Merge pull request #1782 from forcedotcom/release-5.0.0

RELEASE @W-18117811@ Conducting v5.0.0 release

Author: randi274

.github/ISSUE_TEMPLATE/0-code_analyzer_bug.yml

@@ -74,7 +74,7 @@ body:
       description: |
         What do you get from the command "sf plugins"?
       placeholder: |
-        Example: code-analyzer 5.0.0-beta.0
+        Example: code-analyzer 5.0.0
     validations:
       required: true
   - type: input

.github/workflows/apply-npm-tag-to-version.yml

@@ -8,13 +8,14 @@ on:
         type: choice
         options:
           - '@salesforce/plugin-code-analyzer'
-          - '@salesforce/sfdx-scanner'
+          # TODO: Remove after April Release
+          - '@salesforce/sfdx-scanner' 
       tag_name:
         description: 'Tag Name (ex: latest):'
         required: true
         type: string
       version:
-        description: 'Version (ex: 4.8.0):'
+        description: 'Version (ex: 5.2.0):'
         required: true
         type: string
       confirm:

.github/workflows/automated-release-tasks.yml

@@ -31,17 +31,22 @@ jobs:
     needs: verify-should-run
     if: ${{ needs.verify-should-run.outputs.should-run == 'true' }}
     steps:
-      - name: Invoke v5 beta workflow
+      - name: Invoke v5 workflow
         uses: actions/github-script@v6
         with:
           github-token: ${{ secrets.SVC_CLI_BOT_GITHUB_TOKEN }}
+          # TODO: remove inputs after April Release; will default to minor
           script: |
             await github.rest.actions.createWorkflowDispatch({
               owner: context.repo.owner,
               repo: context.repo.repo,
               workflow_id: 'create-release-branch.yml',
-              ref: 'dev'
+              ref: 'dev',
+              inputs: {
+                "release-type": "patch"
+              }
             });
+# TODO: Remove this after last v4.x release in April
   create-v4-release-branch:
     runs-on: macos-latest
     needs: verify-should-run

.github/workflows/create-release-branch.yml

@@ -1,6 +1,17 @@
 name: create-release-branch
 on:
   workflow_dispatch:
+    inputs:
+      # When the workflow is executed manually, the user can select whether the branch should correspond to a major,
+      # minor, or patch release.
+      release-type:
+        type: choice
+        description: What kind of release?
+        options:
+          - major
+          - minor
+          - patch
+        required: true
 
 jobs:
   create-release-branch:
@@ -20,11 +31,19 @@ jobs:
       - uses: actions/setup-node@v4
         with:
           node-version: 'lts/*' # Always use Node LTS for building dependencies.
-      - run: yarn
+      - run: npm install
       # Increment the version as desired locally, without actually committing anything.
       - name: Locally increment version
         run: |
-          npm --no-git-tag-version version prerelease --preid beta
+          # A workflow dispatch event lets the user specify what release type they want.
+          if [[ "${{ github.event_name }}" = "workflow_dispatch" ]]; then
+            RELEASE_TYPE=${{ github.event.inputs.release-type }}
+          # The regularly scheduled releases are always minor.
+          else
+            RELEASE_TYPE=minor
+          fi
+          # Increment the version as needed.
+          npm --no-git-tag-version version $RELEASE_TYPE
       # The branch protection rule for `release-x.y.z` branches prevents pushing commits directly. To work around this,
       # we create an interim branch that we _can_ push commits to, and we'll do our version bookkeeping in that branch
       # instead.

.github/workflows/daily-smoke-tests-v4.yml

@@ -0,0 +1,29 @@
+#TODO: remove v4 with April Release
+name: daily-smoke-tests-v4
+on:
+  workflow_dispatch: # As per documentation, the colon is necessary even though no config is required.
+  schedule:
+    # Cron syntax is "minute[0-59] hour[0-23] date[1-31] month[1-12] day[0-6]". '*' is 'any value,' and multiple values
+    # can be specified with comma-separated lists. All times are UTC.
+    # So this expression means "run at 13:30 UTC every day". This time was chosen because it corresponds to
+    # 8:30AM CDT, meaning that any issues will be surfaced before the start of business.
+    - cron: "30 13 * * *"
+jobs:
+  smoke-test:
+    uses: ./.github/workflows/run-tests.yml
+    with:
+      node-matrix: "[{version: 'lts/*', artifact: 'lts'}, {version: 'latest', artifact: 'latest'}]"
+  v4-smoke-test:
+    runs-on: macos-latest
+    steps:
+      - name: Invoke v4 smoke tests
+        uses: actions/github-script@v6
+        with:
+          github-token: ${{ secrets.SVC_CLI_BOT_GITHUB_TOKEN }}
+          script: |
+            await github.rest.actions.createWorkflowDispatch({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              workflow_id: 'daily-smoke-tests.yml',
+              ref: 'dev-4'
+            });

.github/workflows/daily-smoke-tests.yml

@@ -1,6 +1,6 @@
 name: daily-smoke-tests
 on:
-  workflow_dispatch: # As per documentation, the colon is necessary even though no config is required.
+  workflow_dispatch:
   schedule:
     # Cron syntax is "minute[0-59] hour[0-23] date[1-31] month[1-12] day[0-6]". '*' is 'any value,' and multiple values
     # can be specified with comma-separated lists. All times are UTC.
@@ -9,20 +9,8 @@ on:
     - cron: "30 13 * * *"
 jobs:
   smoke-test:
+  # We run the daily smoke tests against 'dev' to validate that the code currently in development is still valid
     uses: ./.github/workflows/run-tests.yml
     with:
       node-matrix: "[{version: 'lts/*', artifact: 'lts'}, {version: 'latest', artifact: 'latest'}]"
-  v4-smoke-test:
-    runs-on: macos-latest
-    steps:
-      - name: Invoke v4 smoke tests
-        uses: actions/github-script@v6
-        with:
-          github-token: ${{ secrets.SVC_CLI_BOT_GITHUB_TOKEN }}
-          script: |
-            await github.rest.actions.createWorkflowDispatch({
-              owner: context.repo.owner,
-              repo: context.repo.repo,
-              workflow_id: 'daily-smoke-tests.yml',
-              ref: 'dev-4'
-            });
+      target-branch: dev

.github/workflows/publish-to-npm.yml

@@ -53,7 +53,7 @@ jobs:
     with:
       ctc: false # We've been told we don't have to care about this until someone makes us care.
       sign: true
-      tag: latest-beta-rc # Publish as a release candidate, so we can do our validations against it.
+      tag: latest-rc # Publish as a release candidate, so we can do our validations against it.
       githubTag: ${{ github.event.release.tag_name || inputs.tag }}
     secrets: inherit
   # Step 3: Run smoke tests against the release candidate.
@@ -84,7 +84,7 @@ jobs:
           python-version: '>=3.10'
       # Install SF, and the release candidate version.
       - run: npm install -g @salesforce/cli
-      - run: sf plugins install @salesforce/plugin-code-analyzer@latest-beta-rc
+      - run: sf plugins install @salesforce/plugin-code-analyzer@latest-rc
       # Log the installed plugins for easier debugging.
       - run: sf plugins
       # Attempt to run the smoke tests.
@@ -105,7 +105,6 @@ jobs:
           node-version: 'lts/*'
       - run: |
           echo "//registry.npmjs.org/:_authToken=${{ secrets.NPM_TOKEN }}" > ~/.npmrc
-          npm dist-tag add @salesforce/plugin-code-analyzer@${{ github.event.release.tag_name || inputs.tag }} latest-beta
           npm dist-tag add @salesforce/plugin-code-analyzer@${{ github.event.release.tag_name || inputs.tag }} latest
   # Step 5: Create a Pull Request for merging `main` into `dev`
   create-main2dev-pull-request:

.github/workflows/run-tests.yml

@@ -33,11 +33,11 @@ jobs:
       - uses: actions/setup-node@v4
         with:
           node-version: ${{ matrix.node.version }}
-      - run: yarn
-      - run: yarn build
-      - run: yarn test
+      - run: npm install
+      - run: npm run build
+      - run: npm run test
         id: jest-tests
-      - run: yarn lint
+      - run: npm run lint
       - name: Upload full artifact
         if: ${{ always() }}
         uses: actions/upload-artifact@v4
@@ -61,8 +61,8 @@ jobs:
         with:
           node-version: 'lts/*' # Always use Node LTS for building the tarball
       # Install/build dependencies
-      - run: yarn
-      - run: yarn build
+      - run: npm install
+      - run: npm run build
       # Create the tarball
       - run: npm pack
       # Upload the tarball as an artifact
@@ -115,7 +115,7 @@ jobs:
         shell: bash
         run: |
           # We need to determine the Tarball's name first.
-          TARBALL_NAME=$(ls ~/downloads/tarball | grep salesforce-plugin-code-analyzer-5\\.0\\.0-beta\\.[0-9]*\\.tgz)
+          TARBALL_NAME=$(ls ~/downloads/tarball | grep salesforce-plugin-code-analyzer-.*\\.tgz)
           # We need to determine the Tarball's location in an installable way.
           # Get the path to the download folder. Swap out backslashes for forward slashes to ensure Windows compatibility.
           RAW_TARBALL_PATH=`echo '${{ steps.download.outputs.download-path }}' | tr '\\' '/'`
@@ -130,4 +130,3 @@ jobs:
         with:
           name: smoke-test-results-${{ runner.os }}-node-${{ matrix.node.artifact }}
           path: smoke-test-results
-

.github/workflows/validate-pr.yml

@@ -6,6 +6,7 @@ on:
 jobs:
   # We want to prevent cross-contamination between the 4.x and 5.x pipelines. So we should prevent PRs
   # based on this flow to merge into `dev-4` or `main-4`.
+  # TODO: Remove this after the April release, since we won't care after that to maintain v4
   verify_target_branch:
     runs-on: ubuntu-latest
     steps:

.gitignore

@@ -8,7 +8,6 @@
 /.nyc_output
 /dist
 /lib
-/package-lock.json
 /tmp
 node_modules
 /out
@@ -161,4 +160,4 @@ sfge*.log.gz
 
 npm-shrinkwrap.json
 
-.npmrc
+.npmrc