From 6272ff81c6cf42e39ec5c384f6e402434d34788b Mon Sep 17 00:00:00 2001 From: Federico Builes Date: Wed, 26 Oct 2022 12:01:25 +0200 Subject: [PATCH 1/3] Adding a guide for contributors. --- CONTRIBUTING.md | 81 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 81 insertions(+) create mode 100644 CONTRIBUTING.md diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 0000000..9946e8e --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,81 @@ +# Contributing + +[fork]: https://github.com/github/dependency-submission-toolkit/fork +[pr]: https://github.com/github/dependency-submission-toolkit/compare +[code-of-conduct]: CODE_OF_CONDUCT.md + +Hi there! We're thrilled that you'd like to contribute to this project. Your help is essential for keeping it great. + +Contributions to this project are +[released](https://help.github.com/articles/github-terms-of-service/#6-contributions-under-repository-license) +to the public under the [project's open source license](LICENSE). + +Please note that this project is released with a [Contributor Code of +Conduct][code-of-conduct]. By participating in this project you agree +to abide by its terms. + +### Bootstrapping the project + +``` +git clone https://github.com/github/dependency-submission-toolkit.git +cd dependency-submission-toolkit +npm install +``` + +### Running the tests + +``` +npm run test +``` + +## Submitting a pull request + +0. [Fork][fork] and clone the repository +1. Configure and install the dependencies: `npm install` +2. Make sure the tests pass on your machine: `npm run test` +3. Create a new branch: `git checkout -b my-branch-name` +4. Make your change, add tests, and make sure the tests still pass +5. Make sure to build and package before pushing: `npm run all` +6. Push to your fork and [submit a pull request][pr] +7. Pat your self on the back and wait for your pull request to be reviewed and merged. + +Here are a few things you can do that will increase the likelihood of your pull request being accepted: + +- Write tests. +- Keep your change as focused as possible. If there are multiple changes you would like to make that are not dependent upon each other, consider submitting them as separate pull requests. +- Write a [good commit message](http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html). + +## Cutting a new release + +1. Update the version number in [package.json](https://github.com/github/dependency-submission-toolkit/blob/main/package.json). +1. Go to [Draft a new + release](https://github.com/github/dependency-submission-toolkit/releases/new) + in the Releases page. +1. Make sure that the `Publish this Action to the GitHub Marketplace` + checkbox is enabled +3. Click "Choose a tag" and then "Create new tag", where the tag name + will be your version prefixed by a `v` (e.g. `v1.2.3`). +4. Use a version number for the release title (e.g. "v1.2.3"). +5. Add your release notes. If this is a major version make sure to + include a small description of the biggest changes in the new version. +6. Click "Publish Release". + +You now have a tag and release using the semver version you used +above. The last remaining thing to do is to move the dynamic version +identifier to match the current SHA. This allows users to adopt a +major version number (e.g. `v1`) in their workflows while +automatically getting all the +minor/patch updates. + +To do this just checkout `main`, force-create a new annotated tag, and push it: + +``` +git tag -fa v2 -m "Updating v2 to 2.3.4" +git push origin v2 --force +``` + +## Resources + +- [How to Contribute to Open Source](https://opensource.guide/how-to-contribute/) +- [Using Pull Requests](https://help.github.com/articles/about-pull-requests/) +- [GitHub Help](https://help.github.com) From 1d44c61c0030312d7b56d68b070d88ffe22a6a8d Mon Sep 17 00:00:00 2001 From: Federico Builes Date: Wed, 26 Oct 2022 12:02:08 +0200 Subject: [PATCH 2/3] Bumping to 1.2.7. --- package-lock.json | 4 ++-- package.json | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/package-lock.json b/package-lock.json index e877154..a0f8764 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "@github/dependency-submission-toolkit", - "version": "1.2.4", + "version": "1.2.7", "lockfileVersion": 2, "requires": true, "packages": { "": { "name": "@github/dependency-submission-toolkit", - "version": "1.2.4", + "version": "1.2.7", "license": "MIT", "workspaces": [ "example" diff --git a/package.json b/package.json index 73e4280..34477b7 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@github/dependency-submission-toolkit", - "version": "1.2.4", + "version": "1.2.7", "description": "A TypeScript library for creating dependency snapshots.", "prepare": "npm run build", "main": "dist/index.js", From ea2efb9f93261a20f3aae8996148d8837b788888 Mon Sep 17 00:00:00 2001 From: Federico Builes Date: Wed, 26 Oct 2022 12:10:08 +0200 Subject: [PATCH 3/3] Removing bit about pushing tags to non semver branches. --- CONTRIBUTING.md | 14 -------------- 1 file changed, 14 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 9946e8e..eac014d 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -60,20 +60,6 @@ Here are a few things you can do that will increase the likelihood of your pull include a small description of the biggest changes in the new version. 6. Click "Publish Release". -You now have a tag and release using the semver version you used -above. The last remaining thing to do is to move the dynamic version -identifier to match the current SHA. This allows users to adopt a -major version number (e.g. `v1`) in their workflows while -automatically getting all the -minor/patch updates. - -To do this just checkout `main`, force-create a new annotated tag, and push it: - -``` -git tag -fa v2 -m "Updating v2 to 2.3.4" -git push origin v2 --force -``` - ## Resources - [How to Contribute to Open Source](https://opensource.guide/how-to-contribute/)