Merge branch 'master' of https://github.com/semantic-release/github i…

…nto feat/gql-for-search-api
semantic-release · Sep 2, 2024 · ebfbaf0 · ebfbaf0
2 parents b03fcd8 + e097d1c
commit ebfbaf0
Show file tree

Hide file tree

Showing 10 changed files with 2,245 additions and 201 deletions.
diff --git a/README.md b/README.md
diff --git a/lib/definitions/errors.js b/lib/definitions/errors.js
@@ -178,12 +178,24 @@ If you are using [GitHub Enterprise](https://enterprise.github.com) please make
 
 export function EGHNOPERMISSION({ owner, repo }) {
   return {
-    message: `The GitHub token doesn't allow to push on the repository ${owner}/${repo}.`,
+    message: `The GitHub token doesn't allow to push to and maintain the repository ${owner}/${repo}.`,
     details: `The user associated with the [GitHub token](${linkify(
       "README.md#github-authentication",
-    )}) configured in the \`GH_TOKEN\` or \`GITHUB_TOKEN\` environment variable must allows to push to the repository ${owner}/${repo}.
+    )}) configured in the \`GH_TOKEN\` or \`GITHUB_TOKEN\` environment variable must have permission to push to and maintain the repository ${owner}/${repo}.
 
-Please make sure the GitHub user associated with the token is an [owner](https://help.github.com/articles/permission-levels-for-a-user-account-repository/#owner-access-on-a-repository-owned-by-a-user-account) or a [collaborator](https://help.github.com/articles/permission-levels-for-a-user-account-repository/#collaborator-access-on-a-repository-owned-by-a-user-account) if the repository belong to a user account or has [write permissions](https://help.github.com/articles/managing-team-access-to-an-organization-repository) if the repository [belongs to an organization](https://help.github.com/articles/repository-permission-levels-for-an-organization).`,
+Please make sure the GitHub user associated with the token is an [owner](https://help.github.com/articles/permission-levels-for-a-user-account-repository/#owner-access-on-a-repository-owned-by-a-user-account) or a [collaborator](https://help.github.com/articles/permission-levels-for-a-user-account-repository/#collaborator-access-on-a-repository-owned-by-a-user-account) if the repository belongs to a user account or has [write permissions](https://help.github.com/articles/managing-team-access-to-an-organization-repository) if the repository [belongs to an organization](https://help.github.com/articles/repository-permission-levels-for-an-organization).`,
+  };
+}
+
+export function EGHNOSCOPE({ scopes }) {
+  return {
+    message: `The GitHub token doesn't have the necessary OAuth scopes to write contents, issues, and pull requests.`,
+    details: `The [GitHub token](${linkify(
+      "README.md#github-authentication",
+    )}) configured in the \`GH_TOKEN\` or \`GITHUB_TOKEN\` environment variable must have the correct scopes.
+${scopes ? `\nThe token you used has scopes: ${scopes.join(", ")}\n` : ""}
+For classic PATs, make sure the token has the \`repo\` scope if the repository is private, or \`public_repo\` scope otherwise.
+For fine-grained PATs, make sure the token has the \`content: write\`, \`issues: write\`, and \`pull_requests: write\` scopes on the repository.`,
   };
 }
 

diff --git a/lib/fail.js b/lib/fail.js
@@ -23,14 +23,21 @@ export default async function fail(pluginConfig, context, { Octokit }) {
     githubApiPathPrefix,
     githubApiUrl,
     proxy,
-    failComment,
     failTitle,
+    failComment,
+    failCommentCondition,
     labels,
     assignees,
   } = resolveConfig(pluginConfig, context);
 
   if (failComment === false || failTitle === false) {
     logger.log("Skip issue creation.");
+    // TODO: use logger.warn() instead of logger.log()
+    logger.log(
+      `DEPRECATION: 'false' for 'failComment' or 'failTitle' is deprecated and will be removed in a future major version. Use 'failCommentCondition' instead.`,
+    );
+  } else if (failCommentCondition === false) {
+    logger.log("Skip issue creation.");
   } else {
     const octokit = new Octokit(
       toOctokitOptions({
@@ -59,6 +66,15 @@ export default async function fail(pluginConfig, context, { Octokit }) {
       repo,
     );
 
+    const canCommentOnOrCreateIssue = failCommentCondition
+      ? template(failCommentCondition)({ ...context, issue: srIssue })
+      : true;
+
+    if (!canCommentOnOrCreateIssue) {
+      logger.log("Skip commenting on or creating an issue.");
+      return;
+    }
+
     if (srIssue) {
       logger.log("Found existing semantic-release issue #%d.", srIssue.number);
       const comment = { owner, repo, issue_number: srIssue.number, body };

diff --git a/lib/resolve-config.js b/lib/resolve-config.js
@@ -8,8 +8,10 @@ export default function resolveConfig(
     proxy,
     assets,
     successComment,
+    successCommentCondition,
     failTitle,
     failComment,
+    failCommentCondition,
     labels,
     assignees,
     releasedLabels,
@@ -30,10 +32,12 @@ export default function resolveConfig(
     proxy: isNil(proxy) ? env.http_proxy || env.HTTP_PROXY || false : proxy,
     assets: assets ? castArray(assets) : assets,
     successComment,
+    successCommentCondition,
     failTitle: isNil(failTitle)
       ? "The automated release is failing 🚨"
       : failTitle,
     failComment,
+    failCommentCondition,
     // ATTN??? We opinionated :(???
     labels: isNil(labels)
       ? ["semantic-release"]