nsquared-team · gnarza · Mar 14, 2024 · May 17, 2023 · May 23, 2023 · May 24, 2023
@@ -0,0 +1,8 @@
+module.exports = {
+  parserOptions: {
+    parser: "@babel/eslint-parser",
+    requireConfigFile: false,
+    ecmaVersion: "latest",
+  },
+  extends: ["plugin:prettier/recommended"],
+};
@@ -0,0 +1,100 @@
+name: Draw Attention CI workflow
+
+on:
+  pull_request:
+
+concurrency:
+  group: da-ci-${{ github.head_ref || github.ref_name }}
+  cancel-in-progress: true
+
+env:
+  EVENT: ${{ toJSON(github.event) }}
+
+jobs:
+  # =====================================================================================#
+  # Run code through PHPCodeSniffer to conform to standards =============================#
+  # =====================================================================================#
+  # The installed coding standards are Zend, PEAR, PSR2, Squiz, PSR12, MySource, PSR1, PHPCompatibility, PHPCompatibilityParagonieRandomCompat, PHPCompatibilityParagonieSodiumCompat, PHPCompatibilityWP, WordPress, WordPress-Extra, WordPress-Core and WordPress-Docs
+  static-code-analysis:
+    name: Static Code Analysis
+    if: ${{ github.event_name == 'pull_request' }}
+    runs-on: ubuntu-latest
+    env:
+      phpcs_config_flags: --standard=WordPress --ignore=vendor,node_modules,*min.* --extensions=php --runtime-set testVersion 7.2
+    steps:
+      - name: Install PHP
+        uses: shivammathur/setup-php@v2
+        with:
+          php-version: 7.2
+          coverage: none
+
+      - uses: actions/checkout@v3
+        with:
+          ref: ${{ github.event.pull_request.head.ref }}
+
+      - name: Set git user information
+        run: |
+          git config --global user.email "otto@nsquared.io"
+          git config --global user.name "otto-bot-git"
+
+      - name: Prepare environment
+        run: |
+          composer init --name nsquared-team/draw-attention --no-interaction
+          composer config allow-plugins.dealerdirect/phpcodesniffer-composer-installer true
+          composer require --with-all-dependencies --dev dealerdirect/phpcodesniffer-composer-installer:"*" phpcompatibility/phpcompatibility-wp:"*"
+          composer require --with-all-dependencies --dev wp-coding-standards/wpcs
+          vendor/bin/phpcs --version
+          vendor/bin/phpcs -i
+          vendor/bin/phpcs --config-set colors 1
+
+      - name: Install dependencies
+        run: | 
+          npm install
+          npm install -g prettier
+          npm install -g eslint
+
+      # =================================================================================================#
+      # Run code through PHPCodeSniffer to conform to standards ========================================#
+      # =================================================================================================#
+
+      - name: Fix code with PHP Code Sniffer
+        if: always()
+        continue-on-error: true
+        run: |
+          vendor/bin/phpcbf -p "." ${{ env.phpcs_config_flags }}
+
+      - name: Check any remaining errors with PHP Code Sniffer
+        if: always()
+        continue-on-error: true
+        run: |
+          vendor/bin/phpcs -p "." ${{ env.phpcs_config_flags }}
+
+        # =================================================================================================#
+        # Run code through Prettier and ESLint to conform to standards ====================================#
+        # =================================================================================================#
+
+      - name: Format JS files
+        run: prettier --write "**/*.js"
+
+      # No Vue files in this project at the moment
+      # - name: Format Vue files
+      #   run: prettier --write "**/*.vue"
+
+      - name: Lint JS files
+        run: eslint --fix "**/*.js" --ignore-pattern "**/vendor/**/*" --ignore-pattern "**/node_modules/**/*" --ignore-pattern "**/*min.*"
+
+      # No Vue files in this project at the moment
+      # - name: Lint Vue files
+      #   run: eslint --fix "**/*.vue" --ignore-pattern "**/vendor/**/*" --ignore-pattern "**/node_modules/**/*"
+
+      - name: Revert unwanted composer changes
+        run: |
+          git checkout composer.json
+          git checkout composer.lock
+
+      # The push below will not trigger a new workflow because it uses the default GITHUB_TOKEN
+      - name: Commit and push changes
+        run: |
+          # just a guard, we also should keep on excluding the minified files
+          git restore "*min.*"
+          `git add -A && git commit -m "Automated code formatting on branch done." > /dev/null  && git push` || true
@@ -8,10 +8,7 @@
 
 name: DA deploy to WordPress.org
 
-# keeping the trigger at released gives us the chance to skip deploying any releases we don't like or whatever
 on:
-  release:
-    types: [released]
   workflow_dispatch:
     inputs:
       tag_name:
@@ -99,20 +96,43 @@ jobs:
           ASSETS_DIR: assets/repo/
           BUILD_DIR: release/draw-attention
           SLUG: draw-attention
-
+          VERSION: ${{ steps.set_tag_name.outputs.tag_name }}
 
       - name: "Send Deploymnt Notification to Slack"
         if: steps.deploy.outcome == 'success'
         uses: slackapi/slack-github-action@v1.23.0
         env:
-          JSON: "{\"text\":\"\\n:large_green_circle: Draw Attention ${{ github.event.release.tag_name }}\\nSuccessfully deployed to <https://wordpress.org/plugins/draw-attention|WordPress.org>\\n\",\"blocks\":[{\"type\":\"divider\"},{\"type\":\"header\",\"text\":{\"type\":\"plain_text\",\"text\":\"\\n:large_green_circle: Draw Attention ${{ github.event.release.tag_name }}\\n\"}},{\"type\":\"section\",\"text\":{\"type\":\"mrkdwn\",\"text\":\"Successfully deployed to <https://wordpress.org/plugins/draw-attention|WordPress.org>\\n\"}}]}"
+          JSON: "{\"text\":\"\\n:large_green_circle: Draw Attention ${{ steps.set_tag_name.outputs.tag_name }}\\nSuccessfully deployed to <https://wordpress.org/plugins/draw-attention|WordPress.org>\\n\",\"blocks\":[{\"type\":\"divider\"},{\"type\":\"header\",\"text\":{\"type\":\"plain_text\",\"text\":\"\\n:large_green_circle: Draw Attention ${{ steps.set_tag_name.outputs.tag_name }}\\n\"}},{\"type\":\"section\",\"text\":{\"type\":\"mrkdwn\",\"text\":\"Successfully deployed to <https://wordpress.org/plugins/draw-attention|WordPress.org>\\n\"}}]}"
         with:
           payload: ${{ env.JSON }}
-
+
+      - name: "Get release ID"
+        id: release-data
+        run: |
+          response=$(curl -s https://api.github.com/graphql -X POST -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" -d '{ "query": "query { repository(owner: \"nsquared-team\", name: \"draw-attention\") { release(tagName: \"${{ steps.set_tag_name.outputs.tag_name }}\") { databaseId createdAt } } }" }')
+          databaseId=$(echo "$response" | jq -r '.data.repository.release.databaseId')
+          if [[ -z "$databaseId" ]]; then
+            echo "Error: databaseId is empty"
+            exit 1
+          fi
+          echo "release-id=$databaseId" >> $GITHUB_OUTPUT
+
+
+      - name: "Update release to be latest"
+        if: steps.deploy.outcome == 'success'
+        run: |
+          curl -L \
+              -X PATCH \
+              -H "Accept: application/vnd.github+json" \
+              -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}"\
+              -H "X-GitHub-Api-Version: 2022-11-28" \
+              https://api.github.com/repos/$GITHUB_REPOSITORY/releases/${{ steps.release-data.outputs.release-id }} \
+              -d '{"make_latest":true}'
+
       - name: "Send WP Deployment Failure Warning to Slack"
         if: steps.deploy.outcome != 'success'
         uses: slackapi/slack-github-action@v1.23.0
         env:
-          JSON: "{\"text\":\"\\n:red_circle: Draw Attention ${{ github.event.release.tag_name }}\\nFailed to deploy.\\n\\nKindly check if the official version is affected and attempt a fix / another release. <https://wordpress.org/plugins/draw-attention|WordPress.org>\\n\",\"blocks\":[{\"type\":\"divider\"},{\"type\":\"header\",\"text\":{\"type\":\"plain_text\",\"text\":\"\\n:red_circle: Draw Attention ${{ github.event.release.tag_name }}\\n\"}},{\"type\":\"section\",\"text\":{\"type\":\"mrkdwn\",\"text\":\"Failed to deploy.\\n\\nKindly check if the official version is affected and attempt a fix / another release. <https://wordpress.org/plugins/draw-attention|WordPress.org>\\n\"}}]}"
+          JSON: "{\"text\":\"\\n:red_circle: Draw Attention ${{ steps.set_tag_name.outputs.tag_name }}\\nFailed to deploy.\\n\\nKindly check if the official version is affected and attempt a fix / another release. <https://wordpress.org/plugins/draw-attention|WordPress.org>\\n\",\"blocks\":[{\"type\":\"divider\"},{\"type\":\"header\",\"text\":{\"type\":\"plain_text\",\"text\":\"\\n:red_circle: Draw Attention ${{ steps.set_tag_name.outputs.tag_name }}\\n\"}},{\"type\":\"section\",\"text\":{\"type\":\"mrkdwn\",\"text\":\"Failed to deploy.\\n\\nKindly check if the official version is affected and attempt a fix / another release. <https://wordpress.org/plugins/draw-attention|WordPress.org>\\n\"}}]}"
         with:
           payload: ${{ env.JSON }}
@@ -17,19 +17,25 @@ env:
   SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
 
 on:
+  schedule:
+    # release every Tuesday at 5pm UTC, LA time 9am
+    - cron: '0 17 * * 2'
   workflow_dispatch:
     inputs:
       version_type:
         description: "Version type (major, minor, patch or leave empty to release current master branch)"
         required: false
         default: ""
-
+      deploy:
+          description: "Deploy to WordPress.org (true or false)"
+          required: false
+          default: "false"
 
 jobs:
   github-release:
     name: "Create a GitHub Release"
     runs-on: ubuntu-latest
-    timeout-minutes: 5
+    timeout-minutes: 10
     steps:
       - name: "Dump GitHub Context"
         env:
@@ -46,7 +52,9 @@ jobs:
       - name: "Check defined version type"
         id: version
         run: |
-          if [ "${{ github.event.inputs.version_type }}" == "major" ]; then
+          if [ "${{ github.event_name }}" == "schedule" ]; then
+            echo "version=patch" >> $GITHUB_OUTPUT
+          elif [ "${{ github.event.inputs.version_type }}" == "major" ]; then
             echo "version=major" >> $GITHUB_OUTPUT
           elif [ "${{ github.event.inputs.version_type }}" == "minor" ]; then
             echo "version=minor" >> $GITHUB_OUTPUT
@@ -83,19 +91,29 @@ jobs:
       # Build Dev Changelog =================
       # =====================================
       - name: "Build Dev Changelog"
-        uses: mikepenz/release-changelog-builder-action@v3
+        uses: mikepenz/release-changelog-builder-action@v4.0.0-b02
         id: build_dev_changelog
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         with:
           toTag: ${{ github.ref }}
           configuration: "./.github/config/dev_changelog_configuration.json"
 
+      # if scheduled and no pull requests caught in changelog, exit
+      - name: "Exit if no pull requests caught in changelog"
+        if: github.event_name == 'schedule' && steps.build_dev_changelog.outputs.pull_requests == ''
+        env:
+            GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          echo "No pull requests caught in changelog. Exiting."
+          gh run cancel ${{ github.run_id }}
+          gh run watch ${{ github.run_id }}
+
       # =====================================
       # Build Changelog =====================
       # =====================================
       - name: "Build Changelog"
-        uses: mikepenz/release-changelog-builder-action@v3
+        uses: mikepenz/release-changelog-builder-action@v4.0.0-b02
         id: build_changelog
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -196,6 +214,29 @@ jobs:
           files: |
             ${{ env.ZIP_FILENAME }}
 
+
+      - name: "Get release ID"
+        id: release-data
+        run: |
+          response=$(curl -s https://api.github.com/graphql -X POST -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" -d '{ "query": "query { repository(owner: \"nsquared-team\", name: \"draw-attention\") { release(tagName: \"${{ steps.package-version.outputs.current-version }}\") { databaseId createdAt } } }" }')
+          databaseId=$(echo "$response" | jq -r '.data.repository.release.databaseId')
+          if [[ -z "$databaseId" ]]; then
+              echo "Error: databaseId is empty"
+              exit 1
+          fi
+          echo "release-id=$databaseId" >> $GITHUB_OUTPUT
+
+      - name: "Update release to be latest"
+        run: |
+          curl -L \
+              -X PATCH \
+              -H "Accept: application/vnd.github+json" \
+              -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}"\
+              -H "X-GitHub-Api-Version: 2022-11-28" \
+              https://api.github.com/repos/$GITHUB_REPOSITORY/releases/${{ steps.release-data.outputs.release-id }} \
+              -d '{"make_latest":true}'
+
+
       # =====================================
       # Send Failure Warning to Slack =======
       # =====================================
@@ -211,20 +252,32 @@ jobs:
       # Send Dev Changelog Notification =====
       # =====================================
       - name: "Format changelog for slack"
-        id: format-changelog
+        id: format-dev-changelog
         env:
-          CHANGELOG: ${{ toJson(steps.build_dev_changelog.outputs.changelog) }}
+          CHANGELOG_JSON: ${{ steps.build_dev_changelog.outputs.categorized }}
+          CHANGELOG_STRING: ${{ steps.build_dev_changelog.outputs.changelog }}
+          PROJECT: "Draw Attention"
         run: |
-          no_newline_string=$(echo "$CHANGELOG" | tr -d '\n')
-          single_quote_string=$(echo "$no_newline_string" | sed "s/\"/'/g")
-          single_quote_string=$(echo "$single_quote_string" | sed 's/\\\([^n]\)/\1/g')
-          echo "formatted_changelog=$single_quote_string" >> $GITHUB_OUTPUT
-
+          php "external/actions-scripts/format-changelog.php" --version=${{ steps.package-version.outputs.current-version }} --repo=${{ github.repository }} --out="formatted-dev-changelog.json"
+
+      - name: "View JSON file"
+        run: |
+          cat "formatted-dev-changelog.json"
+
       - name: "Send Dev Changelog Notification to Slack"
         if: success()
-        uses: slackapi/slack-github-action@v1.23.0
+        run: |
+          json_content=$(cat "formatted-dev-changelog.json")
+          curl -X POST -H "Content-type: application/json" --data "$json_content" "${{ env.SLACK_WEBHOOK_URL }}"
+
+      # ===================================================================
+      # Trigger deploy workflow only if the workflow was triggered on cron
+      # ===================================================================
+      - name: "Trigger deploying to WordPress.org"
         env:
-          JSON: "{\"text\":\"\\n:large_green_circle: Draw Attention ${{ steps.package-version.outputs.current-version }}\\nSuccessfully Prepared GitHub release.:fox-dance:\\nChangelog:\\n${{steps.format-changelog.outputs.formatted_changelog}}\\n\",\"blocks\":[{\"type\":\"divider\"},{\"type\":\"header\",\"text\":{\"type\":\"plain_text\",\"text\":\"\\n:large_green_circle: Draw Attention ${{ steps.package-version.outputs.current-version }}\\n\"}},{\"type\":\"section\",\"text\":{\"type\":\"mrkdwn\",\"text\":\"Successfully Prepared GitHub release.:fox-dance:\\nChangelog:\\n${{steps.format-changelog.outputs.formatted_changelog}}\\n\"}}]}"
-        with:
-          payload: ${{ env.JSON }}
-
+          GH_TOKEN: ${{ github.token }}
+        if: success() && ( github.event_name == 'schedule' || github.event.inputs.deploy == 'true' )
+        run: |
+          echo 'Sleeping for 5 minutes to allow GitHub to create the release'
+          sleep 300
+          gh workflow run deploy.yml -f tag_name="${{ steps.package-version.outputs.current-version }}"
@@ -146,6 +146,7 @@ wp-config.php
 wp-content/plugins/akismet/.htaccess
 public/assets/config.codekit3
 
+vendor/
 # Needed for WP release
 node_modules/
 release/

@@ -0,0 +1,2 @@
+*min.*
+public/assets/js/leaflet.js
@@ -1,5 +1,45 @@
 # Changelog
 
+## 2.0.17 - 2023-11-07
+
+### Features and Improvements
+
+- Tested up to WP 6.4
+
+## 2.0.16 - 2023-10-29
+
+### Features and Improvements
+
+- Add nonce checks for additional security
+
+## 2.0.15 - 2023-10-19
+
+### Fixes
+
+- Fix disclosed vulnerability affecting Contributor-level users
+
+## 2.0.14 - 2023-08-12
+
+### Features and Improvements
+
+- Tested up to WP 6.3
+
+## 2.0.13 - 2023-06-25
+
+### Fixes
+
+- Fix PHP warning in CMB2 library
+
+### Features and Improvements
+
+- Prevent conflicts with other plugins that use the leaflet library
+
+## 2.0.12 - 2023-05-26
+
+### Features and Improvements
+
+- Improved nonce verification and capability checks
+
 ## 2.0.11 - 2023-05-12
 
 ### Fixes