Description

Note: this is incomplete, want to get thoughts before I clean up and add tests.

Currently we split the check APIs which abstract workspace extraction. This makes it mildly difficult to add checks (see https://github.com/wayfair/one-version/issues/24) without extracting workspaces twice or duplicating across check APIs.

I think we can just bifurcate the workspace extraction across package managers, have that return a uniform object. Then operate checks directly on that.

Type of Change

• [ ] Bug Fix
• [ ] New Feature
• [ ] Breaking Change
• [x] Refactor
• [ ] Documentation
• [ ] Other (please describe)

Why

The release process is currently manual and triggered by creating a GH release tag, which kicks off an action to publish the npm package. Before this occurs, someone must update the version in package.json and update the changelog.

What

• Document the release process

Automate as much of process as we can, including potentially:

• Write a script that prompts user with semver version bump & automatically copies [Unreleased] section of changelog into a new section that matches the updated version
• Checking the merged pr for changes to the pjson version, and automating kicking off the release & tagging process from the main pipeline instead of manual release action

Why

Updating all the manifest's in a monorepo is really time consuming and annoying, we should make it faster

What

Add a set/update option to the one version rule script that will update all the pjson's (and lockfile if necessary) in the repo

Possible implementation

When update is selected, require any number of --dep and --version flags, i.e.

• pnpm run one-version update --dep react --version ^16
• pnpm run one-version update --dep react --version ^18 --dep react-dom --version ^18

I initially thought we should have a fix command, but I think it would be difficult to determine what needs changing to "fix" something (i.e. if someone introduced an upgraded dependency, is the fix to downgrade it to match the rest of the repo, or to upgrade the rest of the repo?).

An update/set command could serve both purposes, since it would allow for easy mass-upgrades and "fixing" of single issues as well.

We could also make the script interactive, and prompt users for dependencies and versions 🤔

Current Behavior

The rule currently only evaluates version specifiers across a workspace. This is sufficient for yarn workspaces, but is not for pnpm, as described here.

pnpm workspaces do not have a flat lockfile, so the following is possible:

apps/workspace-a:
  specifiers:
     '@wayfair/ui': ^8
  dependencies:
    '@wayfair/ui': 8.0.0_66b146768d72279e63e637aae37792af

apps/workspace-b:
  specifiers:
     '@wayfair/ui': ^8
  dependencies:
    '@wayfair/ui': 8.0.1_b88fe22cf250f8fb4b578ded3c75a78e

The rule currently passes in the above scenario.

Expected Behavior

The check should fail in the above scenario, by checking the lockfile as well as the manifest specifiers.

Before releasing v1, complete the following:

• [ ] https://github.com/wayfair-incubator/one-version/issues/7
• [ ] https://github.com/wayfair-incubator/one-version/issues/6
• [ ] https://github.com/wayfair-incubator/one-version/issues/5
• [x] https://github.com/wayfair-incubator/one-version/issues/9

Description

Updates the package manager from Yarn 1 to Yarn 3

Type of Change

• [ ] Bug Fix
• [ ] New Feature
• [ ] Breaking Change
• [ ] Refactor
• [ ] Documentation
• [x] Other (maintenance)

Description

👋 This repository is not currently configured for Renovate. This issue proposes the steps necessary to add Renovate to this project!

💡 Not familiar with Renovate, or are confused about what advantages it holds over GitHub's Dependabot? Learn more here!

Steps to Add

1. Review the guide for Adding Renovate to Existing Projects.
2. Assign yourself to this issue to signal to others that you intend to work on it. If you ultimately decide not to pursue this, please remember to un-assign yourself so that others may participate!
3. The renovate[bot] account has already auto-filed a Configure Renovate PR against this repository, feel free to reference the proposed changes in your own Pull Request. If you are contributing to this project as a Hacktoberfest participant, you must file your own PR in order to get credit for your contribution!
4. You may find that the CI build for this project is failing for unrelated reasons. If you are not already a contributor to this project and don't feel comfortable attempting to fix the build, that's okay! There's plenty of other ways you can contribute to Wayfair's open source projects :) Feel free to consult the list of our other participating repositories here!
5. In order to catch potential JSON syntax errors or other mis-configurations, please add Renovate linting to this project's existing GitHub Workflow CI pipeline, or create a new one (eg. .github/workflows/lint.yml). See here for an example.
6. If this repository is currently configured to use GitHub's Dependabot, you must also deprecate support for Dependabot in order to avoid conflicts with Renovate. This is typically as simple as removing the .github/dependabot.yml file. See here for an example.

Checklist

• [ ] I have read the Adding Renovate to Existing Projects guide.
• [ ] I have assigned this issue to myself avoid duplicating efforts with other potential contributors.
• [ ] I have verified this repository does not already have Renovate configured (or proposed in an open PR by another contributor).
• [ ] If the renovate[bot] account has already auto-filed a Configure Renovate PR in this repository, I confirm that I will create a separate PR under my own GitHub account, using the initial PR as inspiration.
• [ ] I confirm that I have added Renovate linting to this project's existing CI pipeline, or have created a new linting workflow if one doesn't already exist.
• [ ] If this repository is currently configured to use GitHub's Dependabot, my PR will also deprecate support for Dependabot in order to avoid conflicts with Renovate.

Bumps actions/stale from 5 to 6.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

What

Add an .npmignore or files config to remove extraneous files from the published package

Why

To have the published package be as small as possible

todo: write tests

Description

Add a -f --file option to the one-version check command where we can pass an arbitrary (local) file path to check for one-version compatibility.

Also bumps the repo to use yarn 3.

Resolves https://github.com/wayfair/one-version/issues/31

Type of Change

• [ ] Bug Fix
• [x] New Feature
• [ ] Breaking Change
• [ ] Refactor
• [ ] Documentation
• [ ] Other (please describe)

This PR contains the following updates:

| Package | Type | Update | Change | |---|---|---|---| | actions/stale | action | major | v6 -> v7 |

Release Notes

Configuration

📅 Schedule: Branch creation - "before 3am every weekday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

• [ ] If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

Description

Add a -f --file option to the one-version check command where we can pass an arbitrary (local) file path to check for one-version compatibility.

Resolves https://github.com/wayfair/one-version/issues/31

Type of Change

• [ ] Bug Fix
• [x] New Feature
• [ ] Breaking Change
• [ ] Refactor
• [ ] Documentation
• [ ] Other (please describe)

Description

Refactors one version check. Simplifies check logic by creating a map of unique ids -> dependencies, doing the check logic on ids, and only getting dep info again to display. The check is now simpler and operates on simpler data structures. A bit of complexity moved into display logic, but I would prefer it there anyway.

Type of Change

• [ ] Bug Fix
• [ ] New Feature
• [ ] Breaking Change
• [X] Refactor
• [ ] Documentation
• [ ] Other (please describe)

Problem Statement

Before moving an existing application into a monorepo there's no automated way to check if the dependencies in the application will align with the existing dependency versions in the monorepo or if they'll cause the one-version check to fail.

Proposed Solution

Add a -f --file option to the one-version check command where we can pass an arbitrary (local) file path to check for one-version compatibility.

For example:

yarn one-version check -f /path/to/my/other/repo/package.json

This would allow us to preview the output as if we had already moved the new package.json into the monorepo.

Alternatives Considered

Manually move a package.json into the monorepo and run yarn one-version check to see which versions do not match.

Additional Context

No response

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | chalk | ^4 -> ^5.0.0 | | | | |

Release Notes

-import chalk from 'chalk';
+import chalkTemplate from 'chalk-template';

-chalk`2 + 3 = {bold ${2 + 3}}`;
+chalkTemplate`2 + 3 = {bold ${2 + 3}}`;

Configuration

📅 Schedule: Branch creation - "before 3am every weekday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

• [ ] If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | markdownlint-cli | ^0.31.1 -> ^0.33.0 | | | | |

Release Notes

Configuration

📅 Schedule: Branch creation - "before 3am every weekday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

• [ ] If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Open

These updates have all been created already. Click a checkbox below to force a retry/rebase of any.

• [ ] chore(deps): update dependency markdownlint-cli to ^0.33.0
• [ ] fix(deps): update dependency chalk to v5

Detected dependencies

• [ ] Check this box to trigger a request for Renovate to run again on this repository