feat(repo): merge master from [email protected]:supabase/auth-js.git

Author: mandarini

packages/core/auth-js/.eslintrc.json

@@ -0,0 +1,19 @@
+{
+  "env": {
+    "browser": true,
+    "es2021": true
+  },
+  "extends": ["eslint:recommended", "plugin:@typescript-eslint/recommended", "prettier"],
+  "parser": "@typescript-eslint/parser",
+  "parserOptions": {
+    "ecmaVersion": 12,
+    "sourceType": "module"
+  },
+  "plugins": ["@typescript-eslint"],
+  "ignorePatterns": ["*.md", "test/__snapshots__/**/*"],
+  "rules": {
+    "comma-dangle": "off",
+    "@typescript-eslint/no-explicit-any": "off",
+    "@typescript-eslint/ban-types": "off"
+  }
+}

packages/core/auth-js/.github/workflows/ci.yml

@@ -0,0 +1,46 @@
+name: CI
+
+on:
+  pull_request:
+  push:
+    branches:
+      - master
+      - next
+      - rc
+  workflow_dispatch:
+
+jobs:
+  test:
+    name: Test / OS ${{ matrix.os }} / Node ${{ matrix.node }}
+    strategy:
+      matrix:
+        os: [ubuntu-latest]
+        node: ["18", "20"]
+
+    runs-on: ${{ matrix.os }}
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Set up Node
+        uses: actions/setup-node@v4
+        with:
+          node-version: ${{ matrix.node }}
+
+      - name: Build
+        run: |
+          npm ci
+          npm run build
+
+      - name: Run tests
+        run: |
+          cd test && npm ci && cd ..
+          npm t
+
+      - name: Upload coverage results to Coveralls
+        uses: coverallsapp/github-action@v2
+        with:
+          fail-on-error: false
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          path-to-lcov: ./test/coverage/lcov.info
+          base-path: ./src

packages/core/auth-js/.github/workflows/conventional-commits-lint.js

@@ -0,0 +1,101 @@
+"use strict";
+
+const fs = require("fs");
+
+const TITLE_PATTERN =
+  /^(?<prefix>[^:!(]+)(?<package>\([^)]+\))?(?<breaking>[!])?:.+$/;
+const RELEASE_AS_DIRECTIVE = /^\s*Release-As:/im;
+const BREAKING_CHANGE_DIRECTIVE = /^\s*BREAKING[ \t]+CHANGE:/im;
+
+const ALLOWED_CONVENTIONAL_COMMIT_PREFIXES = [
+  "feat",
+  "fix",
+  "ci",
+  "docs",
+  "chore",
+];
+
+const object = process.argv[2];
+const payload = JSON.parse(fs.readFileSync(process.argv[3], "utf-8"));
+
+let validate = [];
+
+if (object === "pr") {
+  validate.push({
+    title: payload.pull_request.title,
+    content: payload.pull_request.body,
+  });
+} else if (object === "push") {
+  validate.push(
+    ...payload.commits.map((commit) => ({
+      title: commit.message.split("\n")[0],
+      content: commit.message,
+    })),
+  );
+} else {
+  console.error(
+    `Unknown object for first argument "${object}", use 'pr' or 'push'.`,
+  );
+  process.exit(0);
+}
+
+let failed = false;
+
+validate.forEach((payload) => {
+  if (payload.title) {
+    const { groups } = payload.title.match(TITLE_PATTERN);
+
+    if (groups) {
+      if (groups.breaking) {
+        console.error(
+          `PRs are not allowed to declare breaking changes at this stage of the project. Please remove the ! in your PR title or commit message and adjust the functionality to be backward compatible.`,
+        );
+        failed = true;
+      }
+
+      if (
+        !ALLOWED_CONVENTIONAL_COMMIT_PREFIXES.find(
+          (prefix) => prefix === groups.prefix,
+        )
+      ) {
+        console.error(
+          `PR (or a commit in it) is using a disallowed conventional commit prefix ("${groups.prefix}"). Only ${ALLOWED_CONVENTIONAL_COMMIT_PREFIXES.join(", ")} are allowed. Make sure the prefix is lowercase!`,
+        );
+        failed = true;
+      }
+
+      if (groups.package && groups.prefix !== "chore") {
+        console.warn(
+          "Avoid using package specifications in PR titles or commits except for the `chore` prefix.",
+        );
+      }
+    } else {
+      console.error(
+        "PR or commit title must match conventional commit structure.",
+      );
+      failed = true;
+    }
+  }
+
+  if (payload.content) {
+    if (payload.content.match(RELEASE_AS_DIRECTIVE)) {
+      console.error(
+        "PR descriptions or commit messages must not contain Release-As conventional commit directives.",
+      );
+      failed = true;
+    }
+
+    if (payload.content.match(BREAKING_CHANGE_DIRECTIVE)) {
+      console.error(
+        "PR descriptions or commit messages must not contain a BREAKING CHANGE conventional commit directive. Please adjust the functionality to be backward compatible.",
+      );
+      failed = true;
+    }
+  }
+});
+
+if (failed) {
+  process.exit(1);
+}
+
+process.exit(0);

packages/core/auth-js/.github/workflows/conventional-commits.yml

@@ -0,0 +1,47 @@
+name: Check pull requests
+
+on:
+  push:
+    branches-ignore: # Run the checks on all branches but the protected ones
+      - master
+      - release/*
+
+  pull_request_target:
+    branches:
+      - master
+      - release/*
+    types:
+      - opened
+      - edited
+      - reopened
+      - ready_for_review
+
+permissions: 
+  contents: read
+
+jobs:
+  check-conventional-commits:
+    runs-on: ubuntu-latest
+    if: github.actor != 'dependabot[bot]' # skip for dependabot PRs
+    env:
+      EVENT: ${{ toJSON(github.event) }}
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          sparse-checkout: |
+            .github
+
+      - if: ${{ github.event_name == 'pull_request_target' }}
+        run: |
+          set -ex
+          TMP_FILE=$(mktemp)
+          echo "${EVENT}" > "$TMP_FILE"
+          node .github/workflows/conventional-commits-lint.js pr "${TMP_FILE}"
+
+      - if: ${{ github.event_name == 'push' }}
+        run: |
+          set -ex
+
+          TMP_FILE=$(mktemp)
+          echo "${EVENT}" > "$TMP_FILE"
+          node .github/workflows/conventional-commits-lint.js push "${TMP_FILE}"

packages/core/auth-js/.github/workflows/docs.yml

@@ -0,0 +1,38 @@
+name: Docs
+
+on:
+  push:
+    branches:
+      - master
+  workflow_dispatch:
+
+jobs:
+  docs:
+    name: Publish docs / OS ${{ matrix.os }} / Node ${{ matrix.node }}
+    strategy:
+      matrix:
+        os: [ubuntu-latest]
+        node: ['20']
+
+    runs-on: ${{ matrix.os }}
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Set up Node
+        uses: actions/setup-node@v1
+        with:
+          node-version: ${{ matrix.node }}
+
+      - run: |
+          npm ci
+          npm run docs
+          npm run docs:json
+
+      - name: Publish
+        uses: peaceiris/actions-gh-pages@v3
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          publish_dir: docs
+          force_orphan: true
+          commit_message: 'docs: update'

packages/core/auth-js/.github/workflows/dogfooding.yml

@@ -0,0 +1,51 @@
+name: Dogfooding Check
+
+on:
+  pull_request_review:
+    types: [submitted, edited]
+
+  pull_request:
+
+  push:
+
+permissions:
+  contents: read
+
+jobs:
+  check_dogfooding:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        if: github.event.pull_request.base.ref == 'master' && github.event.pull_request.head.ref == 'release-please--branches--master'
+        with:
+          ref: master # used to identify the latest RC version via git describe --tags --match rc*
+          fetch-depth: 0
+
+      - if: github.event.pull_request.base.ref == 'master' && github.event.pull_request.head.ref == 'release-please--branches--master'
+        run: |
+          set -ex
+
+          # finds the latest RC version on master
+          RELEASE_VERSION=@supabase/auth-js@$(node -e "const a = '$(git describe --tags --match rc*)'.replace(/^rc/, '').split('-'); console.log(a[0] + '-' + a[1]);")
+
+          # use some clever Ruby magic to extract the snapshots['@supabase/auth-js@...'] version from the pnpm-lock.yaml file
+          STUDIO_VERSION=$(curl 'https://raw.githubusercontent.com/supabase/supabase/refs/heads/master/pnpm-lock.yaml' | ruby -e 'require("yaml"); l = YAML.load(STDIN); puts(l["snapshots"].find { |k, v| k.start_with? "@supabase/auth-js" }.first)')
+
+          echo "Expecting RC version $RELEASE_VERSION to be used in Supabase Studio."
+
+          if [ "$STUDIO_VERSION" != "$RELEASE_VERSION" ]
+          then
+            echo "Version in Supabase Studio is not the latest release candidate. Please release this RC first to proof the release before merging this PR."
+            exit 1
+          fi
+
+          echo "Release away!"
+          exit 0
+
+      - if: github.event.pull_request.base.ref != 'master' || github.event.pull_request.head.ref != 'release-please--branches--master'
+        run: |
+          set -ex
+
+          echo "This PR is not subject to dogfooding checks."
+          exit 0
+

packages/core/auth-js/.github/workflows/manual-publish.yml

@@ -0,0 +1,61 @@
+name: Manual Publish
+
+on:
+  workflow_dispatch:
+    inputs:
+      package:
+        description: Package name
+        type: choice
+        required: true
+        options:
+          - auth-js
+          - gotrue-js
+      version:
+        description: Version to publish (1.2.3 not v1.2.3)
+        type: string
+        required: true
+      reason:
+        description: Why are you manually publishing?
+        type: string
+        required: true
+
+jobs:
+  publish:
+    runs-on: ubuntu-latest
+
+    steps:
+      - run: |
+          echo 'Package: ${{ inputs.package }}'
+          echo 'Version: ${{ inputs.version }}'
+          echo 'Reason:  ${{ inputs.reason  }}'
+
+      - uses: actions/checkout@v4
+        with:
+          ref: v${{ inputs.version }}
+
+      - name: Set up Node
+        uses: actions/setup-node@v1
+        with:
+          node-version: '20'
+
+      - run: |
+          npm ci
+          npm run build
+
+      - name: Publish @supabase/${{ inputs.package }} @v${{ inputs.version }}
+        env:
+          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
+        run: |
+          echo '//registry.npmjs.org/:_authToken=${NPM_TOKEN}' > ~/.npmrc
+
+          set -ex
+
+          for f in package.json package-lock.json
+          do
+            sed -i 's/0.0.0/${{ inputs.version }}/' "$f"
+
+            sed -i 's|\(["/]\)auth-js|\1${{ inputs.package }}|g' "$f"
+          done
+
+          npm publish # not with --tag latest!
+