From 4ef2927efe1d6a2985939a441d98d27885a4a811 Mon Sep 17 00:00:00 2001 From: Jasper Vaneessen Date: Fri, 6 May 2022 10:27:38 +0200 Subject: [PATCH 01/12] chore: Replace Renovate with Dependabot * chore: add dependabot major version updates * chore: fix dependabot * chore: use target-branch for version updates * chore: ignore husky * chore: dep-bot runs nightly * chore: remove renovate * style: relocate comments * docs: add dependabot instr to release docs * chore: add labels and random nightly times * chore: revert separate security entry for labels Possible bug in deependabot? Raised issue with github support * Revert "docs: add dependabot instr to release docs" This reverts commit e137a65813e478757e436f1a4bf7059aa56e0a1d. * docs: add dependabot instruction for release --- .github/dependabot.yml | 25 ++++++++++++++++++++++--- documentation/release.md | 2 +- renovate.json | 5 ----- 3 files changed, 23 insertions(+), 9 deletions(-) delete mode 100644 renovate.json diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 6f1be8b8d..e95170908 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -4,14 +4,33 @@ updates: directory: / schedule: interval: "daily" - open-pull-requests-limit: 0 + time: "02:13" + timezone: "Europe/Brussels" + labels: + - "github-actions" + - ":gear: dependencies" - package-ecosystem: "npm" directory: / schedule: interval: "daily" - open-pull-requests-limit: 0 + time: "03:35" + timezone: "Europe/Brussels" + target-branch: "versions/5.0.0" + ignore: + # Ignore minor and patch version updates + - dependency-name: "*" + update-types: ["version-update:semver-minor", "version-update:semver-patch"] + # Sticking with Husky 4.x + - dependency-name: "husky" + labels: + - "npm" + - ":gear: dependencies" - package-ecosystem: "docker" directory: / schedule: interval: "daily" - open-pull-requests-limit: 0 + time: "04:22" + timezone: "Europe/Brussels" + labels: + - "docker" + - ":gear: dependencies" diff --git a/documentation/release.md b/documentation/release.md index 0f39ead1b..947ee0440 100644 --- a/documentation/release.md +++ b/documentation/release.md @@ -27,5 +27,5 @@ Steps to follow: * Do a GitHub release. * `npm publish` * Rename the `versions/x.0.0` branch to the next version. - * Update `.github/workflows/schedule.yml` to point at the new branch. + * Update `.github/workflows/schedule.yml` and `.github/dependabot.yml` to point at the new branch. * Potentially upgrade the recipes at https://github.com/CommunitySolidServer/recipes diff --git a/renovate.json b/renovate.json deleted file mode 100644 index d282bab0e..000000000 --- a/renovate.json +++ /dev/null @@ -1,5 +0,0 @@ -{ - "extends": [ - "github>rubensworks/renovate-presets:js" - ] -} From d504644c719a573e8f17e8e912775cdd66dac41d Mon Sep 17 00:00:00 2001 From: Joachim Van Herwegen Date: Fri, 6 May 2022 10:48:42 +0200 Subject: [PATCH 02/12] docs: Add pre-release documentation --- documentation/release.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/documentation/release.md b/documentation/release.md index 947ee0440..3446df92f 100644 --- a/documentation/release.md +++ b/documentation/release.md @@ -29,3 +29,9 @@ Steps to follow: * Rename the `versions/x.0.0` branch to the next version. * Update `.github/workflows/schedule.yml` and `.github/dependabot.yml` to point at the new branch. * Potentially upgrade the recipes at https://github.com/CommunitySolidServer/recipes + +Changes when doing a pre-release of a major version: + * Version with `npm version premajor --preid alpha -m "Release version %s of the npm package."`. + * Do not merge `versions/x.0.0` into `main`. + * Publish with `npm publish --tag next`. + * Do not update the branch or anything related. From 84f9b553cf1d71298a319c3a28d583e361139548 Mon Sep 17 00:00:00 2001 From: Joachim Van Herwegen Date: Fri, 6 May 2022 10:51:14 +0200 Subject: [PATCH 03/12] chore: Update dependabot labels --- .github/dependabot.yml | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index e95170908..2462623de 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -2,16 +2,15 @@ version: 2 updates: - package-ecosystem: "github-actions" directory: / - schedule: + schedule: interval: "daily" time: "02:13" timezone: "Europe/Brussels" labels: - - "github-actions" - - ":gear: dependencies" + - "⚙️ dependencies" - package-ecosystem: "npm" directory: / - schedule: + schedule: interval: "daily" time: "03:35" timezone: "Europe/Brussels" @@ -23,14 +22,12 @@ updates: # Sticking with Husky 4.x - dependency-name: "husky" labels: - - "npm" - - ":gear: dependencies" + - "⚙️ dependencies" - package-ecosystem: "docker" directory: / - schedule: + schedule: interval: "daily" time: "04:22" timezone: "Europe/Brussels" labels: - - "docker" - - ":gear: dependencies" + - "⚙️ dependencies" From 3c6a41125670445b0ce065f8dd79e24a2920b547 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 6 May 2022 08:28:03 +0000 Subject: [PATCH 04/12] chore(deps): bump docker/setup-buildx-action from 1 to 2 Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 1 to 2. - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](https://github.com/docker/setup-buildx-action/compare/v1...v2) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 596f32867..ce1209de5 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -174,7 +174,7 @@ jobs: type=semver,pattern={{major}} github-token: ${{ secrets.github_token }} - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v1 + uses: docker/setup-buildx-action@v2 - name: Login to DockerHub uses: docker/login-action@v1 with: @@ -215,7 +215,7 @@ jobs: type=raw,value=next github-token: ${{ secrets.github_token }} - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v1 + uses: docker/setup-buildx-action@v2 - name: Login to DockerHub uses: docker/login-action@v1 with: From b3176ef8ef4c2ac68ba986c9b00476db0f1e261f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 6 May 2022 08:28:07 +0000 Subject: [PATCH 05/12] chore(deps): bump docker/build-push-action from 2 to 3 Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 2 to 3. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/v2...v3) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ce1209de5..9dc19a00d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -182,7 +182,7 @@ jobs: password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Build and push id: docker_build - uses: docker/build-push-action@v2 + uses: docker/build-push-action@v3 with: context: . push: true @@ -223,7 +223,7 @@ jobs: password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Build and push id: docker_build - uses: docker/build-push-action@v2 + uses: docker/build-push-action@v3 with: context: . push: true From 80b629862bc959c96c7eb7c436e05f2dd66fdfc6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 6 May 2022 08:28:10 +0000 Subject: [PATCH 06/12] chore(deps): bump docker/metadata-action from 3 to 4 Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 3 to 4. - [Release notes](https://github.com/docker/metadata-action/releases) - [Upgrade guide](https://github.com/docker/metadata-action/blob/master/UPGRADE.md) - [Commits](https://github.com/docker/metadata-action/compare/v3...v4) --- updated-dependencies: - dependency-name: docker/metadata-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 9dc19a00d..7ce99504e 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -162,7 +162,7 @@ jobs: uses: actions/checkout@v3 - name: Docker meta id: meta - uses: docker/metadata-action@v3 + uses: docker/metadata-action@v4 with: images: | solidproject/community-server @@ -206,7 +206,7 @@ jobs: ref: ${{ github.ref }} - name: Docker meta id: meta - uses: docker/metadata-action@v3 + uses: docker/metadata-action@v4 with: images: | solidproject/community-server From 081593e39b92255e9d066d865a5968118e44d0a6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 6 May 2022 08:28:12 +0000 Subject: [PATCH 07/12] chore(deps): bump docker/login-action from 1 to 2 Bumps [docker/login-action](https://github.com/docker/login-action) from 1 to 2. - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/v1...v2) --- updated-dependencies: - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 7ce99504e..9c89ad88f 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -176,7 +176,7 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - name: Login to DockerHub - uses: docker/login-action@v1 + uses: docker/login-action@v2 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} @@ -217,7 +217,7 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - name: Login to DockerHub - uses: docker/login-action@v1 + uses: docker/login-action@v2 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} From 76ec9631eff803a40e309dd97d26b9efdf26ca46 Mon Sep 17 00:00:00 2001 From: Joachim Van Herwegen Date: Tue, 10 May 2022 09:59:46 +0200 Subject: [PATCH 08/12] chore: Update commit linting --- commitlint.config.js | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/commitlint.config.js b/commitlint.config.js index 422b19445..fa41fd250 100644 --- a/commitlint.config.js +++ b/commitlint.config.js @@ -1 +1,10 @@ -module.exports = { extends: ['@commitlint/config-conventional'] }; +module.exports = { + extends: ['@commitlint/config-conventional'], + rules: { + 'subject-case': [ + 2, + 'never', + ['start-case', 'kebab-case', 'snake-case'], + ], + } +}; From ef9dd433464799f54eade34fe11de04c5ab3a70e Mon Sep 17 00:00:00 2001 From: Joachim Van Herwegen Date: Tue, 10 May 2022 10:05:19 +0200 Subject: [PATCH 09/12] chore: Fix oidc-provider library to v7.10.6 Workaround for https://github.com/inrupt/solid-client-authn-js/issues/2103 --- package-lock.json | 2 +- package.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/package-lock.json b/package-lock.json index 8bccb0bf5..df4bd4981 100644 --- a/package-lock.json +++ b/package-lock.json @@ -49,7 +49,7 @@ "mime-types": "^2.1.34", "n3": "^1.16.0", "nodemailer": "^6.7.2", - "oidc-provider": "^7.10.6", + "oidc-provider": "7.10.6", "pump": "^3.0.0", "punycode": "^2.1.1", "rdf-dereference": "^1.9.0", diff --git a/package.json b/package.json index a26b15368..87e1dd185 100644 --- a/package.json +++ b/package.json @@ -116,7 +116,7 @@ "mime-types": "^2.1.34", "n3": "^1.16.0", "nodemailer": "^6.7.2", - "oidc-provider": "^7.10.6", + "oidc-provider": "7.10.6", "pump": "^3.0.0", "punycode": "^2.1.1", "rdf-dereference": "^1.9.0", From 5b487664708a4de5ad18b0f873884982c219cac2 Mon Sep 17 00:00:00 2001 From: Joachim Van Herwegen Date: Tue, 10 May 2022 10:32:33 +0200 Subject: [PATCH 10/12] chore: Release version 4.0.1 of the npm package --- CHANGELOG.md | 14 ++++++++++++++ RELEASE_NOTES.md | 4 ++++ package-lock.json | 4 ++-- package.json | 2 +- 4 files changed, 21 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1733637d3..a2ea8fe29 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,20 @@ # Changelog All notable changes to this project will be documented in this file. + +## [v4.0.1](https://github.com/CommunitySolidServer/CommunitySolidServer/compare/v4.0.0...v4.0.1) - 2022-05-10 + +### Changed +* [chore: Fix oidc-provider library to v7.10.6](https://github.com/CommunitySolidServer/CommunitySolidServer/commit/ef9dd433464799f54eade34fe11de04c5ab3a70e) + +### Deprecated +* [chore: Drop support for Node 12](https://github.com/CommunitySolidServer/CommunitySolidServer/commit/3d6e3d2e39ffd54ffed6fc0d24de97d50d45c96d) + +### Fixed +* [fix: %2F not handled correctly in file backend #1184](https://github.com/CommunitySolidServer/CommunitySolidServer/commit/dbdb9b424e4c4f68c19c66396064486bff93a7e4) +* [fix: Make delimiter encoding case-insensitive.](https://github.com/CommunitySolidServer/CommunitySolidServer/commit/50469e2c1f3d9c808062fde96d2ce62d5e85475e) + + ## [v4.0.0](https://github.com/CommunitySolidServer/CommunitySolidServer/compare/v3.0.0...v4.0.0) - 2022-04-19 diff --git a/RELEASE_NOTES.md b/RELEASE_NOTES.md index ab1b0c668..f7d2d43fa 100644 --- a/RELEASE_NOTES.md +++ b/RELEASE_NOTES.md @@ -1,5 +1,9 @@ # Community Solid Server release notes +## V4.0.1 +Freezes the `oidc-provider` dependency to prevent a potential issue with the solid authn client +as described in https://github.com/inrupt/solid-client-authn-js/issues/2103. + ## v4.0.0 ### New features - The server can be started with a new parameter to automatically generate accounts and pods, diff --git a/package-lock.json b/package-lock.json index df4bd4981..b4f0501e6 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "@solid/community-server", - "version": "4.0.0", + "version": "4.0.1", "lockfileVersion": 2, "requires": true, "packages": { "": { "name": "@solid/community-server", - "version": "4.0.0", + "version": "4.0.1", "license": "MIT", "dependencies": { "@comunica/actor-init-sparql": "^1.22.3", diff --git a/package.json b/package.json index 87e1dd185..b1d8f9487 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@solid/community-server", - "version": "4.0.0", + "version": "4.0.1", "description": "Community Solid Server: an open and modular implementation of the Solid specifications", "keywords": [ "solid", From 682bbe88d0cffe25bd941988ddd42c0aa62d49c6 Mon Sep 17 00:00:00 2001 From: Joachim Van Herwegen Date: Tue, 10 May 2022 11:04:18 +0200 Subject: [PATCH 11/12] docs: Update release commit message in release documentation --- documentation/release.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/documentation/release.md b/documentation/release.md index 3446df92f..1087a1f39 100644 --- a/documentation/release.md +++ b/documentation/release.md @@ -15,7 +15,7 @@ Steps to follow: `https://linkedsoftwaredependencies.org/bundles/npm/@solid/community-server/^x.0.0/components/context.jsonld`. * Update all `lsd` entries in `package.json` to the new version. * Commit this with `chore: Update configs to vx.0.0`. - * `npm version major -m "Release version %s of the npm package."` + * `npm version major -m "chore: Release version %s of the npm package"` * This will update the `package.json`, generate a tag, and generate the new entries in `CHANGELOG.md`. * Manually edit the `CHANGELOG.md`. * First reverse the list of new entries so they go from old to new. From 953c2a1bd3f29a94605db6f194ddb19bd42c7629 Mon Sep 17 00:00:00 2001 From: Joachim Van Herwegen Date: Tue, 10 May 2022 11:06:20 +0200 Subject: [PATCH 12/12] docs: Update pre-release commit message in documentation --- documentation/release.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/documentation/release.md b/documentation/release.md index 1087a1f39..58cfbcd82 100644 --- a/documentation/release.md +++ b/documentation/release.md @@ -31,7 +31,7 @@ Steps to follow: * Potentially upgrade the recipes at https://github.com/CommunitySolidServer/recipes Changes when doing a pre-release of a major version: - * Version with `npm version premajor --preid alpha -m "Release version %s of the npm package."`. + * Version with `npm version premajor --preid alpha -m "chore: Release version %s of the npm package"`. * Do not merge `versions/x.0.0` into `main`. * Publish with `npm publish --tag next`. * Do not update the branch or anything related.