Merge branch 'master' into release/3.1.0

Author: derberg

.github/workflows/automerge-for-humans-add-ready-to-merge-or-do-not-merge-label.yml

@@ -27,6 +27,8 @@ jobs:
     steps:
       - name: Add ready-to-merge label
         uses: actions/github-script@v7
+        env:
+          GITHUB_ACTOR: ${{ github.actor }}
         with:
           github-token: ${{ secrets.GH_TOKEN }}
           script: |
@@ -56,7 +58,7 @@ jobs:
                 issue_number: context.issue.number,
                 owner: context.repo.owner,
                 repo: context.repo.repo,
-                body: `Hello, @${{ github.actor }}! 👋🏼
+                body: `Hello, @${process.env.GITHUB_ACTOR}! 👋🏼
                        This PR is not up to date with the base branch and can't be merged.
                        Please update your branch manually with the latest version of the base branch.
                        PRO-TIP: To request an update from the upstream branch, simply comment \`/u\` or \`/update\` and our bot will handle the update operation promptly.

.github/workflows/automerge-orphans.yml

@@ -52,7 +52,8 @@ jobs:
             }
       - if: steps.orphans.outputs.found == 'true'
         name: Convert markdown to slack markdown
-        uses: asyncapi/.github/.github/actions/slackify-markdown@master
+        # This workflow is from our own org repo and safe to reference by 'master'.
+        uses: asyncapi/.github/.github/actions/slackify-markdown@master # //NOSONAR
         id: issuemarkdown
         with:
           markdown: "-> [${{steps.orphans.outputs.title}}](${{steps.orphans.outputs.url}})"

.github/workflows/bounty-program-commands.yml

@@ -33,13 +33,15 @@ jobs:
     steps:
       - name: ❌ @${{github.actor}} made an unauthorized attempt to use a Bounty Program's command
         uses: actions/github-script@v7
+        env:
+          ACTOR: ${{ github.actor }}
         with:
           github-token: ${{ secrets.GH_TOKEN }}
           script: |
-            const commentText = `❌ @${{github.actor}} is not authorized to use the Bounty Program's commands.
+            const commentText = `❌ @${process.env.ACTOR} is not authorized to use the Bounty Program's commands.
             These commands can only be used by members of the [Bounty Team](https://github.com/orgs/asyncapi/teams/bounty_team).`;
 
-            console.log(`❌ @${{github.actor}} made an unauthorized attempt to use a Bounty Program's command.`);
+            console.log(`❌ @${process.env.ACTOR} made an unauthorized attempt to use a Bounty Program's command.`);
             github.rest.issues.createComment({
                 issue_number: context.issue.number,
                 owner: context.repo.owner,

.github/workflows/bump.yml

@@ -24,12 +24,17 @@ jobs:
       - name: Check if Node.js project and has package.json
         id: packagejson
         run: test -e ./package.json && echo "exists=true" >> $GITHUB_OUTPUT || echo "exists=false" >> $GITHUB_OUTPUT
+      - name: Setup corepack with pnpm and yarn
+        if: steps.packagejson.outputs.exists == 'true'
+        run: corepack enable
       - if: steps.packagejson.outputs.exists == 'true'
         name: Bumping latest version of this package in other repositories
-        uses: derberg/npm-dependency-manager-for-your-github-org@1eafd3bf3974f21d395c1abac855cb04b295d570 # using v6.-.- https://github.com/derberg/npm-dependency-manager-for-your-github-org/releases/tag/v6
+        uses: derberg/npm-dependency-manager-for-your-github-org@f95b99236e8382a210042d8cfb84f42584e29c24 # using v6.2.0.-.- https://github.com/derberg/npm-dependency-manager-for-your-github-org/releases/tag/v6.2.0
         with:
           github_token: ${{ secrets.GH_TOKEN }}
           committer_username: asyncapi-bot
           committer_email: info@asyncapi.io
           repos_to_ignore: spec,bindings,saunter,server-api
           custom_id: "dependency update from asyncapi bot"
+          search: "true"
+          ignore_paths: .github/workflows

.github/workflows/help-command.yml

@@ -15,6 +15,8 @@ jobs:
     steps:
       - name: Add comment to PR
         uses: actions/github-script@v7
+        env:
+          ACTOR: ${{ github.actor }}
         with:
           github-token: ${{ secrets.GH_TOKEN }}
           script: |
@@ -25,7 +27,7 @@ jobs:
               issue_number: context.issue.number,
               owner: context.repo.owner,
               repo: context.repo.repo,
-              body: `Hello, @${{ github.actor }}! 👋🏼 
+              body: `Hello, @${process.env.ACTOR}! 👋🏼 
 
                     I'm 🧞🧞🧞 Genie 🧞🧞🧞 from the magic lamp. Looks like somebody needs a hand!
         
@@ -44,14 +46,16 @@ jobs:
     steps:
       - name: Add comment to Issue
         uses: actions/github-script@v7
+        env:
+          ACTOR: ${{ github.actor }}
         with:
           github-token: ${{ secrets.GH_TOKEN }}
           script: |
             github.rest.issues.createComment({
               issue_number: context.issue.number,
               owner: context.repo.owner,
               repo: context.repo.repo,
-              body: `Hello, @${{ github.actor }}! 👋🏼 
+              body: `Hello, @${process.env.ACTOR}! 👋🏼 
 
               I'm 🧞🧞🧞 Genie 🧞🧞🧞 from the magic lamp. Looks like somebody needs a hand!
   

.github/workflows/if-nodejs-pr-testing.yml

@@ -14,9 +14,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        # Using macos-13 instead of latest (macos-14) due to an issue with Puppeteer and such runner. 
-        # See: https://github.com/puppeteer/puppeteer/issues/12327 and https://github.com/asyncapi/parser-js/issues/1001
-        os: [ubuntu-latest, macos-13, windows-latest]
+        os: [ubuntu-latest, macos-latest, windows-latest]
     steps:
       - if: >
           !github.event.pull_request.draft && !(
@@ -51,8 +49,11 @@ jobs:
         run: test -e ./package.json && echo "exists=true" >> $GITHUB_OUTPUT || echo "exists=false" >> $GITHUB_OUTPUT
         shell: bash
       - if: steps.packagejson.outputs.exists == 'true'
-        name: Check package-lock version
-        uses: asyncapi/.github/.github/actions/get-node-version-from-package-lock@master
+        name: Determine what node version to use
+        # This workflow is from our own org repo and safe to reference by 'master'.
+        uses: asyncapi/.github/.github/actions/get-node-version-from-package-lock@master # //NOSONAR
+        with:
+          node-version: ${{ vars.NODE_VERSION }}
         id: lockversion
       - if: steps.packagejson.outputs.exists == 'true'
         name: Setup Node.js

.github/workflows/if-nodejs-release.yml

@@ -17,6 +17,12 @@ on:
       - alpha
       - next
 
+permissions:
+  contents: write # to be able to publish a GitHub release
+  issues: write # to be able to comment on released issues
+  pull-requests: write # to be able to comment on released pull requests
+  id-token: write # to enable use of OIDC for trusted publishing and npm provenance
+
 jobs:
 
   test-nodejs:
@@ -33,9 +39,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        # Using macos-13 instead of latest (macos-14) due to an issue with Puppeteer and such runner. 
-        # See: https://github.com/puppeteer/puppeteer/issues/12327 and https://github.com/asyncapi/parser-js/issues/1001
-        os: [ubuntu-latest, macos-13, windows-latest]
+        os: [ubuntu-latest, macos-latest, windows-latest]
     steps:
       - name: Set git to use LF #to once and for all finish neverending fight between Unix and Windows
         run: |
@@ -49,8 +53,11 @@ jobs:
         run: test -e ./package.json && echo "exists=true" >> $GITHUB_OUTPUT || echo "exists=false" >> $GITHUB_OUTPUT
         shell: bash
       - if: steps.packagejson.outputs.exists == 'true'
-        name: Check package-lock version
-        uses: asyncapi/.github/.github/actions/get-node-version-from-package-lock@master
+        name: Determine what node version to use
+        # This workflow is from our own org repo and safe to reference by 'master'.
+        uses: asyncapi/.github/.github/actions/get-node-version-from-package-lock@master # //NOSONAR
+        with:
+          node-version: ${{ vars.NODE_VERSION }}
         id: lockversion
       - if: steps.packagejson.outputs.exists == 'true'
         name: Setup Node.js
@@ -95,34 +102,37 @@ jobs:
         run: test -e ./package.json && echo "exists=true" >> $GITHUB_OUTPUT || echo "exists=false" >> $GITHUB_OUTPUT
         shell: bash
       - if: steps.packagejson.outputs.exists == 'true'
-        name: Check package-lock version
-        uses: asyncapi/.github/.github/actions/get-node-version-from-package-lock@master
+        name: Determine what node version to use
+        # This workflow is from our own org repo and safe to reference by 'master'.
+        uses: asyncapi/.github/.github/actions/get-node-version-from-package-lock@master # //NOSONAR
+        with:
+          node-version: ${{ vars.NODE_VERSION }}
         id: lockversion
       - if: steps.packagejson.outputs.exists == 'true'
         name: Setup Node.js
         uses: actions/setup-node@v4
         with:
           node-version: "${{ steps.lockversion.outputs.version }}"
+          registry-url: "https://registry.npmjs.org"
       - if: steps.packagejson.outputs.exists == 'true'
         name: Install dependencies
         shell: bash
         run: npm ci
       - if: steps.packagejson.outputs.exists == 'true'
         name: Add plugin for conventional commits for semantic-release
-        run: npm install --save-dev conventional-changelog-conventionalcommits@5.0.0
+        run: npm install --save-dev conventional-changelog-conventionalcommits@9.1.0
       - if: steps.packagejson.outputs.exists == 'true'
         name: Publish to any of NPM, Github, and Docker Hub
         id: release
         env:
           GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
-          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
           DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
           DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
           GIT_AUTHOR_NAME: asyncapi-bot
           GIT_AUTHOR_EMAIL: info@asyncapi.io
           GIT_COMMITTER_NAME: asyncapi-bot
           GIT_COMMITTER_EMAIL: info@asyncapi.io
-        run: npx semantic-release@19.0.4
+        run: npx semantic-release@25.0.2
       - if: failure() # Only, on failure, send a message on the 94_bot-failing-ci slack channel
         name: Report workflow run status to Slack
         uses: 8398a7/action-slack@28ba43ae48961b90635b50953d216767a6bea486 #using https://github.com/8398a7/action-slack/releases/tag/v3.16.2

.github/workflows/if-nodejs-version-bump.yml

@@ -25,8 +25,11 @@ jobs:
         id: packagejson
         run: test -e ./package.json && echo "exists=true" >> $GITHUB_OUTPUT || echo "exists=false" >> $GITHUB_OUTPUT
       - if: steps.packagejson.outputs.exists == 'true'
-        name: Check package-lock version
-        uses: asyncapi/.github/.github/actions/get-node-version-from-package-lock@master
+        name: Determine what node version to use
+        # This workflow is from our own org repo and safe to reference by 'master'.
+        uses: asyncapi/.github/.github/actions/get-node-version-from-package-lock@master # //NOSONAR
+        with:
+          node-version: ${{ vars.NODE_VERSION }}
         id: lockversion
       - if: steps.packagejson.outputs.exists == 'true'
         name: Setup Node.js
@@ -46,18 +49,23 @@ jobs:
         # There is no need to substract "v" from the tag as version script handles it
         # When adding "bump:version" script in package.json, make sure no tags are added by default (--no-git-tag-version) as they are already added by release workflow
         # When adding "bump:version" script in package.json, make sure --allow-same-version is set in case someone forgot and updated package.json manually and we want to avoide this action to fail and raise confusion
-        run: VERSION=${{github.event.release.tag_name}} npm run bump:version
+        env:
+          VERSION: ${{github.event.release.tag_name}}
+        run: npm run bump:version
       - if: steps.packagejson.outputs.exists == 'true'
         name: Create Pull Request with updated asset files including package.json
         uses: peter-evans/create-pull-request@38e0b6e68b4c852a5500a94740f0e535e0d7ba54 # use 4.2.4 https://github.com/peter-evans/create-pull-request/releases/tag/v4.2.4
+        env:
+          RELEASE_TAG: ${{github.event.release.tag_name}}
+          RELEASE_URL: ${{github.event.release.html_url}}
         with:
           token: ${{ secrets.GH_TOKEN }}
-          commit-message: 'chore(release): ${{github.event.release.tag_name}}'
+          commit-message: 'chore(release): ${{ env.RELEASE_TAG }}'
           committer: asyncapi-bot <info@asyncapi.io>
           author: asyncapi-bot <info@asyncapi.io>
-          title: 'chore(release): ${{github.event.release.tag_name}}'
-          body: 'Version bump in package.json for release [${{github.event.release.tag_name}}](${{github.event.release.html_url}})'
-          branch: version-bump/${{github.event.release.tag_name}}
+          title: 'chore(release): ${{ env.RELEASE_TAG }}'
+          body: 'Version bump in package.json for release [${{ env.RELEASE_TAG }}](${{ env.RELEASE_URL }})'
+          branch: version-bump/${{ env.RELEASE_TAG }}
       - if: failure() # Only, on failure, send a message on the 94_bot-failing-ci slack channel
         name: Report workflow run status to Slack
         uses: 8398a7/action-slack@28ba43ae48961b90635b50953d216767a6bea486 #using https://github.com/8398a7/action-slack/releases/tag/v3.16.2

.github/workflows/issues-prs-notifications.yml

@@ -21,10 +21,15 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Convert markdown to slack markdown for issue
-        uses: asyncapi/.github/.github/actions/slackify-markdown@master
+        # This workflow is from our own org repo and safe to reference by 'master'.
+        uses: asyncapi/.github/.github/actions/slackify-markdown@master # //NOSONAR
         id: issuemarkdown
+        env:
+          ISSUE_TITLE: ${{github.event.issue.title}}
+          ISSUE_URL: ${{github.event.issue.html_url}}
+          ISSUE_BODY: ${{github.event.issue.body}}
         with:
-          markdown: "[${{github.event.issue.title}}](${{github.event.issue.html_url}}) \n ${{github.event.issue.body}}"
+          markdown: "[${{ env.ISSUE_TITLE }}](${{ env.ISSUE_URL }}) \n ${{ env.ISSUE_BODY }}"
       - name: Send info about issue
         uses: rtCamp/action-slack-notify@c33737706dea87cd7784c687dadc9adf1be59990 # Using v2.3.2
         env:
@@ -39,10 +44,15 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Convert markdown to slack markdown for pull request
-        uses: asyncapi/.github/.github/actions/slackify-markdown@master
+        # This workflow is from our own org repo and safe to reference by 'master'.
+        uses: asyncapi/.github/.github/actions/slackify-markdown@master # //NOSONAR
         id: prmarkdown
+        env:
+          PR_TITLE: ${{github.event.pull_request.title}}
+          PR_URL: ${{github.event.pull_request.html_url}}
+          PR_BODY: ${{github.event.pull_request.body}}
         with:
-          markdown: "[${{github.event.pull_request.title}}](${{github.event.pull_request.html_url}}) \n ${{github.event.pull_request.body}}"
+          markdown: "[${{ env.PR_TITLE }}](${{ env.PR_URL }}) \n ${{ env.PR_BODY }}"
       - name: Send info about pull request
         uses: rtCamp/action-slack-notify@c33737706dea87cd7784c687dadc9adf1be59990 # Using v2.3.2
         env:
@@ -57,10 +67,15 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Convert markdown to slack markdown for pull request
-        uses: asyncapi/.github/.github/actions/slackify-markdown@master
+        # This workflow is from our own org repo and safe to reference by 'master'.
+        uses: asyncapi/.github/.github/actions/slackify-markdown@master # //NOSONAR
         id: discussionmarkdown
+        env:
+          DISCUSSION_TITLE: ${{github.event.discussion.title}}
+          DISCUSSION_URL: ${{github.event.discussion.html_url}}
+          DISCUSSION_BODY: ${{github.event.discussion.body}}
         with:
-          markdown: "[${{github.event.discussion.title}}](${{github.event.discussion.html_url}}) \n ${{github.event.discussion.body}}"
+          markdown: "[${{ env.DISCUSSION_TITLE }}](${{ env.DISCUSSION_URL }}) \n ${{ env.DISCUSSION_BODY }}"
       - name: Send info about pull request
         uses: rtCamp/action-slack-notify@c33737706dea87cd7784c687dadc9adf1be59990 # Using v2.3.2
         env:

.github/workflows/notify-tsc-members-mention.yml

@@ -43,7 +43,8 @@ jobs:
       # Handling Slack notifications
       #########
       - name: Convert markdown to slack markdown
-        uses: asyncapi/.github/.github/actions/slackify-markdown@master
+        # This workflow is from our own org repo and safe to reference by 'master'.
+        uses: asyncapi/.github/.github/actions/slackify-markdown@master # //NOSONAR
         id: issuemarkdown
         with:
           markdown: "[${{github.event.issue.title}}](${{github.event.issue.html_url}}) \n ${{github.event.issue.body}}"
@@ -89,7 +90,8 @@ jobs:
       # Handling Slack notifications
       #########
       - name: Convert markdown to slack markdown
-        uses: asyncapi/.github/.github/actions/slackify-markdown@master
+        # This workflow is from our own org repo and safe to reference by 'master'.
+        uses: asyncapi/.github/.github/actions/slackify-markdown@master # //NOSONAR
         id: prmarkdown
         with:
           markdown: "[${{github.event.pull_request.title}}](${{github.event.pull_request.html_url}}) \n ${{github.event.pull_request.body}}"
@@ -135,7 +137,8 @@ jobs:
       # Handling Slack notifications
       #########
       - name: Convert markdown to slack markdown
-        uses: asyncapi/.github/.github/actions/slackify-markdown@master
+        # This workflow is from our own org repo and safe to reference by 'master'.
+        uses: asyncapi/.github/.github/actions/slackify-markdown@master # //NOSONAR
         id: discussionmarkdown
         with:
           markdown: "[${{github.event.discussion.title}}](${{github.event.discussion.html_url}}) \n ${{github.event.discussion.body}}"
@@ -181,7 +184,8 @@ jobs:
       # Handling Slack notifications
       #########
       - name: Convert markdown to slack markdown
-        uses: asyncapi/.github/.github/actions/slackify-markdown@master
+        # This workflow is from our own org repo and safe to reference by 'master'.
+        uses: asyncapi/.github/.github/actions/slackify-markdown@master # //NOSONAR
         id: issuemarkdown
         with:
           markdown: "[${{github.event.issue.title}}](${{github.event.comment.html_url}}) \n ${{github.event.comment.body}}"
@@ -227,7 +231,8 @@ jobs:
       # Handling Slack notifications
       #########
       - name: Convert markdown to slack markdown
-        uses: asyncapi/.github/.github/actions/slackify-markdown@master
+        # This workflow is from our own org repo and safe to reference by 'master'.
+        uses: asyncapi/.github/.github/actions/slackify-markdown@master # //NOSONAR
         id: prmarkdown
         with:
           markdown: "[${{github.event.issue.title}}](${{github.event.comment.html_url}}) \n ${{github.event.comment.body}}"
@@ -273,7 +278,8 @@ jobs:
       # Handling Slack notifications
       #########
       - name: Convert markdown to slack markdown
-        uses: asyncapi/.github/.github/actions/slackify-markdown@master
+        # This workflow is from our own org repo and safe to reference by 'master'.
+        uses: asyncapi/.github/.github/actions/slackify-markdown@master # //NOSONAR
         id: discussionmarkdown
         with:
           markdown: "[${{github.event.discussion.title}}](${{github.event.comment.html_url}}) \n ${{github.event.comment.body}}"