it('does create prepatch tag', async () => {
       /*
        * Given

tests/helper.test.ts

@@ -2,6 +2,14 @@ import yaml from 'js-yaml';
 import fs from 'fs';
 import path from 'path';
 
+export function setRepository(
+  GITHUB_SERVER_URL: string,
+  GITHUB_REPOSITORY: string
+) {
+  process.env['GITHUB_SERVER_URL'] = GITHUB_SERVER_URL;
+  process.env['GITHUB_REPOSITORY'] = GITHUB_REPOSITORY;
+}
+
 export function setBranch(branch: string) {
   process.env['GITHUB_REF'] = `refs/heads/${branch}`;
 }
@@ -23,7 +31,7 @@ export function loadDefaultInputs() {
     path.join(process.cwd(), 'action.yml'),
     'utf-8'
   );
-  const actionJson = yaml.safeLoad(actionYaml) as {
+  const actionJson = yaml.load(actionYaml) as {
     inputs: { [key: string]: { default?: string } };
   };
   const defaultInputs = Object.keys(actionJson['inputs'])

tests/utils.test.ts

@@ -57,7 +57,7 @@ describe('utils', () => {
         node_id: 'string',
       },
       {
-        name: '1.2.3',
+        name: 'v1.2.3',
         commit: { sha: 'string', url: 'string' },
         zipball_url: 'string',
         tarball_url: 'string',
@@ -86,28 +86,28 @@ describe('utils', () => {
      */
     const testTags = [
       {
-        name: '1.2.4-prerelease.1',
+        name: 'v1.2.4-prerelease.1',
         commit: { sha: 'string', url: 'string' },
         zipball_url: 'string',
         tarball_url: 'string',
         node_id: 'string',
       },
       {
-        name: '1.2.4-prerelease.2',
+        name: 'v1.2.4-prerelease.2',
         commit: { sha: 'string', url: 'string' },
         zipball_url: 'string',
         tarball_url: 'string',
         node_id: 'string',
       },
       {
-        name: '1.2.4-prerelease.0',
+        name: 'v1.2.4-prerelease.0',
         commit: { sha: 'string', url: 'string' },
         zipball_url: 'string',
         tarball_url: 'string',
         node_id: 'string',
       },
       {
-        name: '1.2.3',
+        name: 'v1.2.3',
         commit: { sha: 'string', url: 'string' },
         zipball_url: 'string',
         tarball_url: 'string',
@@ -128,7 +128,55 @@ describe('utils', () => {
      */
     expect(mockListTags).toHaveBeenCalled();
     expect(validTags[0]).toEqual({
-      name: '1.2.4-prerelease.2',
+      name: 'v1.2.4-prerelease.2',
+      commit: { sha: 'string', url: 'string' },
+      zipball_url: 'string',
+      tarball_url: 'string',
+      node_id: 'string',
+    });
+  });
+
+  it('returns only prefixed tags', async () => {
+    /*
+     * Given
+     */
+    const testTags = [
+      {
+        name: 'app2/5.0.0',
+        commit: { sha: 'string', url: 'string' },
+        zipball_url: 'string',
+        tarball_url: 'string',
+        node_id: 'string',
+      },
+      {
+        name: '7.0.0',
+        commit: { sha: 'string', url: 'string' },
+        zipball_url: 'string',
+        tarball_url: 'string',
+        node_id: 'string',
+      },
+      {
+        name: 'app1/3.0.0',
+        commit: { sha: 'string', url: 'string' },
+        zipball_url: 'string',
+        tarball_url: 'string',
+        node_id: 'string',
+      },
+    ];
+    const mockListTags = jest
+      .spyOn(github, 'listTags')
+      .mockImplementation(async () => testTags);
+    /*
+     * When
+     */
+    const validTags = await getValidTags(/^app1\//, false);
+    /*
+     * Then
+     */
+    expect(mockListTags).toHaveBeenCalled();
+    expect(validTags).toHaveLength(1);
+    expect(validTags[0]).toEqual({
+      name: 'app1/3.0.0',
       commit: { sha: 'string', url: 'string' },
       zipball_url: 'string',
       tarball_url: 'string',