|
6 | 6 |
|
7 | 7 | ## Testing |
8 | 8 |
|
9 | | -* `npm test`: Lint the code and run the entire test suite with coverage. |
10 | | -* `npx test-ava`: Run self-hosted tests from `test/`. Wraps a stable version of AVA. |
11 | | -* `npx tap`: Run legacy tests from `test-tap/`. |
12 | | - |
13 | | -Note that in CI we only run linting with the Node.js version set in the `package.json` file under the `"volta"` key. |
| 9 | +- `npm test`: Lint the code and run the entire test suite with coverage. |
| 10 | +- `npx tap test-tap/fork.js --bail`: Run a specific test file and bail on the first failure (useful when hunting bugs). |
| 11 | +- `npx test-ava test/{file}.js`: Run self-hosted tests. |
14 | 12 |
|
15 | 13 | ## CI |
16 | 14 |
|
17 | | -We test across Linux, macOS and Windows, across all supported Node.js versions. The occasional failure in a specific environment is to be expected. If jobs fail, review carefully. |
18 | | - |
19 | | -TypeScript jobs should all pass. |
| 15 | +- Tests sometimes fail on Windows. Review the errors carefully. |
| 16 | +- At least one Windows job must pass. |
| 17 | +- All other jobs must pass. |
20 | 18 |
|
21 | 19 | ## Updating dependencies |
22 | 20 |
|
23 | | -* Make sure new dependency versions are compatible with our supported Node.js versions. |
24 | | -* TypeScript dependency changes require CI changes to ensure backwards compatibility, see below. |
25 | | -* Open a PR with the updates and only merge when CI passes (see the previous section). |
| 21 | +- Make sure new dependency versions are compatible with our supported Node.js versions. |
| 22 | +- Leave the TypeScript dependency as it is, to avoid accidental breakage. |
| 23 | +- Open a PR with the updates and only merge when CI passes (see the previous section). |
26 | 24 |
|
27 | 25 | ## Updating TypeScript |
28 | 26 |
|
29 | 27 | TypeScript itself does not follow SemVer. Consequently we may have to make changes to the type definition that, technically, are breaking changes for users with an older TypeScript version. That's OK, but we should be aware. |
30 | 28 |
|
31 | | -When updating the TypeScript dependency, *also* add it to the CI workflow. This enables us to do typechecking with previous TypeScript versions and avoid unintentional breakage. For instance we won't accidentally rely on newer TypeScript features. |
| 29 | +Only update the TypeScript dependency when truly necessary. This helps avoid accidental breakage. For instance we won't accidentally rely on newer TypeScript features. |
32 | 30 |
|
33 | 31 | Speaking of, using newer TypeScript features could be considered a breaking change. This needs to be assessed on a case-by-case basis. |
34 | 32 |
|
35 | 33 | ## Pull requests |
36 | 34 |
|
37 | | -* New features should come with tests and documentation. |
38 | | -* Ensure the [contributing guidelines](.github/CONTRIBUTING.md) are followed. |
39 | | -* Usually we squash commits when merging. Rebases may sometimes be appropriate. |
| 35 | +- New features should come with tests and documentation. |
| 36 | +- Ensure the [contributing guidelines](.github/CONTRIBUTING.md) are followed. |
| 37 | +- Squash commits when merging. |
40 | 38 |
|
41 | 39 | ## Experiments |
42 | 40 |
|
43 | | -* Implement breaking changes as an experiment first, requiring opt-in. |
44 | | -* Ship new features early by treating them as an experiment, requiring opt-in. |
| 41 | +- Implement breaking changes as an experiment first, requiring opt-in. |
| 42 | +- Ship new features early by treating them as an experiment, requiring opt-in. |
45 | 43 |
|
46 | 44 | ## Release process |
47 | 45 |
|
48 | | -* Use `npm version` with the correct increment and push the resulting tag and `main` branch. |
49 | | -* CI will run against the tag. Wait for this to complete. |
50 | | -* Approve the Release workflow within GitHub. The workflow includes npm provenance for enhanced security and supply chain transparency. |
| 46 | +1. In the `main` branch, use `npm version` with the correct increment. |
| 47 | +1. Push the resulting tag (`git push --tags`). |
| 48 | +1. Wait for minimal CI checks to pass and push the `main` branch. |
| 49 | +1. Wait for full CI run to complete on the tag. |
| 50 | +1. The *Release* workflow will automatically run and publish to npm with provenance. It will also create a draft GitHub release. |
| 51 | +1. Review and publish the [draft GitHub release](https://github.com/avajs/ava/releases). |
| 52 | + |
| 53 | +The *Release* workflow includes several safety checks: |
| 54 | + |
| 55 | +- Validates the tag version matches `package.json` |
| 56 | +- Verifies the tagged commit is included in the `main` branch |
| 57 | +- Confirms CI has passed for the commit |
| 58 | + |
| 59 | +### Manual Release |
| 60 | + |
| 61 | +If CI fails for the tag and you're confident this is not due to a fault in the release, you can manually trigger the *Release* workflow: |
| 62 | + |
| 63 | +1. Go to the [*Release* workflow](https://github.com/avajs/ava/actions/workflows/release.yml) |
| 64 | +1. Click "Run workflow" |
| 65 | +1. Enter the release tag (e.g., `v1.2.3`) |
| 66 | +1. Optionally check "Skip CI status check" |
51 | 67 |
|
52 | 68 | ### Setup Requirements |
53 | 69 |
|
54 | | -For the automated workflows to work, the following secrets must be configured in the repository: |
| 70 | +For the Release workflow to work, the `NPM_TOKEN` must be configured in the [`npm` environment](https://github.com/avajs/ava/settings/environments/7070437878/edit#environment-secrets). |
55 | 71 |
|
56 | | -- `NPM_TOKEN`: An npm automation token with publish permissions to the AVA package, within the `npm` environment |
| 72 | +This must be a granular automation token which can publish the AVA package. It must be set to expire after no more than 90 days. |
0 commit comments