From 7784a33cf39b8f3a96c799640dbe1c47c7fa864d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 30 Apr 2026 23:53:32 +0000 Subject: [PATCH 1/2] chore: bump @npmcli/template-oss from 4.24.1 to 4.30.0 Bumps [@npmcli/template-oss](https://github.com/npm/template-oss) from 4.24.1 to 4.30.0. - [Release notes](https://github.com/npm/template-oss/releases) - [Changelog](https://github.com/npm/template-oss/blob/main/CHANGELOG.md) - [Commits](https://github.com/npm/template-oss/compare/v4.24.1...v4.30.0) --- updated-dependencies: - dependency-name: "@npmcli/template-oss" dependency-version: 4.30.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 6a8083b..bb85ef6 100644 --- a/package.json +++ b/package.json @@ -32,7 +32,7 @@ }, "devDependencies": { "@npmcli/eslint-config": "^5.0.0", - "@npmcli/template-oss": "4.24.1", + "@npmcli/template-oss": "4.30.0", "npm-package-arg": "^13.0.0", "slash": "^3.0.0", "tap": "^16.0.1" From f92b39e31ff86cd556d23cca9be07487f0c81e7a Mon Sep 17 00:00:00 2001 From: Michael Smith Date: Fri, 1 May 2026 08:22:32 -0700 Subject: [PATCH 2/2] chore: template-oss-apply --- .github/workflows/audit.yml | 7 +++---- .github/workflows/ci-release.yml | 22 +++++++++------------- .github/workflows/ci.yml | 21 ++++++++------------- .github/workflows/codeql-analysis.yml | 3 +++ .github/workflows/post-dependabot.yml | 6 +----- .github/workflows/pull-request.yml | 7 +++---- .github/workflows/release-integration.yml | 8 ++++---- .github/workflows/release.yml | 9 +-------- .gitignore | 1 + package.json | 5 +++-- 10 files changed, 36 insertions(+), 53 deletions(-) diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index a3ae725..628ed3b 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -8,6 +8,9 @@ on: # "At 08:00 UTC (01:00 PT) on Monday" https://crontab.guru/#0_8_*_*_1 - cron: "0 8 * * 1" +permissions: + contents: read + jobs: audit: name: Audit Dependencies @@ -29,10 +32,6 @@ jobs: with: node-version: 22.x check-latest: contains('22.x', '.x') - - name: Install Latest npm - uses: ./.github/actions/install-latest-npm - with: - node: ${{ steps.node.outputs.node-version }} - name: Install Dependencies run: npm i --ignore-scripts --no-audit --no-fund --package-lock - name: Run Production Audit diff --git a/.github/workflows/ci-release.yml b/.github/workflows/ci-release.yml index 3e275fe..1284dd6 100644 --- a/.github/workflows/ci-release.yml +++ b/.github/workflows/ci-release.yml @@ -18,6 +18,10 @@ on: required: true type: string +permissions: + contents: read + checks: write + jobs: lint-all: name: Lint All @@ -49,10 +53,6 @@ jobs: with: node-version: 22.x check-latest: contains('22.x', '.x') - - name: Install Latest npm - uses: ./.github/actions/install-latest-npm - with: - node: ${{ steps.node.outputs.node-version }} - name: Install Dependencies run: npm i --ignore-scripts --no-audit --no-fund - name: Lint @@ -81,7 +81,7 @@ jobs: os: macos-latest shell: bash - name: macOS - os: macos-13 + os: macos-15-intel shell: bash - name: Windows os: windows-latest @@ -92,13 +92,13 @@ jobs: - 22.9.0 - 22.x exclude: - - platform: { name: macOS, os: macos-13, shell: bash } + - platform: { name: macOS, os: macos-15-intel, shell: bash } node-version: 20.17.0 - - platform: { name: macOS, os: macos-13, shell: bash } + - platform: { name: macOS, os: macos-15-intel, shell: bash } node-version: 20.x - - platform: { name: macOS, os: macos-13, shell: bash } + - platform: { name: macOS, os: macos-15-intel, shell: bash } node-version: 22.9.0 - - platform: { name: macOS, os: macos-13, shell: bash } + - platform: { name: macOS, os: macos-15-intel, shell: bash } node-version: 22.x runs-on: ${{ matrix.platform.os }} defaults: @@ -127,10 +127,6 @@ jobs: with: node-version: ${{ matrix.node-version }} check-latest: contains(matrix.node-version, '.x') - - name: Install Latest npm - uses: ./.github/actions/install-latest-npm - with: - node: ${{ steps.node.outputs.node-version }} - name: Install Dependencies run: npm i --ignore-scripts --no-audit --no-fund - name: Add Problem Matcher diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ce92ea4..bd4e34d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -12,6 +12,9 @@ on: # "At 09:00 UTC (02:00 PT) on Monday" https://crontab.guru/#0_9_*_*_1 - cron: "0 9 * * 1" +permissions: + contents: read + jobs: lint: name: Lint @@ -33,10 +36,6 @@ jobs: with: node-version: 22.x check-latest: contains('22.x', '.x') - - name: Install Latest npm - uses: ./.github/actions/install-latest-npm - with: - node: ${{ steps.node.outputs.node-version }} - name: Install Dependencies run: npm i --ignore-scripts --no-audit --no-fund - name: Lint @@ -58,7 +57,7 @@ jobs: os: macos-latest shell: bash - name: macOS - os: macos-13 + os: macos-15-intel shell: bash - name: Windows os: windows-latest @@ -69,13 +68,13 @@ jobs: - 22.9.0 - 22.x exclude: - - platform: { name: macOS, os: macos-13, shell: bash } + - platform: { name: macOS, os: macos-15-intel, shell: bash } node-version: 20.17.0 - - platform: { name: macOS, os: macos-13, shell: bash } + - platform: { name: macOS, os: macos-15-intel, shell: bash } node-version: 20.x - - platform: { name: macOS, os: macos-13, shell: bash } + - platform: { name: macOS, os: macos-15-intel, shell: bash } node-version: 22.9.0 - - platform: { name: macOS, os: macos-13, shell: bash } + - platform: { name: macOS, os: macos-15-intel, shell: bash } node-version: 22.x runs-on: ${{ matrix.platform.os }} defaults: @@ -94,10 +93,6 @@ jobs: with: node-version: ${{ matrix.node-version }} check-latest: contains(matrix.node-version, '.x') - - name: Install Latest npm - uses: ./.github/actions/install-latest-npm - with: - node: ${{ steps.node.outputs.node-version }} - name: Install Dependencies run: npm i --ignore-scripts --no-audit --no-fund - name: Add Problem Matcher diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 15c8efe..af848e1 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -13,6 +13,9 @@ on: # "At 10:00 UTC (03:00 PT) on Monday" https://crontab.guru/#0_10_*_*_1 - cron: "0 10 * * 1" +permissions: + contents: read + jobs: analyze: name: Analyze diff --git a/.github/workflows/post-dependabot.yml b/.github/workflows/post-dependabot.yml index 1ea8693..8439f84 100644 --- a/.github/workflows/post-dependabot.yml +++ b/.github/workflows/post-dependabot.yml @@ -30,10 +30,6 @@ jobs: with: node-version: 22.x check-latest: contains('22.x', '.x') - - name: Install Latest npm - uses: ./.github/actions/install-latest-npm - with: - node: ${{ steps.node.outputs.node-version }} - name: Install Dependencies run: npm i --ignore-scripts --no-audit --no-fund - name: Fetch Dependabot Metadata @@ -54,7 +50,7 @@ jobs: else # strip leading slash from directory so it works as a # a path to the workspace flag - echo "workspace=-w ${dependabot_dir#/}" >> $GITHUB_OUTPUT + echo "workspace=--workspace ${dependabot_dir#/}" >> $GITHUB_OUTPUT fi - name: Apply Changes diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml index 7dbdfd4..bb7672c 100644 --- a/.github/workflows/pull-request.yml +++ b/.github/workflows/pull-request.yml @@ -10,6 +10,9 @@ on: - edited - synchronize +permissions: + contents: read + jobs: commitlint: name: Lint Commits @@ -33,10 +36,6 @@ jobs: with: node-version: 22.x check-latest: contains('22.x', '.x') - - name: Install Latest npm - uses: ./.github/actions/install-latest-npm - with: - node: ${{ steps.node.outputs.node-version }} - name: Install Dependencies run: npm i --ignore-scripts --no-audit --no-fund - name: Run Commitlint on Commits diff --git a/.github/workflows/release-integration.yml b/.github/workflows/release-integration.yml index 130578e..6d7fc3e 100644 --- a/.github/workflows/release-integration.yml +++ b/.github/workflows/release-integration.yml @@ -19,6 +19,10 @@ on: PUBLISH_TOKEN: required: true +permissions: + contents: read + id-token: write + jobs: publish: name: Publish @@ -43,10 +47,6 @@ jobs: with: node-version: 22.x check-latest: contains('22.x', '.x') - - name: Install Latest npm - uses: ./.github/actions/install-latest-npm - with: - node: ${{ steps.node.outputs.node-version }} - name: Install Dependencies run: npm i --ignore-scripts --no-audit --no-fund - name: Set npm authToken diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 75acebb..15a528d 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -41,10 +41,6 @@ jobs: with: node-version: 22.x check-latest: contains('22.x', '.x') - - name: Install Latest npm - uses: ./.github/actions/install-latest-npm - with: - node: ${{ steps.node.outputs.node-version }} - name: Install Dependencies run: npm i --ignore-scripts --no-audit --no-fund - name: Release Please @@ -121,10 +117,6 @@ jobs: with: node-version: 22.x check-latest: contains('22.x', '.x') - - name: Install Latest npm - uses: ./.github/actions/install-latest-npm - with: - node: ${{ steps.node.outputs.node-version }} - name: Install Dependencies run: npm i --ignore-scripts --no-audit --no-fund - name: Create Release Manager Checklist Text @@ -244,6 +236,7 @@ jobs: if: needs.release.outputs.releases uses: ./.github/workflows/release-integration.yml permissions: + contents: read id-token: write secrets: PUBLISH_TOKEN: ${{ secrets.PUBLISH_TOKEN }} diff --git a/.gitignore b/.gitignore index 2bab6d1..dedbc77 100644 --- a/.gitignore +++ b/.gitignore @@ -5,6 +5,7 @@ !**/.gitignore !/.commitlintrc.js +!/.eslint.config.js !/.eslintrc.js !/.eslintrc.local.* !/.git-blame-ignore-revs diff --git a/package.json b/package.json index bb85ef6..828c36b 100644 --- a/package.json +++ b/package.json @@ -52,7 +52,8 @@ }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.24.1", - "publish": true + "version": "4.30.0", + "publish": true, + "updateNpm": false } }