enforce-package-dependency-version

This Github Actions helps enforce that a specific package version, range, prerelease, etc exists in your package.json and yarn.lock.

⚠️ Uses yarn why …, so only yarn is supported for now.

Example Workflow

This action runs itself here.

name: Enforce Package

on: push

jobs:
  typescript:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2

      - name: "Enforce Version"
        id: enforce
        uses: sharesight/enforce-package-dependency-version@v2
        with:
          package: "typescript"
          range: ">=4.2.0"

      - name: Debug
        if: always()
        run: |
          echo target_version: ${{ steps.enforce.outputs.target_version }}
          echo resolved_version: ${{ steps.enforce.outputs.resolved_version }}

Inputs

Name	Description	Example	Default Value
package	The name of the dependency to check.	`'@sharesight/package '`	[required]
directory	Directory where your `package.json` can be found.	`'../packages/static-site'`	`env.GITHUB_WORKSPACE`
range	A semver range	`'^1.2.3'`	[required]
version_prerelease	An optional prerelease target (read more)	`'alpha'`, `true`, `false`	`false`
allow_multiple_versions	Allow multiple versions to be resolved? (read more)	`true`, `false`	`false`

version_prerelease

false – requires there is no prerelease.
true – allows a prerelease—but it is not required! 1.2.3-prerelease and 1.2.3 are both valid
'prerelease' – means it must match that prerelease.
'prerelease.#' – means it must match that prerelease and identifier.

allow_multiple_versions

Example: you may have Typescript at ^4.2.0 in your codebase, but another package points to 3.x…

false – means this should only ever resolve to a single version (and that should match our range)
true – does not fail if there are multiple versions
- ⚠️ NOTE: we only look at the first resolved version, assuming this is your version..

Outputs

Name	Description	Type or Example Value
resolved_version	The resolved version of that dependency, eg. in `yarn.lock`	`'1.2.3'`, `'1.2.3-prerelease.1'`, etc…
target_version	The target version of that dependency, eg. version in `package.json`	`'^1.2.3'`

Development of this Action

Start Development

yarn install
code .
yarn jest:tdd

Build & Release

Prepare Build

Deicde on a semver, eg. 1.2.3.
Bump this version in package.json file.
Bump this version in README.md example.
Run yarn build and commit that dist/index.js change.
Version bumps should go via a PR and be merged into master before releasing.

Create the Release

Manually build a New Release: here

Enter your tag based on the semver.
- Your tag should be prepended with a v, eg. v1.2.3.
- Do not use @latest tag.
⚠️ Point the release to the correct commit (not main)! This should be the PR Merge commit.
Enter a title naming the release (eg. v1.2.3: Brief description of changes)
Enter a fuller description—link to commits, PRs, etc.
Release!

Name		Name	Last commit message	Last commit date
Latest commit History 119 Commits
.github		.github
__tests__		__tests__
dist		dist
src		src
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md
action.yml		action.yml
jest.config.js		jest.config.js
package.json		package.json
tsconfig.json		tsconfig.json
yarn.lock		yarn.lock

License

sharesight/enforce-package-dependency-version

Folders and files

Latest commit

History

Repository files navigation

enforce-package-dependency-version

Example Workflow

Inputs

version_prerelease

allow_multiple_versions

Outputs

Development of this Action

Start Development

Build & Release

Prepare Build

Create the Release

About

Resources

License

Stars

Watchers

Forks

Languages