v7.0.0 - use unicode-symbols and non-unicode-symbols packages

.github/dependabot.yml

@@ -1,7 +1,17 @@
 version: 2
 updates:
+  - package-ecosystem: github-actions
+    directory: /
+    schedule:
+      interval: weekly
+      day: sunday
+      time: '00:00'
+      timezone: Australia/Perth
   - package-ecosystem: npm
     directory: /
     schedule:
       interval: weekly
       day: sunday
+      time: '00:00'
+      timezone: Australia/Perth
+    open-pull-requests-limit: 0

.github/funding.yml

@@ -3,4 +3,5 @@ patreon: bevry
 open_collective: bevry
 ko_fi: balupton
 liberapay: bevry
+tidelift: npm/@bevry/figures
 custom: ['https://bevry.me/fund']

.github/workflows/bevry.yml

@@ -8,56 +8,54 @@ jobs:
       matrix:
         os:
           - ubuntu-latest
-          - macos-latest
-          - windows-latest
         node:
-          - '0.8'
-          - '0.10'
-          - '0.12'
-          - '4'
-          - '6'
-          - '8'
-          - '10'
-          - '12'
-          - '14'
           - '16'
           - '18'
           - '20'
           - '21'
     runs-on: ${{ matrix.os }}
-    continue-on-error: >-
-      ${{ contains('0.8 0.10 0.12 4 6', matrix.node) || contains('macos-latest
-      windows-latest', matrix.os) }}
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
       - name: Install desired Node.js version
-        uses: actions/setup-node@v2
+        uses: actions/setup-node@v4
         with:
           node-version: '20'
+      - name: Verify Node.js Versions
+        run: >-
+          printf '%s' 'node: ' && node --version && printf '%s' 'npm: ' && npm
+          --version && node -e 'console.log(process.versions)'
       - run: npm run our:setup
       - run: npm run our:compile
       - run: npm run our:verify
       - name: Install targeted Node.js
         if: ${{ matrix.node != 20 }}
-        uses: actions/setup-node@v2
+        uses: actions/setup-node@v4
         with:
           node-version: ${{ matrix.node }}
+      - name: Verify Node.js Versions
+        run: >-
+          printf '%s' 'node: ' && node --version && printf '%s' 'npm: ' && npm
+          --version && node -e 'console.log(process.versions)'
       - run: npm test
   publish:
     if: ${{ github.event_name == 'push' }}
     needs: test
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
       - name: Install desired Node.js version
-        uses: actions/setup-node@v2
+        uses: actions/setup-node@v4
         with:
           node-version: '20'
+      - name: Verify Node.js Versions
+        run: >-
+          printf '%s' 'node: ' && node --version && printf '%s' 'npm: ' && npm
+          --version && node -e 'console.log(process.versions)'
       - run: npm run our:setup
       - run: npm run our:compile
       - run: npm run our:meta
       - name: publish to npm
-        uses: bevry-actions/npm@v1.1.0
+        uses: bevry-actions/npm@v1.1.2
         with:
           npmAuthToken: ${{ secrets.NPM_AUTH_TOKEN }}
           npmBranchTag: ':next'
@@ -66,3 +64,15 @@ jobs:
         with:
           surgeLogin: ${{ secrets.SURGE_LOGIN }}
           surgeToken: ${{ secrets.SURGE_TOKEN }}
+  automerge:
+    permissions:
+      contents: write
+      pull-requests: write
+    runs-on: ubuntu-latest
+    if: github.actor == 'dependabot[bot]'
+    steps:
+      - name: Enable auto-merge for Dependabot PRs
+        run: gh pr merge --auto --merge "$PR_URL"
+        env:
+          PR_URL: ${{github.event.pull_request.html_url}}
+          GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}

.prettierignore

@@ -1,4 +1,4 @@
-# 2023 March 24
+# 2023 November 13
 # https://github.com/bevry/base
 
 # VCS Files
@@ -31,6 +31,8 @@ bower_components/
 node_modules/
 
 # Build Outputs
+**/*.cjs
+**/*.mjs
 **/out.*
 **/*.out.*
 **/out/

HISTORY.md

@@ -1,5 +1,13 @@
 # History
 
+## v7.0.0 2023 November 20
+
+-   Use [`unicode-symbols` package](https://github.com/bevry/unicode-symbols)
+-   Use [`non-unicode-symbols` package](https://github.com/bevry/non-unicode-symbols)
+-   Drop `replaceSymbols` export
+-   Documentation for exports
+-   Updated dependencies, [base files](https://github.com/bevry/base), and [editions](https://editions.bevry.me) using [boundation](https://github.com/bevry/boundation)
+
 ## v6.1.0 2023 November 1
 
 -   Forked to implement Bevry's best practices and maintain widespread compatibility.

SECURITY.md

@@ -0,0 +1,21 @@
+# Security Policy
+
+## Security Practices
+
+This project meets standardized secure software development practices, including 2FA for all members, password managers with monitoring, secure secret retrieval instead of storage. [Learn about our practices.](https://tidelift.com/funding/github/npm/@bevry/figures)
+
+## Supported Versions
+
+This project uses [Bevry's automated tooling](https://github.com/bevry/boundation) to deliver the latest updates, fixes, and improvements inside the latest release while still maintaining widespread ecosystem compatibility.
+
+[Refer to supported ecosystem versions: `Editions` section in `README.md`](https://github.com/bevry/figures/blob/main/README.md#Editions)
+
+[Refer to automated support of ecosystem versions: `boundation` entries in `HISTORY.md`](https://github.com/bevry/figures/blob/main/HISTORY.md)
+
+Besides testing and verification, out CI also [auto-merges](https://docs.github.com/en/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions) [Dependabot security updates](https://docs.github.com/en/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates) and [auto-publishes](https://github.com/bevry-actions/npm) successful builds of the [`main` branch](https://github.com/bevry/wait/actions?query=branch%3Amain) to the [`next` version tag](https://www.npmjs.com/package/@bevry/figures?activeTab=versions), offering immediate resolutions before scheduled maintenance releases.
+
+## Reporting a Vulnerability
+
+[Report the vulnerability to the project owners.](https://github.com/bevry/figures/security/advisories)
+
+[Report the vulnerability to Tidelift.](https://tidelift.com/security)