diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index d49a531..5b2be96 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1,3 +1,3 @@ # Read more about CODEOWNERS here - https://github.com/blog/2392-introducing-code-owners -* @procore/team-api +* @procore-oss/procore-ospo @procore-oss/procore-api diff --git a/.github/ISSUE_TEMPLATE/bug.yml b/.github/ISSUE_TEMPLATE/bug.yml new file mode 100644 index 0000000..bd3c1c9 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug.yml @@ -0,0 +1,66 @@ +name: 🐞 Bug +description: File a bug/issue +title: "[bug] " +labels: [bug, needs-triage] +body: +- type: checkboxes + attributes: + label: Is there an existing issue for this? + description: Please search to see if an issue already exists for the bug you encountered. + options: + - label: I have searched the existing issues + required: true +- type: checkboxes + attributes: + label: Is this a regression? + description: Did this behavior work before? + options: + - label: Yes, this used to work before + required: false +- type: textarea + attributes: + label: Current Behavior + description: A concise description of what you're experiencing. + validations: + required: false +- type: textarea + attributes: + label: Expected Behavior + description: A concise description of what you expected to happen. + validations: + required: false +- type: textarea + attributes: + label: Steps To Reproduce + description: Steps to reproduce the behavior. + placeholder: | + 1. + 2. + 3. + 4. + validations: + required: true +- type: textarea + attributes: + label: Environment + description: | + examples: + - **OS**: OSX 13.3.1 + - **Browser Name and Version**: Chrome Version 112.0.5615.49 (Official Build) (arm64) + - **Ruby Version**: 3.0.0 + value: | + - OS: + - Browser Name and version: + - Ruby Version: + render: markdown + validations: + required: true +- type: textarea + attributes: + label: Anything else? + description: | + Links? References? Anything that will give us more context about the issue you are encountering! + + Tip: You can attach images or log files by clicking this area to highlight it and then dragging files in. + validations: + required: false diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml new file mode 100644 index 0000000..3ba13e0 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/config.yml @@ -0,0 +1 @@ +blank_issues_enabled: false diff --git a/.github/ISSUE_TEMPLATE/docs.yml b/.github/ISSUE_TEMPLATE/docs.yml new file mode 100644 index 0000000..387c39d --- /dev/null +++ b/.github/ISSUE_TEMPLATE/docs.yml @@ -0,0 +1,18 @@ +name: 📚 Documentation or README.md issue report +description: File a bug/issue for docs or README.md +title: "[bug] <title>" +labels: [docs, needs-triage] +body: +- type: checkboxes + attributes: + label: Is there an existing issue for this? + description: Please search to see if an issue already exists for the bug you encountered. + options: + - label: I have searched the existing issues + required: true +- type: textarea + attributes: + label: Docs/README.md Part to update + description: A concise description of what you thing should be updated + validations: + required: true diff --git a/.github/ISSUE_TEMPLATE/feature-request.yml b/.github/ISSUE_TEMPLATE/feature-request.yml new file mode 100644 index 0000000..e51081f --- /dev/null +++ b/.github/ISSUE_TEMPLATE/feature-request.yml @@ -0,0 +1,36 @@ +name: 🚀🆕 Feature Request +description: Suggest an idea or possible new feature for this project +title: "[Feature Request] <title>" +labels: [feature, needs-triage] +body: +- type: checkboxes + attributes: + label: Is there an existing issue for this? + description: Please search to see if an issue already exists for the bug you encountered. + options: + - label: I have searched the existing issues + required: true +- type: textarea + attributes: + label: Is your feature request related to a problem? Please describe + description: A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] + validations: + required: true +- type: textarea + attributes: + label: Describe the feature you'd like to see implemented + description: A clear and concise description of what you want to happen + validations: + required: true +- type: textarea + attributes: + label: Describe alternatives you've considered + description: A clear and concise description of any alternative solutions or features you've considered + validations: + required: false +- type: textarea + attributes: + label: Additional context + description: Add any other context or additional information about the problem here + validations: + required: false diff --git a/.github/ISSUE_TEMPLATE/question-support.yml b/.github/ISSUE_TEMPLATE/question-support.yml new file mode 100644 index 0000000..c37ec1d --- /dev/null +++ b/.github/ISSUE_TEMPLATE/question-support.yml @@ -0,0 +1,18 @@ +name: ❓ Question or Support Request +description: Questions and requests for support +title: "[Question/Support] <title>" +labels: [question, support, needs-triage] +body: +- type: checkboxes + attributes: + label: Is there an existing issue for this? + description: Please search to see if an issue already exists for the bug you encountered. + options: + - label: I have searched the existing issues + required: true +- type: textarea + attributes: + label: Describe your question or ask for support + description: A concise description of what you would like support with + validations: + required: true diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md new file mode 100644 index 0000000..d2bc47b --- /dev/null +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -0,0 +1,17 @@ +Checklist: + +* [ ] I have updated the necessary documentation +* [ ] I have signed off all my commits as required by [DCO](https://github.com/procore-oss/rspec_profiling/blob/main/CONTRIBUTING.md) +* [ ] My build is green + +<!-- +Note on DCO: + +If the DCO check fails, one or more of your commits are not signed off. Please click on the *Details* link next to the DCO action for instructions on how to resolve this. + +TL;DR - You need to sign off your commits with `git commit -s` or `git commit --signoff` to indicate that you agree to the terms of the DCO. + +Note on Versioning: + +Maintainers will bump the version and do a release when they are ready to release (possibly multiple merged PRs). Please do not bump the version in your PRs. +--> diff --git a/.github/dependabot.yaml b/.github/dependabot.yaml new file mode 100644 index 0000000..ad23c0b --- /dev/null +++ b/.github/dependabot.yaml @@ -0,0 +1,20 @@ +version: 2 +updates: + - package-ecosystem: "github-actions" + directory: / + schedule: + interval: "weekly" + timezone: "America/Los_Angeles" + labels: + - "dependabot" + - "dependencies" + - "github-actions" + - package-ecosystem: "npm" # See documentation for possible values + directory: / + schedule: + interval: "weekly" + timezone: "America/Los_Angeles" + labels: + - "dependabot" + - "dependencies" + - "npm" diff --git a/.github/dependabot.yml b/.github/dependabot.yml deleted file mode 100644 index 3a3cce5..0000000 --- a/.github/dependabot.yml +++ /dev/null @@ -1,11 +0,0 @@ -# To get started with Dependabot version updates, you'll need to specify which -# package ecosystems to update and where the package manifests are located. -# Please see the documentation for all configuration options: -# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates - -version: 2 -updates: - - package-ecosystem: "npm" # See documentation for possible values - directory: "/" # Location of package manifests - schedule: - interval: "weekly" diff --git a/.github/workflows/auto-assign-author.yaml b/.github/workflows/auto-assign-author.yaml new file mode 100644 index 0000000..d032f48 --- /dev/null +++ b/.github/workflows/auto-assign-author.yaml @@ -0,0 +1,13 @@ +name: 'Auto Author Assign' +on: + pull_request_target: + types: [opened, reopened] +permissions: + contents: read +jobs: + assign-author: + runs-on: ubuntu-latest + steps: + - uses: toshimaru/auto-author-assign@v2.1.0 + with: + repo-token: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml new file mode 100644 index 0000000..2c6b9ef --- /dev/null +++ b/.github/workflows/codeql.yaml @@ -0,0 +1,35 @@ +name: "Custom CodeQL" +on: + workflow_dispatch: + push: + branches: [ "main" ] + pull_request: + branches: [ "main" ] +permissions: + contents: read +jobs: + analyze: + name: Analyze + runs-on: Ubuntu-latest + timeout-minutes: ${{ (matrix.language == 'swift' && 120) || 360 }} + permissions: + actions: read + contents: read + security-events: write + strategy: + fail-fast: false + matrix: + language: [ 'ruby' ] + steps: + - name: Checkout repository + uses: actions/checkout@v4 + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + with: + languages: ${{ matrix.language }} + - name: Autobuild + uses: github/codeql-action/autobuild@v3 + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v3 + with: + category: "/language:${{matrix.language}}" diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml new file mode 100644 index 0000000..0b642b3 --- /dev/null +++ b/.github/workflows/release.yaml @@ -0,0 +1,42 @@ +name: Release +on: + workflow_run: + workflows: [Test] + types: [completed] + branches: [main] + workflow_dispatch: # allow manual deployment through GitHub Action UI +permissions: + contents: read +jobs: + release: + permissions: + contents: write + runs-on: ubuntu-latest + if: ${{ github.event_name == 'workflow_dispatch' || github.event.workflow_run.conclusion == 'success' }} + env: + NODE_VERSION: 20 + steps: + - uses: actions/checkout@v4 + - name: Check if version has been updated + id: check + uses: EndBug/version-check@v2 + - name: Log when changed + if: steps.check.outputs.changed == 'true' + run: 'echo "Version change found in commit ${{ steps.check.outputs.commit }}! New version: ${{ steps.check.outputs.version }} (${{ steps.check.outputs.type }})"' + - name: Set up node + if: ${{ github.event_name == 'workflow_dispatch' || steps.check.outputs.changed == 'true' }} + uses: actions/setup-node@v4 + with: + node-version: ${{ env.NODE_VERSION }} + registry-url: 'https://registry.npmjs.org' + - name: Compile source + if: ${{ github.event_name == 'workflow_dispatch' || steps.check.outputs.changed == 'true' }} + run: yarn run compile + - name: Publish package + if: ${{ github.event_name == 'workflow_dispatch' || steps.check.outputs.changed == 'true' }} + run: npm publish + env: + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + - name: Tag the release + if: ${{ github.event_name == 'workflow_dispatch' || steps.check.outputs.changed == 'true' }} + run: git tag -a v${{ steps.check.outputs.version }} -m "v${{ steps.check.outputs.version }}" diff --git a/.github/workflows/stale.yaml b/.github/workflows/stale.yaml new file mode 100644 index 0000000..79f8f0f --- /dev/null +++ b/.github/workflows/stale.yaml @@ -0,0 +1,36 @@ +## Reference: https://github.com/actions/stale +name: Mark stale issues and pull requests +on: + schedule: + - cron: "30 1 * * *" +permissions: + contents: read +jobs: + stale: + permissions: + issues: write # for actions/stale to close stale issues + pull-requests: write # for actions/stale to close stale PRs + runs-on: ubuntu-latest + steps: + - uses: actions/stale@v9 + with: + repo-token: ${{ secrets.GITHUB_TOKEN }} + # Number of days of inactivity before an issue becomes stale + days-before-stale: 60 + # Number of days of inactivity before a stale issue is closed + days-before-close: 7 + # Issues with these labels will never be considered stale + exempt-issue-labels: "on-hold,pinned,security" + exempt-pr-labels: "on-hold,pinned,security" + # Comment to post when marking an issue as stale. + stale-issue-message: > + This issue has been automatically marked as stale because it has not had + recent activity. It will be closed if no further activity occurs. Thank you + for your contributions. + stale-pr-message: > + This pull request has been automatically marked as stale because it has not had + recent activity. It will be closed if no further activity occurs. Thank you + for your contributions. + # Label to use when marking an issue as stale + stale-issue-label: 'no-issue-activity' + stale-pr-label: 'no-pr-activity' diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml new file mode 100644 index 0000000..3290d48 --- /dev/null +++ b/.github/workflows/test.yaml @@ -0,0 +1,27 @@ +name: Test +on: + push: + branches: [main] + pull_request: + branches: [main] +permissions: + contents: read +jobs: + test: + strategy: + matrix: + node: ['18', '20', '21'] + name: Ruby ${{ matrix.node }} + # https://docs.github.com/en/actions/learn-github-actions/expressions#example + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Set up node ${{ matrix.node }} + - uses: actions/setup-node@v4 + with: + node-version: ${{ matrix.node}} + cache: 'yarn' + - name: Install dependencies + run: yarn install + - name: Run tests with coverage + run: yarn test:coverage diff --git a/.gitignore b/.gitignore index 3a7a53c..9a0a125 100644 --- a/.gitignore +++ b/.gitignore @@ -1,11 +1,12 @@ -node_modules -coverage -dist -types -*-debug.log -*-error.log -*DS_Store +.env .idea .npmrc .nyc_output +*DS_Store +*-debug.log +*-error.log +coverage +dist lib/version.json +node_modules +types diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md index f577449..c786297 100644 --- a/CODE_OF_CONDUCT.md +++ b/CODE_OF_CONDUCT.md @@ -1,49 +1,130 @@ -# Contributor Code of Conduct +# Code of Conduct -As contributors and maintainers of this project, and in the interest of -fostering an open and welcoming community, we pledge to respect all people who -contribute through reporting issues, posting feature requests, updating -documentation, submitting pull requests or patches, and other activities. +## Our Pledge -We are committed to making participation in this project a harassment-free -experience for everyone, regardless of level of experience, gender, gender -identity and expression, sexual orientation, disability, personal appearance, -body size, race, ethnicity, age, religion, or nationality. +We as members, contributors, and leaders pledge to make participation in our +community a harassment-free experience for everyone, regardless of age, body +size, visible or invisible disability, ethnicity, sex characteristics, gender +identity and expression, level of experience, education, socio-economic status, +nationality, personal appearance, race, religion, or sexual identity +and orientation. -Examples of unacceptable behavior by participants include: +We pledge to act and interact in ways that contribute to an open, welcoming, +diverse, inclusive, and healthy community. -* The use of sexualized language or imagery -* Personal attacks -* Trolling or insulting/derogatory comments +## Our Standards + +Examples of behavior that contributes to a positive environment for our +community include: + +* Demonstrating empathy and kindness toward other people +* Being respectful of differing opinions, viewpoints, and experiences +* Giving and gracefully accepting constructive feedback +* Accepting responsibility and apologizing to those affected by our mistakes, + and learning from the experience +* Focusing on what is best not just for us as individuals, but for the + overall community + +Examples of unacceptable behavior include: + +* The use of sexualized language or imagery, and sexual attention or + advances of any kind +* Trolling, insulting or derogatory comments, and personal or political attacks * Public or private harassment -* Publishing other's private information, such as physical or electronic - addresses, without explicit permission - * Other unethical or unprofessional conduct - - Project maintainers have the right and responsibility to remove, edit, or - reject comments, commits, code, wiki edits, issues, and other contributions - that are not aligned to this Code of Conduct, or to ban temporarily or - permanently any contributor for other behaviors that they deem inappropriate, - threatening, offensive, or harmful. - - By adopting this Code of Conduct, project maintainers commit themselves to - fairly and consistently applying these principles to every aspect of managing - this project. Project maintainers who do not follow or enforce the Code of - Conduct may be permanently removed from the project team. - - This code of conduct applies both within project spaces and in public spaces - when an individual is representing the project or its community. - - Instances of abusive, harassing, or otherwise unacceptable behavior may be - reported by contacting a project maintainer at opensource@procore.com All - complaints will be reviewed and investigated and will result in a response that - is deemed necessary and appropriate to the circumstances. Maintainers are - obligated to maintain confidentiality with regard to the reporter of an - incident. - - This Code of Conduct is adapted from the [Contributor Covenant][homepage], - version 1.3.0, available at - [http://contributor-covenant.org/version/1/3/0/][version] - - [homepage]: http://contributor-covenant.org - [version]: http://contributor-covenant.org/version/1/3/0/ +* Publishing others' private information, such as a physical or email + address, without their explicit permission +* Spam or other deceptive practices that take advantage of the community +* Other conduct which could reasonably be considered inappropriate in a + professional setting + +## Enforcement Responsibilities + +Community leaders are responsible for clarifying and enforcing our standards of +acceptable behavior and will take appropriate and fair corrective action in +response to any behavior that they deem inappropriate, threatening, offensive, +or harmful. + +Community leaders have the right and responsibility to remove, edit, or reject +comments, commits, code, wiki edits, issues, and other contributions that are +not aligned to this Code of Conduct, and will communicate reasons for moderation +decisions when appropriate. + +## Scope + +This Code of Conduct applies within all community spaces, and also applies when +an individual is officially representing the community in public spaces. +Examples of representing our community include using an official e-mail address, +posting via an official social media account, or acting as an appointed +representative at an online or offline event. + +## Enforcement + +Instances of abusive, harassing, or otherwise unacceptable behavior may be +reported to the community leaders responsible for enforcement at +<opensource@procore.com>. +All complaints will be reviewed and investigated promptly and fairly by +the Procore Open Source Program Office (OSPO) + +All community leaders are obligated to respect the privacy and security of the +reporter of any incident. + +## Enforcement Guidelines + +Community leaders will follow these Community Impact Guidelines in determining +the consequences for any action they deem in violation of this Code of Conduct: + +### 1. Correction + +**Community Impact**: Use of inappropriate language or other behavior deemed +unprofessional or unwelcome in the community. + +**Consequence**: A private, written warning from community leaders, providing +clarity around the nature of the violation and an explanation of why the +behavior was inappropriate. A public apology may be requested. + +### 2. Warning + +**Community Impact**: A violation through a single incident or series +of actions. + +**Consequence**: A warning with consequences for continued behavior. No +interaction with the people involved, including unsolicited interaction with +those enforcing the Code of Conduct, for a specified period of time. This +includes avoiding interactions in community spaces as well as external channels +like social media. Violating these terms may lead to a temporary or +permanent ban. + +### 3. Temporary Ban + +**Community Impact**: A serious violation of community standards, including +sustained inappropriate behavior. + +**Consequence**: A temporary ban from any sort of interaction or public +communication with the community for a specified period of time. No public or +private interaction with the people involved, including unsolicited interaction +with those enforcing the Code of Conduct, is allowed during this period. +Violating these terms may lead to a permanent ban. + +### 4. Permanent Ban + +**Community Impact**: Demonstrating a pattern of violation of community +standards, including sustained inappropriate behavior, harassment of an +individual, or aggression toward or disparagement of classes of individuals. + +**Consequence**: A permanent ban from any sort of public interaction within +the community. + +## Attribution + +This Code of Conduct is adapted from the [Contributor Covenant][homepage], +version 2.0, available at +<https://www.contributor-covenant.org/version/2/0/code_of_conduct.html>. + +Community Impact Guidelines were inspired by [Mozilla's code of conduct +enforcement ladder](https://github.com/mozilla/diversity). + +[homepage]: https://www.contributor-covenant.org + +For answers to common questions about this code of conduct, see the FAQ at +<https://www.contributor-covenant.org/faq>. Translations are available at +<https://www.contributor-covenant.org/translations>. diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 0000000..d5b8ff2 --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,37 @@ +# Contributing to Procore Projects + +This document explains the common procedures expected by contributors while submitting code to Procore open source projects. + +## Code of Conduct + +Please read and abide by the [Code of Conduct](CODE_OF_CONDUCT.md) + +## General workflow + +Once a GitHub issue is accepted and assigned to you, please follow general workflow in order to submit your contribution: + +1. Fork the target repository under your GitHub username. +2. Create a branch in your forked repository for the changes you are about to make. +3. Commit your changes in the branch you created in step 2. All commits need to be signed-off. Check the [legal](#legal) section bellow for more details. +4. Push your commits to your remote fork. +5. Create a Pull Request from your remote fork pointing to the HEAD branch (usually `main` branch) of the target repository. +6. Check the GitHub build and ensure that all checks are green. + +## Legal + +Procore projects use Developer Certificate of Origin ([DCO](https://GitHub.com/apps/dco/)). + +Please sign-off your contributions by doing ONE of the following: + +* Use `git commit -s ...` with each commit to add the sign-off or +* Manually add a `Signed-off-by: Your Name <your.email@example.com>` to each commit message. + +The email address must match your primary GitHub email. You do NOT need cryptographic (e.g. gpg) signing. + +* Use `git commit -s --amend ...` to add a sign-off to the latest commit, if you forgot. + +*Note*: Some projects will provide specific configuration to ensure all commits are signed-off. Please check the project's documentation for more details. + +## Tests + +Make sure your changes are properly covered by automated tests. We aim to build an efficient test suite that is low cost to maintain and bring value to project. Prefer writing unit-tests over heavy end-to-end (e2e) tests. However, sometimes e2e tests are necessary. If you aren't sure, ask one of the maintainers about the requirements for your pull-request. diff --git a/LICENSE.txt b/LICENSE.md similarity index 100% rename from LICENSE.txt rename to LICENSE.md diff --git a/README.md b/README.md index 0d4e172..471b3b3 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,8 @@ # Procore JS SDK -[![CircleCI](https://circleci.com/gh/procore/js-sdk.svg?style=svg&circle-token=b24f4748ba5d14817088d02a0e14d376e1461c60)](https://circleci.com/gh/procore/js-sdk) +[![test](https://github.com/procore-oss/js-sdk/actions/workflows/test.yaml/badge.svg?branch=main)](https://github.com/procore-oss/js-sdk/actions/workflows/test.yaml) +[![npm version](https://badge.fury.io/js/@procore%2Fjs-sdk.svg)](https://badge.fury.io/js/@procore%2Fjs-sdk) +[![discord](https://img.shields.io/badge/Chat-EDEDED?logo=discord)](https://discord.gg/PbntEMmWws) A node.js JS SDK for the Procore API. diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000..1632e6a --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,17 @@ +# Security Policy + +## Supported Versions + +Node versions that are currently being supported with security updates. + +| Version | Supported | +| ------- | ------------------ | +| 18 | :white_check_mark: | +| 20 | :white_check_mark: | +| 21 | :white_check_mark: | + +## Reporting a Vulnerability + +Please click the `Report a vulnerability` button [here](https://github.com/procore-oss/js-sdk/security) to report a vulnerability. + +A maintainer will respond to you as soon as possible and discuss the process to get the vulnerability fixed.