Improve pipelines and use GitHub releases

.ci/publishNpm.sh

@@ -0,0 +1,24 @@
+#!/usr/bin/env bash
+set -e
+
+if [ -z "$VERSION" ]; then
+    echo "The environment variable 'VERSION' must be set."
+    exit 1
+fi
+
+if printf -- "$VERSION" | grep -q " "; then
+    echo '$VERSION must not contain whitespaces'
+    exit 1
+fi
+
+# set the version of all packages in the workspace to $VERSION
+npm version --workspaces --no-git-tag-version "$VERSION"
+
+# replace all dependencies from the current workspace that are marked with "*" with the version that gets published
+find . -regex "./packages/[A-Za-z-]*/package\.json$" -exec sed -i -e "s/\"\*\"/\"$VERSION\"/g" {} \;
+
+# npm i to update the lockfile
+npm i
+
+# publish all packages
+npm exec --workspaces -c 'enhanced-publish --if-possible --use-preid-as-tag'

.ci/runChecks.sh

@@ -0,0 +1,9 @@
+set -e
+
+npm ci
+npm run build
+npm run lint:eslint
+npm run lint:prettier
+npm run --workspaces cdep
+npx --workspaces license-check
+npx better-npm-audit audit

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,8 @@
+# Readiness checklist
+
+- [ ] I added/updated tests (if necessary).
+- [ ] I ensured that the PR title is good enough for the changelog.
+- [ ] I labeled the PR.
+- [ ] I self-reviewed the PR.
+
+<!-- # Description -->

.github/mergify.yml

@@ -0,0 +1,6 @@
+pull_request_rules:
+  - name: update pull request
+    conditions:
+      - label!=wip
+    actions:
+      update:

.github/release.yml

@@ -0,0 +1,21 @@
+changelog:
+  exclude:
+    labels:
+      - ci
+      - chore
+      - dependencies
+      - refactoring
+      - test
+  categories:
+    - title: Breaking Changes
+      labels:
+        - breaking-change
+    - title: New Features
+      labels:
+        - enhancement
+    - title: Bug Fixes
+      labels:
+        - bug
+    - title: Other Changes
+      labels:
+        - "*"

.github/renovate.json5

@@ -0,0 +1,27 @@
+{
+    $schema: "https://docs.renovatebot.com/renovate-schema.json",
+    rangeStrategy: "bump",
+    extends: ["config:recommended", ":disableDependencyDashboard"],
+    labels: ["dependencies"],
+    schedule: ["after 10pm every weekday", "before 5am every weekday", "every weekend"],
+    reviewers: ["Milena-Czierlinski", "britsta"],
+    packageRules: [
+        {
+            // all patch versions of all packages should be part of a single group
+            groupName: "patch-all",
+            matchUpdateTypes: ["patch", "digest"],
+            automerge: true
+        },
+        // ############# Minor updates (one group per datasource) #############
+        {
+            groupName: "minor-updates-npm",
+            matchDatasources: ["npm"],
+            matchUpdateTypes: ["minor"]
+        },
+        {
+            groupName: "minor-updates-github-tags-and-runners",
+            matchDatasources: ["github-tags", "github-runners"],
+            matchUpdateTypes: ["minor"]
+        }
+    ]
+}

.github/settings.yml

@@ -0,0 +1,42 @@
+---
+# https://github.com/repository-settings/app
+
+repository:
+  allow_squash_merge: true
+  allow_merge_commit: false
+  allow_rebase_merge: false
+  allow_auto_merge: true
+  allow_update_branch: true
+  delete_branch_on_merge: true
+
+labels:
+  - name: breaking-change
+    color: "#16060F"
+    description: A breaking change
+  - name: bug
+    color: "#d73a4a"
+    description: Something isn't working
+  - name: chore
+    color: "#c2e0c6"
+    description: Some routine work like updating dependencies
+  - name: ci
+    color: "#DFB5FD"
+    description: Continuous Integration related stuff
+  - name: dependencies
+    color: "#0366d6"
+    description: Pull requests that update dependencies
+  - name: documentation
+    color: "#0075ca"
+    description: Improvements or additions to documentation
+  - name: enhancement
+    color: "#a2eeef"
+    description: New feature or request
+  - name: refactoring
+    color: "#880361"
+    description: Refactoring of code
+  - name: test
+    color: "#20D89D"
+    description: This pull request contains only new or changed tests
+  - name: wip
+    color: "#32BF4C"
+    description: Work in Progress (blocks mergify from auto update the branch)

.github/workflows/check-pr.yml

@@ -0,0 +1,20 @@
+name: Check Pull Request
+
+permissions:
+  contents: read
+
+on:
+  pull_request:
+    types: [opened, labeled, unlabeled, synchronize]
+
+jobs:
+  validate-pr-label:
+    name: Validate the Pull Request's labels
+    runs-on: ubuntu-latest
+    steps:
+      - name: PR must be labeled
+        uses: jesusvasquez333/verify-pr-label-action@v1.4.0
+        with:
+          disable-reviews: true
+          github-token: "${{ secrets.GITHUB_TOKEN }}"
+          valid-labels: "breaking-change, bug, chore, ci, dependencies, documentation, enhancement, refactoring, test"

.github/workflows/publish.yml

@@ -2,8 +2,8 @@ name: Publish
 
 on:
   push:
-    branches:
-      - main
+    tags:
+      - "*"
 
 jobs:
   publish-npm:
@@ -12,11 +12,13 @@ jobs:
       contents: read
       id-token: write
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
       - uses: actions/setup-node@v6
         with:
           node-version: current
           registry-url: https://registry.npmjs.org
-      - run: bash .ci/build.sh
-      - run: bash .ci/test.sh
-      - run: bash .ci/publish.sh
+      - run: npm ci
+      - run: npm run build
+      - run: bash .ci/publishNpm.sh
+        env:
+          VERSION: ${{ github.ref_name }}

.github/workflows/test.yml

@@ -6,12 +6,19 @@
       - main
 
 jobs:
+  run-checks:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v6
+      - run: bash .ci/runChecks.sh
+
   test:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
       - uses: actions/setup-node@v6
         with:
           node-version: current
-      - run: bash .ci/build.sh
-      - run: bash .ci/test.sh
+      - run: npm ci
+      - run: npm run build
+      - run: npm run test:ci --workspaces --if-present