release: promote beta 1.0.0 to main (stable)#123
Open
rubenvdlinde wants to merge 204 commits intomainfrom
Open
release: promote beta 1.0.0 to main (stable)#123rubenvdlinde wants to merge 204 commits intomainfrom
rubenvdlinde wants to merge 204 commits intomainfrom
Conversation
Ships built-in English and Dutch translation bundles and provides a `registerTranslations()` function for consumers to initialize the library's i18n namespace. This ensures library-rendered strings respect the user's Nextcloud language settings.
…stration feat(i18n): add translation bundles and registration utility
Mirrors the standard Nextcloud Vue mixin by registering `t` and `n` globally in the test environment. This ensures components using translation helpers in their templates can render correctly during tests.
Added resize observer to automatically fix width of chart
- Switches translation strings from title case to sentence case across the application for consistency. - Updates "Plan meeting" to "Schedule meeting" to better reflect the action intent. - Adjusts Dutch translation for clarity in the mass deletion dialog. - Exports the `createCrudStore` utility in type definitions for TypeScript consumers.
Added more translations
typescript inference
feat(store): plugin support for createCrudStore + logsPlugin
…ty-tab Updated user to authenticated
…ty-tab Fixed code quality warnings
added code support in basic form
Development to beta
version up (beta 11)
Co-authored-by: Thijn <thijn@conduction.nl>
…20 -> 24
Two coupled changes that ride together:
1. Bump Node 20 -> 24 in both jobs. semantic-release@24 requires Node
^22.14 || >= 24.10, which is why every release run since 2026-05-01
has failed with "node version ... is required. Found v20.20.2." Node
24 also ships npm 11.x, which is the floor for npm CLI's own
Trusted Publisher OIDC flow (the actual `npm publish` step the
plugin shells out to does its own OIDC token exchange).
2. Switch authentication from NPM_TOKEN to npm Trusted Publisher (OIDC):
- Add `id-token: write` to the release job permissions so the runner
can mint short-lived ID tokens for the registry exchange
- Drop NPM_TOKEN env from the Release step
- Add NPM_CONFIG_PROVENANCE=true so each release ships with an attested
provenance statement
- Add registry-url to setup-node so npm CLI knows where to publish
@semantic-release/npm@13.1.5 has native Trusted Publisher support
(verify-auth.js short-circuits when the OIDC context is established) so
no exec-plugin workaround is needed (unlike v12.0.2 in design-system).
Trust config on npmjs.com is set against `release.yml` in
ConductionNL/nextcloud-vue with no environment, matching the design-system
pattern. Renaming this file requires updating the npm trust config.
The first OIDC publish run (1.0.0-beta.1) was rejected by npm with HTTP 422: "Error verifying sigstore provenance bundle: Failed to validate repository information: package.json: 'repository.url' is '', expected to match 'https://github.com/ConductionNL/nextcloud-vue' from provenance". npm's provenance attestation cross-checks the repository URL in the build's GitHub Actions context against package.json#repository.url to prevent provenance spoofing across repos. An empty or missing field fails the check unconditionally. The package.json had no repository / homepage / bugs fields at all; adding them aligns with the @conduction/docusaurus-preset metadata that already publishes successfully under the same Trusted Publisher flow.
…into beta # Conflicts: # package.json
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| function extractSfcProps(sfcPath) { | ||
| if (!fs.existsSync(sfcPath)) return [] | ||
| const source = fs.readFileSync(sfcPath, 'utf8') | ||
| const scriptMatch = source.match(/<script\b[^>]*>([\s\S]*?)<\/script>/m) |
|
|
||
| isValidEmail(v) { | ||
| if (!v) return false | ||
| return /^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(v) |
…lebook feat(stylebook): add Vue Styleguidist browser-based component stylebook and inline component docs
…lebook Fixed build issues
…lebook Updated packages for build
Adds a per-schema toggle in the Security tab of CnSchemaFormDialog so admins can opt this schema's authenticated users out of inheriting `public` group rights. The flag is stored under the schema's `authorization` object and defaults to true (inherit) when unset. Pairs with openregister change rbac-disable-public-inheritance, which adds the matching backend cascade and tenant-wide default.
Added docusaurus favicon
…rom-public-checkbox
…eckbox feat(schema-security): add inheritFromPublic checkbox
…eckbox updated branch-protections name to fire action
Development to beta
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
6 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Merge `beta` → `main` to promote the `1.0.0` stream from prerelease to stable.
semantic-release on the `main` channel will walk the merged commits, determine the next version, and publish it to the `latest` npm dist-tag (currently still pinned to the long-stale `0.1.0-beta.18`).
What this triggers on merge
What's already on beta
158 commits accumulated since the last working release run (which broke 5 days ago when semantic-release@24 started rejecting Node 20). Major themes:
Why beta is on `1.0.0-beta.2` not `1.0.x`
A `feat!:` (or `BREAKING CHANGE:` footer) somewhere in the 158-commit beta history bumped to `1.0.0` semantics. This is the first stable major release of the library — appropriate signalling that anyone pinning to `0.1.x` should review before upgrading.
Test plan