From f49c93067b446f71f464389c47b591349ec3acea Mon Sep 17 00:00:00 2001 From: Mike Kistler Date: Thu, 29 Jan 2026 09:44:48 -0600 Subject: [PATCH 1/3] Automate creating release PR if gh is installed --- scripts/prepare-release.sh | 32 +++++++++++++++++++++++++++++--- 1 file changed, 29 insertions(+), 3 deletions(-) diff --git a/scripts/prepare-release.sh b/scripts/prepare-release.sh index 1909b8d..a4e9980 100755 --- a/scripts/prepare-release.sh +++ b/scripts/prepare-release.sh @@ -90,6 +90,32 @@ echo "✓ Release branch created and pushed!" echo " Branch: $BRANCH_NAME" echo " Version: v$NEW_VERSION" echo "" -echo "Next steps:" -echo " 1. Create a Pull Request to merge $BRANCH_NAME into main" -echo " 2. Once merged, the tag will be created automatically" + +# Check if gh CLI is installed +if command -v gh &> /dev/null; then + echo "Creating Pull Request..." + + PR_TITLE="Release v$NEW_VERSION" + PR_BODY="This PR bumps the package version to v$NEW_VERSION. + +Once merged, the release workflow will automatically create a git tag and publish the package to npm. + +**Version Type:** $VERSION_TYPE" + + gh pr create \ + --base main \ + --head "$BRANCH_NAME" \ + --title "$PR_TITLE" \ + --body "$PR_BODY" + + echo "✓ Pull Request created successfully!" +else + echo "Note: GitHub CLI (gh) not found. Skipping automatic PR creation." + echo "" + echo "Next steps:" + echo " 1. Create a Pull Request to merge $BRANCH_NAME into main" + echo " 2. Once merged, the tag will be created automatically" + echo "" + echo "To enable automatic PR creation, install the GitHub CLI:" + echo " https://cli.github.com/" +fi From 131dd9bcaec33e13492a53f69f8759b4de6f4e26 Mon Sep 17 00:00:00 2001 From: Mike Kistler Date: Fri, 30 Jan 2026 08:18:43 -0600 Subject: [PATCH 2/3] Use Trusted Publishing to publish npm release --- .github/workflows/release.yaml | 11 +++++++---- RELEASING.md | 10 +++++----- 2 files changed, 12 insertions(+), 9 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 057c3f0..4c0f725 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -43,6 +43,10 @@ jobs: node-version: 20 registry-url: https://registry.npmjs.org + # Ensure npm 11.5.1 or later is installed + - name: Update npm + run: npm install -g npm@latest + - run: npm ci - run: npm test @@ -60,10 +64,9 @@ jobs: exit 1 fi - - name: Publish to npm - run: npm publish - env: - NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + # Use the Trusted Publishing feature to publish the package + # https://docs.npmjs.com/trusted-publishers + - run: npm publish - name: Create GitHub Release uses: softprops/action-gh-release@v2 diff --git a/RELEASING.md b/RELEASING.md index 86214bb..5e0942e 100644 --- a/RELEASING.md +++ b/RELEASING.md @@ -65,7 +65,9 @@ modifies "package json'. When triggered, it 2. Install dependencies and run the tests. These should never fail since PRs targeting main must pass CI, but this is an extra precaution. 3. Create and push a git tag matching the version in package.json -4. Publish the package to npm +4. Publish the package to npm, using the new + [Trusted publishing](https://docs.npmjs.com/trusted-publishers) feature of + npm. 5. Create a GitHub Release with auto-generated notes This single workflow handles the entire release process and ensures the npm and @@ -86,10 +88,8 @@ GitHub. ## npm Configuration -Publishing requires: - -- An npm automation token stored as a GitHub secret named `NPM_TOKEN` -- `publishConfig.access` set appropriately in `package.json` +Publishing requires that the GitHub action is registered as a trusted publisher +for the package in npm.js. ## Optional: Changelog From a52c41c396d00b4c17a0532d0eaf3b3a98150a11 Mon Sep 17 00:00:00 2001 From: Mike Kistler Date: Sun, 1 Feb 2026 06:44:38 -0600 Subject: [PATCH 3/3] Update README with instructions for using the ruleset fron mpm --- README.md | 43 +++++++++++++++++++++++++++++++++---------- RELEASING.md | 2 +- 2 files changed, 34 insertions(+), 11 deletions(-) diff --git a/README.md b/README.md index 0141c21..275634c 100644 --- a/README.md +++ b/README.md @@ -14,30 +14,53 @@ Proposals]. ### Dependencies -The Spectral Ruleset requires Node version 20 or later. +The Spectral Ruleset requires: -### Install Spectral +- Node version 20 or later. +- The [@stoplight/spectral-cli] npm package. -`npm i @stoplight/spectral-cli -g` +[@stoplight/spectral-cli]: + https://www.npmjs.com/package/@stoplight/spectral-cli + +### Installation + +You can use the aep-openapi-linter as an npm package or directly from GitHub. + +If you choose to use it as an npm package, install it in your project as you +would any other npm package: + +```sh +npm install @aep_dev/aep-openapi-linter +``` ### Usage -You can specify the ruleset directly on the command line: +To use the aep-openapi-linter, create a Spectral configuration file +(`.spectral.yaml`) that references the ruleset. If you installed the +aep-openapi-linter npm package into your project, you can just reference the +ruleset by name: -`spectral lint -r https://raw.githubusercontent.com/aep-dev/aep-openapi-linter/main/spectral.yaml ` +```yaml +extends: + - '@aep_dev/aep-openapi-linter' +``` + +Note that the quotes are required by yaml syntax. -Or you can create a Spectral configuration file (`.spectral.yaml`) that -references the ruleset: +You can also bypass installing the npm aep-openapi-linter package and reference +the ruleset directly from GitHub: ```yaml extends: - https://raw.githubusercontent.com/aep-dev/aep-openapi-linter/main/spectral.yaml ``` -### Example +You can pin to a specific release of the ruleset by replacing `main` with the +tag for the release. E.g. -```bash -spectral lint -r https://raw.githubusercontent.com/aep-dev/aep-openapi-linter/main/spectral.yaml petstore.yaml +```yaml +extends: + - https://raw.githubusercontent.com/aep-dev/aep-openapi-linter/refs/tags/v0.5.1/spectral.yaml ``` ### Using the Spectral VSCode extension diff --git a/RELEASING.md b/RELEASING.md index 5e0942e..2b44b63 100644 --- a/RELEASING.md +++ b/RELEASING.md @@ -89,7 +89,7 @@ GitHub. ## npm Configuration Publishing requires that the GitHub action is registered as a trusted publisher -for the package in npm.js. +for the package on npm. ## Optional: Changelog