From 0c02535ab931687c81d0ea59e4ab094e88af5b3a Mon Sep 17 00:00:00 2001 From: "atomist[bot]" <22779605+atomist[bot]@users.noreply.github.com> Date: Sat, 10 Oct 2020 21:04:59 +0000 Subject: [PATCH] Prettier fixes (#42) * Prettier format fixes [atomist:generated] [atomist-skill:atomist/prettier-skill] Pull request auto merged: * No reviews * 1 successful check --- CODE_OF_CONDUCT.md | 85 ++++++++++++++++++------------------- CONTRIBUTING.md | 102 +++++++++++++++++++++------------------------ README.md | 59 +++++++++++++++----------- SECURITY.md | 36 ++++++++-------- 4 files changed, 140 insertions(+), 142 deletions(-) diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md index b6f3343..14b402e 100644 --- a/CODE_OF_CONDUCT.md +++ b/CODE_OF_CONDUCT.md @@ -1,14 +1,14 @@ # Contributor Covenant Code of Conduct In the interest of fostering an open and welcoming environment, we as -contributors and maintainers pledge to making participation in our -project and our community a harassment-free experience for everyone, -regardless of age, body size, disability, ethnicity, gender identity -and expression, level of experience, nationality, personal appearance, -race, religion, or sexual identity and orientation. +contributors and maintainers pledge to making participation in our project and +our community a harassment-free experience for everyone, regardless of age, body +size, disability, ethnicity, gender identity and expression, level of +experience, nationality, personal appearance, race, religion, or sexual identity +and orientation. -Examples of behavior that contributes to creating a positive -environment include: +Examples of behavior that contributes to creating a positive environment +include: - Using welcoming and inclusive language - Being respectful of differing viewpoints and experiences @@ -18,51 +18,46 @@ environment include: Examples of unacceptable behavior by participants include: -- The use of sexualized language or imagery and unwelcome sexual - attention or advances -- Trolling, insulting/derogatory comments, and personal or political - attacks +- The use of sexualized language or imagery and unwelcome sexual attention or + advances +- Trolling, insulting/derogatory comments, and personal or political attacks - Public or private harassment -- Publishing others' private information, such as a physical or - electronic address, without explicit permission -- Other conduct which could reasonably be considered inappropriate - in a professional setting +- Publishing others' private information, such as a physical or electronic + address, without explicit permission +- Other conduct which could reasonably be considered inappropriate in a + professional setting -Project maintainers are responsible for clarifying the standards of -acceptable behavior and are expected to take appropriate and fair -corrective action in response to any instances of unacceptable -behavior. +Project maintainers are responsible for clarifying the standards of acceptable +behavior and are expected to take appropriate and fair corrective action in +response to any instances of unacceptable behavior. -Project maintainers have the right and responsibility to remove, edit, -or reject comments, commits, code, wiki edits, issues, and other -contributions that are not aligned to this Code of Conduct, or to ban -temporarily or permanently any contributor for other behaviors that -they deem inappropriate, threatening, offensive, or harmful. +Project maintainers have the right and responsibility to remove, edit, or reject +comments, commits, code, wiki edits, issues, and other contributions that are +not aligned to this Code of Conduct, or to ban temporarily or permanently any +contributor for other behaviors that they deem inappropriate, threatening, +offensive, or harmful. -This Code of Conduct applies both within project spaces and in public -spaces when an individual is representing the project or its -community. Examples of representing a project or community include -using an official project e-mail address, posting via an official -social media account, or acting as an appointed representative at an -online or offline event. Representation of a project may be further -defined and clarified by project maintainers. +This Code of Conduct applies both within project spaces and in public spaces +when an individual is representing the project or its community. Examples of +representing a project or community include using an official project e-mail +address, posting via an official social media account, or acting as an appointed +representative at an online or offline event. Representation of a project may be +further defined and clarified by project maintainers. -Instances of abusive, harassing, or otherwise unacceptable behavior -may be reported by contacting the project team -at [code-of-conduct@atomist.com][email]. All complaints will be -reviewed and investigated and will result in a response that is deemed -necessary and appropriate to the circumstances. The project team is -obligated to maintain confidentiality with regard to the reporter of -an incident. Further details of specific enforcement policies may be -posted separately. +Instances of abusive, harassing, or otherwise unacceptable behavior may be +reported by contacting the project team at [code-of-conduct@atomist.com][email]. +All complaints will be reviewed and investigated and will result in a response +that is deemed necessary and appropriate to the circumstances. The project team +is obligated to maintain confidentiality with regard to the reporter of an +incident. Further details of specific enforcement policies may be posted +separately. -Project maintainers who do not follow or enforce the Code of Conduct -in good faith may face temporary or permanent repercussions as -determined by other members of the project's leadership. +Project maintainers who do not follow or enforce the Code of Conduct in good +faith may face temporary or permanent repercussions as determined by other +members of the project's leadership. -This Code of Conduct is adapted from -the [Contributor Covenant][homepage], version 1.4, available -at [http://contributor-covenant.org/version/1/4][version] +This Code of Conduct is adapted from the [Contributor Covenant][homepage], +version 1.4, available at [http://contributor-covenant.org/version/1/4][version] [homepage]: http://contributor-covenant.org [version]: http://contributor-covenant.org/version/1/4/ diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 16aad77..3c5a5cb 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,44 +1,39 @@ # Contributing to Atomist open source projects -Have something you would like to contribute to this project? Awesome, -and thanks for taking time to contribute! Here's what you need to -know. +Have something you would like to contribute to this project? Awesome, and thanks +for taking time to contribute! Here's what you need to know. ## Contributing code -Is there an improvement to existing functionality or an entirely new -feature you would like to see? Before creating enhancement -suggestions, please check the issue list as you might find out that -you don't need to create one. - -Did you know we have a [Slack community][slack]? This might be a -great place to talk through your idea before starting. It allows you -to see if anyone else is already working on something similar, having -the same issue or to get feedback on your enhancement idea. -Discussing things with the community first is likely to make the -contribution process a better experience for yourself and those that +Is there an improvement to existing functionality or an entirely new feature you +would like to see? Before creating enhancement suggestions, please check the +issue list as you might find out that you don't need to create one. + +Did you know we have a [Slack community][slack]? This might be a great place to +talk through your idea before starting. It allows you to see if anyone else is +already working on something similar, having the same issue or to get feedback +on your enhancement idea. Discussing things with the community first is likely +to make the contribution process a better experience for yourself and those that are maintaining the projects. [slack]: https://join.atomist.com/ -If you do not find an open issue related to your contribution and -discussions in the Slack community are positive, the next thing to do -is to create an issue in the appropriate GitHub repository. +If you do not find an open issue related to your contribution and discussions in +the Slack community are positive, the next thing to do is to create an issue in +the appropriate GitHub repository. -- Before we can accept any code changes into the Atomist codebase, - we need to get some of the legal stuff covered. This is pretty - standard for open-source projects. We are using - [cla-assisant.io][cla-assistant] to track our Contributor License - Agreement (CLA) signatures. If you have not signed a CLA for the - repository to which you are contributing, you will be prompted to +- Before we can accept any code changes into the Atomist codebase, we need to + get some of the legal stuff covered. This is pretty standard for open-source + projects. We are using [cla-assisant.io][cla-assistant] to track our + Contributor License Agreement (CLA) signatures. If you have not signed a CLA + for the repository to which you are contributing, you will be prompted to when you create a pull request (PR). - Be sure there is an open issue related to the contribution. - Code contributions should successfully build and pass tests. -- Commit messages should follow the [standard format][commit] and - should include a [reference][ref] to the open issue they are - addressing. -- All code contributions should be submitted via - a [pull request (PR) from a forked GitHub repository][pr]. +- Commit messages should follow the [standard format][commit] and should + include a [reference][ref] to the open issue they are addressing. +- All code contributions should be submitted via a [pull request (PR) from a + forked GitHub repository][pr]. - Your PR will be reviewed by an Atomist developer. [cla-assistant]: https://cla-assistant.io/ @@ -48,37 +43,35 @@ is to create an issue in the appropriate GitHub repository. ## Reporting problems -Please go through the checklist below before reporting a -problem. There's a chance it may have already been reported, or -resolved. +Please go through the checklist below before reporting a problem. There's a +chance it may have already been reported, or resolved. -- Check if you can reproduce the problem in the latest version of - the project. -- Search the [atomist-community Slack][slack] community for common - questions and problems. +- Check if you can reproduce the problem in the latest version of the project. +- Search the [atomist-community Slack][slack] community for common questions + and problems. - Understand which repo the bug should be reported in. -- Scan the list of issues to see if the problem has previously been - reported. If so, you may add a comment to the existing issue - rather than creating a new one. +- Scan the list of issues to see if the problem has previously been reported. + If so, you may add a comment to the existing issue rather than creating a + new one. -You went through the list above and it is still something you would -like to report? Then, please provide us with as much of the context, -by explaininig the problem and including any additional details that -would help maintainers reproduce the problem. The more details you -provide in the bug report, the better. +You went through the list above and it is still something you would like to +report? Then, please provide us with as much of the context, by explaininig the +problem and including any additional details that would help maintainers +reproduce the problem. The more details you provide in the bug report, the +better. -Bugs are tracked as GitHub issues. After you've determined which -repository your bug is related to, create an issue on that repository -and provide as much information as possible. Feel free to use -the bug report template below if you like. +Bugs are tracked as GitHub issues. After you've determined which repository your +bug is related to, create an issue on that repository and provide as much +information as possible. Feel free to use the bug report template below if you +like. At a minimum include the following: -- Where did you find the bug? For example, did you encounter the bug - in chat, the CLI, somewhere else? +- Where did you find the bug? For example, did you encounter the bug in chat, + the CLI, somewhere else? - What version are you using? -- What command were you using when it happened? (including - parameters where applicable) +- What command were you using when it happened? (including parameters where + applicable) ``` [Description of the problem] @@ -105,10 +98,9 @@ At a minimum include the following: **Atomist CLI version:** [Enter CLI version] ``` -This project adheres to the Contributor Covenant [code of -conduct][conduct]. By participating, you are expected to uphold this -code. Please report unacceptable behavior to -[code-of-conduct@atomist.com][email]. +This project adheres to the Contributor Covenant [code of conduct][conduct]. By +participating, you are expected to uphold this code. Please report unacceptable +behavior to [code-of-conduct@atomist.com][email]. [conduct]: CODE_OF_CONDUCT.md [email]: mailto:code-of-conduct@atomist.com diff --git a/README.md b/README.md index 5d44099..c6630ce 100644 --- a/README.md +++ b/README.md @@ -12,12 +12,16 @@ Run npm scripts to compile or test your JavaScript project # What it's useful for -Run npm scripts with different versions of Node.js and npm in a consistent container environment. -When your tests pass, you can immediately publish the package to the npmjs.com Registry. +Run npm scripts with different versions of Node.js and npm in a consistent +container environment. When your tests pass, you can immediately publish the +package to the npmjs.com Registry. -- Set up this skill with multiple configurations to run your tests on different versions of Node.js -- Decide to publish your packages consistently from a centralized configuration -- Own the container environment and install tools needed for your build and test +- Set up this skill with multiple configurations to run your tests on + different versions of Node.js +- Decide to publish your packages consistently from a centralized + configuration +- Own the container environment and install tools needed for your build and + test # Before you get started @@ -27,34 +31,38 @@ Connect and configure this integration: - **npmjs.com Registry** - **Slack or Microsoft Teams** -The **GitHub** integration must be configured in order to use this skill. At least one repository must be selected. -If you want to publish a npm package to npmjs.com, you need to connect an **npmjs.com Registry**. We recommend -that you configure the **Slack** or **Microsoft Teams** integration. +The **GitHub** integration must be configured in order to use this skill. At +least one repository must be selected. If you want to publish a npm package to +npmjs.com, you need to connect an **npmjs.com Registry**. We recommend that you +configure the **Slack** or **Microsoft Teams** integration. # How to configure 1. **Configure npm scripts to run** - Provide the name of the npm scripts from the project's `package.json` scripts section. - The order in which the scripts are specified is the order in which they will get executed. - If one script fails, the execution stops. + Provide the name of the npm scripts from the project's `package.json` + scripts section. The order in which the scripts are specified is the order + in which they will get executed. If one script fails, the execution stops. 1. **Define Node.js version** - Provide a valid Node.js version or alias as used by [nvm](https://github.com/nvm-sh/nvm#usage). + Provide a valid Node.js version or alias as used by + [nvm](https://github.com/nvm-sh/nvm#usage). 1. **Decide if the package should be published after running the scripts** - When checked, the skill will run `npm publish` after successful execution of the configured - scripts. + When checked, the skill will run `npm publish` after successful execution of + the configured scripts. 1. **Define package access** - `npm publish` allows to publish packages with `public` or `restricted` access. + `npm publish` allows to publish packages with `public` or `restricted` + access. 1. **Create additional npm distribution tags** - Specify additional [distribution tags](https://docs.npmjs.com/adding-dist-tags-to-packages) + Specify additional + [distribution tags](https://docs.npmjs.com/adding-dist-tags-to-packages) like `next` or `stable` for the published version of the package. 1. **Tag the Git commit on successful execution** @@ -63,8 +71,9 @@ that you configure the **Slack** or **Microsoft Teams** integration. 1. **Specify an optional bash command** - In case your npm scripts need different tools - like databases - you can use this parameter - to install such tools. Provide a command that can in a Ubuntu 20.04 LTS container. + In case your npm scripts need different tools - like databases - you can use + this parameter to install such tools. Provide a command that can in a Ubuntu + 20.04 LTS container. Here's is an example on how to install MongoDB and start it: @@ -82,12 +91,14 @@ that you configure the **Slack** or **Microsoft Teams** integration. 1. **Enable file caching for faster execution times** - You can speed up executions times by enabling file caching for certain artifacts — for example, dependencies — - by providing glob patterns of files you'd like to cache between executions. + You can speed up executions times by enabling file caching for certain + artifacts — for example, dependencies — by providing glob patterns of files + you'd like to cache between executions. Note that only files within the `/atm/home` directory can be cached. - Caching the npm dependency cache could be accomplished with the following pattern: + Caching the npm dependency cache could be accomplished with the following + pattern: `.npm/**` @@ -107,15 +118,15 @@ that you configure the **Slack** or **Microsoft Teams** integration. 1. **Enjoy automatic and consistent execution of npm scripts on every push** -To create feature requests or bug reports, create an [issue in the repository for this skill](https://github.com/atomist-skills/npm-build-skill/issues). +To create feature requests or bug reports, create an +[issue in the repository for this skill](https://github.com/atomist-skills/npm-build-skill/issues). See the [code](https://github.com/atomist-skills/npm-build-skill) for the skill. --- -Created by [Atomist][atomist]. -Need Help? [Join our Slack workspace][slack]. +Created by [Atomist][atomist]. Need Help? [Join our Slack workspace][slack]. [atomist]: https://atomist.com/ "Atomist - How Teams Deliver Software" [slack]: https://join.atomist.com/ "Atomist Community Slack" diff --git a/SECURITY.md b/SECURITY.md index 925381b..02edb13 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -1,38 +1,38 @@ # Atomist Open Source Security Policies and Procedures -This document outlines security procedures and general policies for the -Atomist Open Source projects as found on https://github.com/atomist. +This document outlines security procedures and general policies for the Atomist +Open Source projects as found on https://github.com/atomist. - [Reporting a Vulnerability](#reporting-a-vulnerability) - [Disclosure Policy](#disclosure-policy) ## Reporting a Vulnerability -The Atomist OSS team and community take all security vulnerabilities -seriously. Thank you for improving the security of our open source -software. We appreciate your efforts and responsible disclosure and will -make every effort to acknowledge your contributions. +The Atomist OSS team and community take all security vulnerabilities seriously. +Thank you for improving the security of our open source software. We appreciate +your efforts and responsible disclosure and will make every effort to +acknowledge your contributions. Report security vulnerabilities by emailing the Atomist security team at: security@atomist.com -The lead maintainer will acknowledge your email within 24 hours, and will -send a more detailed response within 48 hours indicating the next steps in -handling your report. After the initial reply to your report, the security -team will endeavor to keep you informed of the progress towards a fix and -full announcement, and may ask for additional information or guidance. +The lead maintainer will acknowledge your email within 24 hours, and will send a +more detailed response within 48 hours indicating the next steps in handling +your report. After the initial reply to your report, the security team will +endeavor to keep you informed of the progress towards a fix and full +announcement, and may ask for additional information or guidance. -Report security vulnerabilities in third-party modules to the person or -team maintaining the module. +Report security vulnerabilities in third-party modules to the person or team +maintaining the module. ## Disclosure Policy -When the security team receives a security bug report, they will assign it -to a primary handler. This person will coordinate the fix and release -process, involving the following steps: +When the security team receives a security bug report, they will assign it to a +primary handler. This person will coordinate the fix and release process, +involving the following steps: - Confirm the problem and determine the affected versions. - Audit code to find any potential similar problems. -- Prepare fixes for all releases still under maintenance. These fixes - will be released as fast as possible to NPM. +- Prepare fixes for all releases still under maintenance. These fixes will be + released as fast as possible to NPM.