Cleanups to publish to npm (#22)

1. Updated the CI build to automatically publish packages to npm feed
2. Added the recommended files from Microsoft
3. Added license headers to every source file

Co-authored-by: Thomas Tay <[email protected]>

Author: thomastay

.github/workflows/main.yml

@@ -0,0 +1,72 @@
+# This is a workflow that runs on PR builds.
+
+name: "PR build"
+
+# Controls when the action will run.
+on:
+  # Triggers the workflow on pull request events for the master branch
+  pull_request:
+    branches: [master]
+
+  # Allows you to run this workflow manually from the Actions tab
+  workflow_dispatch:
+
+# A workflow run is made up of one or more jobs that can run sequentially or in parallel
+jobs:
+  # This workflow contains a single job called "build"
+  build:
+    # The type of runner that the job will run on
+    runs-on: ubuntu-latest
+    # Steps represent a sequence of tasks that will be executed as part of the job
+    steps:
+      # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      # Sets up Node and an .npmrc file. This is the official Github supported way to set up node.
+      - uses: actions/setup-node@v2
+        with:
+          node-version: "12"
+          registry-url: "https://registry.npmjs.org"
+          cache: "yarn"
+          always-auth: "true"
+
+      - name: Install packages
+        run: yarn --frozen-lockfile
+
+      - name: Set Firefox Env Variable
+        run: export FIREFOX_BIN=$(which firefox)
+
+      - name: Set Chrome Env Variable
+        run: export CHROME_BIN=$(which chrome)
+
+      - name: Print environment variables
+        run: echo "CHROME_BIN = $CHROME_BIN  FIREFOX_BIN = $FIREFOX_BIN"
+
+      - name: CI BUILD + UT
+        run: yarn ci-test
+
+      - name: Check whether version was bumped in PR
+        id: actions_project_version_check
+        uses: "thomastay/[email protected]"
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+          file-to-check: package.json
+          fail-build-if-not-bumped: false
+          target-branch: master
+
+      - name: "Automated Version Bump"
+        uses: "phips28/gh-action-bump-version@master"
+        if: ${{ steps.actions_project_version_check.outputs.semver == 'no-update' }}
+        with:
+          tag-prefix: "v"
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Final check for version bump
+        uses: "thomastay/[email protected]"
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+          file-to-check: package.json
+          fail-build-if-not-bumped: true
+          target-branch: master

.github/workflows/pr.yml

@@ -0,0 +1,51 @@
+# This is a workflow that runs on every successful merge to master
+
+name: CI
+
+# Controls when the action will run.
+on:
+  # Triggers the workflow on push events for the master branch
+  push:
+    branches: [master]
+
+  # Allows you to run this workflow manually from the Actions tab
+  workflow_dispatch:
+
+# A workflow run is made up of one or more jobs that can run sequentially or in parallel
+jobs:
+  bump-version-and-publish:
+    # The type of runner that the job will run on
+    runs-on: ubuntu-latest
+    # Steps represent a sequence of tasks that will be executed as part of the job
+    steps:
+      # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      # Sets up Node and an .npmrc file. This is the official Github supported way to set up node.
+      - uses: actions/setup-node@v2
+        with:
+          node-version: "12"
+          registry-url: "https://registry.npmjs.org"
+          cache: "yarn"
+          always-auth: "true"
+
+      - name: Install packages
+        run: yarn --frozen-lockfile
+
+      - name: Set Firefox Env Variable
+        run: export FIREFOX_BIN=$(which firefox)
+
+      - name: Set Chrome Env Variable
+        run: export CHROME_BIN=$(which chrome)
+
+      - name: Print environment variables
+        run: echo "CHROME_BIN = $CHROME_BIN  FIREFOX_BIN = $FIREFOX_BIN"
+
+      - name: CI BUILD + UT
+        run: yarn ci-test
+
+      - name: Publish package
+        run: yarn publish --access public
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

.github/workflows/push.yml

@@ -15,3 +15,4 @@ index.ts
 *.spec.js
 /.github
 /dist/src/tests
+*.log

.npmignore

@@ -1,3 +1,2 @@
-package-lock=false
-registry=https://registry.yarnpkg.com
-@microsoft:registry=https://npm.pkg.github.com
+registry=https://registry.npmjs.org
+always-auth=true

.npmrc

@@ -0,0 +1,9 @@
+# Microsoft Open Source Code of Conduct
+
+This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
+
+Resources:
+
+- [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/)
+- [Microsoft Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/)
+- Contact [[email protected]](mailto:[email protected]) with questions or concerns

CODE_OF_CONDUCT.md

@@ -0,0 +1,19 @@
+# Contributing
+
+This project welcomes contributions and suggestions. Most contributions require you to
+agree to a Contributor License Agreement (CLA) declaring that you have the right to,
+and actually do, grant us the rights to use your contribution. For details, visit
+https://cla.microsoft.com.
+
+When you submit a pull request, a CLA-bot will automatically determine whether you need
+to provide a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the
+instructions provided by the bot. You will only need to do this once across all repositories using our CLA.
+
+This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
+For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/)
+or contact [[email protected]](mailto:[email protected]) with any additional questions or comments.
+
+# Rules
+
+1. Do not push to master. Create a branch and push to it. The branch policy will forbid this.
+1. You don't need to manually squash your commits. All commits will be merged via a squash commit.

CONTRIBUTING.md

@@ -63,3 +63,11 @@ Look through package.json for more details.
 The default runner will launch both firefox + chrome in debug mode.
 
 To iterate over tests, instead of the `yarn build` command mentioned above, run `yarn watch` instead.
+
+## Contributing
+
+Please read [the Contributing guide](./CONTRIBUTING.md).
+
+## Trademarks
+
+This project may contain trademarks or logos for projects, products, or services. Authorized use of Microsoft trademarks or logos is subject to and must follow [Microsoft’s Trademark & Brand Guidelines](https://www.microsoft.com/en-us/legal/intellectualproperty/trademarks/usage/general). Use of Microsoft trademarks or logos in modified versions of this project must not cause confusion or imply Microsoft sponsorship. Any use of third-party trademarks or logos are subject to those third-party’s policies.

README.md

@@ -0,0 +1,41 @@
+<!-- BEGIN MICROSOFT SECURITY.MD V0.0.5 BLOCK -->
+
+## Security
+
+Microsoft takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations, which include [Microsoft](https://github.com/Microsoft), [Azure](https://github.com/Azure), [DotNet](https://github.com/dotnet), [AspNet](https://github.com/aspnet), [Xamarin](https://github.com/xamarin), and [our GitHub organizations](https://opensource.microsoft.com/).
+
+If you believe you have found a security vulnerability in any Microsoft-owned repository that meets [Microsoft's definition of a security vulnerability](<https://docs.microsoft.com/en-us/previous-versions/tn-archive/cc751383(v=technet.10)>), please report it to us as described below.
+
+## Reporting Security Issues
+
+**Please do not report security vulnerabilities through public GitHub issues.**
+
+Instead, please report them to the Microsoft Security Response Center (MSRC) at [https://msrc.microsoft.com/create-report](https://msrc.microsoft.com/create-report).
+
+If you prefer to submit without logging in, send email to [[email protected]](mailto:[email protected]). If possible, encrypt your message with our PGP key; please download it from the [Microsoft Security Response Center PGP Key page](https://www.microsoft.com/en-us/msrc/pgp-key-msrc).
+
+You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Additional information can be found at [microsoft.com/msrc](https://www.microsoft.com/msrc).
+
+Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue:
+
+- Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
+- Full paths of source file(s) related to the manifestation of the issue
+- The location of the affected source code (tag/branch/commit or direct URL)
+- Any special configuration required to reproduce the issue
+- Step-by-step instructions to reproduce the issue
+- Proof-of-concept or exploit code (if possible)
+- Impact of the issue, including how an attacker might exploit the issue
+
+This information will help us triage your report more quickly.
+
+If you are reporting for a bug bounty, more complete reports can contribute to a higher bounty award. Please visit our [Microsoft Bug Bounty Program](https://microsoft.com/msrc/bounty) page for more details about our active programs.
+
+## Preferred Languages
+
+We prefer all communications to be in English.
+
+## Policy
+
+Microsoft follows the principle of [Coordinated Vulnerability Disclosure](https://www.microsoft.com/en-us/msrc/cvd).
+
+<!-- END MICROSOFT SECURITY.MD BLOCK -->

SECURITY.md

@@ -1,6 +1,6 @@
 {
   "name": "@microsoft/objectstoreprovider",
-  "version": "0.6.28",
+  "version": "0.6.29",
   "description": "A cross-browser object store library",
   "author": "Mukundan Kavanur Kidambi <[email protected]>",
   "scripts": {
@@ -19,7 +19,7 @@
   },
   "main": "dist/index.js",
   "publishConfig": {
-    "registry": "https://npm.pkg.github.com"
+    "registry": "https://registry.npmjs.org"
   },
   "dependencies": {
     "@collectable/core": "^5.0.1",

package.json

@@ -1,3 +1,5 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT License.
 declare interface Promise<T> {
   finally: (onfinally?: (() => void) | null | undefined) => Promise<T>;
   always: <U>(func: (value: T | any) => U | PromiseLike<U>) => Promise<U>;

src/Promise.ts

@@ -1,3 +1,6 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT License.
+
 import { assert } from "chai"; // Mocha doesn't work with import * as syntax, hence this hack.
 import { find, each, times, values, keys, some, filter } from "lodash";
 import {