chore: bump @npmcli/template-oss to 4.23.5

Author: wraithgar

.commitlintrc.js

@@ -7,5 +7,6 @@ module.exports = {
     'header-max-length': [2, 'always', 80],
     'subject-case': [0],
     'body-max-line-length': [0],
+    'footer-max-line-length': [0],
   },
 }

.github/actions/create-check/action.yml

@@ -25,7 +25,7 @@ runs:
       with:
         result-encoding: string
         script: |
-          const { repo: { owner, repo}, runId, serverUrl } = context          
+          const { repo: { owner, repo}, runId, serverUrl } = context
           const { JOB_NAME, SHA } = process.env
 
           const job = await github.rest.actions.listJobsForWorkflowRun({

.github/actions/install-latest-npm/action.yml

@@ -44,7 +44,7 @@ runs:
             MATCH=$SPEC
             echo "Found compatible version: npm@$MATCH"
             break
-          fi  
+          fi
         done
 
         if [ -z $MATCH ]; then

.github/workflows/ci-release.yml

@@ -62,7 +62,7 @@ jobs:
         run: npm run postlint --ignore-scripts -ws -iwr --if-present
       - name: Conclude Check
         uses: LouisBrunner/[email protected]
-        if: always()
+        if: steps.create-check.outputs.check-id && always()
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
           conclusion: ${{ job.status }}
@@ -120,7 +120,7 @@ jobs:
         run: npm test --ignore-scripts -ws -iwr --if-present
       - name: Conclude Check
         uses: LouisBrunner/[email protected]
-        if: always()
+        if: steps.create-check.outputs.check-id && always()
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
           conclusion: ${{ job.status }}

.github/workflows/codeql-analysis.yml

@@ -29,8 +29,8 @@ jobs:
           git config --global user.email "[email protected]"
           git config --global user.name "npm CLI robot"
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v2
+        uses: github/codeql-action/init@v3
         with:
           languages: javascript
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v2
+        uses: github/codeql-action/analyze@v3

.github/workflows/post-dependabot.yml

@@ -50,7 +50,7 @@ jobs:
         id: flags
         run: |
           dependabot_dir="${{ steps.metadata.outputs.directory }}"
-          if [[ "$dependabot_dir" == "/" ]]; then
+          if [[ "$dependabot_dir" == "/" || "$dependabot_dir" == "/main" ]]; then
             echo "workspace=-iwr" >> $GITHUB_OUTPUT
           else
             # strip leading slash from directory so it works as a

.github/workflows/release-integration.yml

@@ -44,6 +44,8 @@ jobs:
       - name: Install Dependencies
         run: npm i --ignore-scripts --no-audit --no-fund
       - name: Check If Published
+        env:
+          RELEASES: ${{ inputs.releases }}
         run: |
           EXIT_CODE=0
 

.gitignore

@@ -2,17 +2,17 @@
 
 # ignore everything in the root
 /*
-# transient test directories
-tap-testdir*/
 
-# keep these
 !**/.gitignore
 !/.commitlintrc.js
 !/.eslintrc.js
 !/.eslintrc.local.*
+!/.git-blame-ignore-revs
 !/.github/
 !/.gitignore
 !/.npmrc
+!/.prettierignore
+!/.prettierrc.js
 !/.release-please-manifest.json
 !/AUTHORS
 !/bin/
@@ -32,6 +32,7 @@ tap-testdir*/
 !/tap-snapshots/
 !/test/
 !/tsconfig.json
+tap-testdir*/
 !/pkg1/
 !/pkg2/
 !/pkg3/

SECURITY.md

@@ -2,7 +2,7 @@
 
 GitHub takes the security of our software products and services seriously, including the open source code repositories managed through our GitHub organizations, such as [GitHub](https://github.com/GitHub).
 
-If you believe you have found a security vulnerability in this GitHub-owned open source repository, you can report it to us in one of two ways. 
+If you believe you have found a security vulnerability in this GitHub-owned open source repository, you can report it to us in one of two ways.
 
 If the vulnerability you have found is *not* [in scope for the GitHub Bug Bounty Program](https://bounty.github.com/#scope) or if you do not wish to be considered for a bounty reward, please report the issue to us directly through [[email protected]](mailto:[email protected]).