chore: initialize opencode-jfrog-plugin

.github/workflows/cla.yml

@@ -0,0 +1,35 @@
+name: "CLA Assistant"
+on:
+  # issue_comment triggers this action on each comment on issues and pull requests
+  issue_comment:
+    types: [ created ]
+  pull_request_target:
+    types: [ opened,synchronize ]
+
+jobs:
+  CLAssistant:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions-ecosystem/action-regex-match@v2
+        id: sign-or-recheck
+        with:
+          text: ${{ github.event.comment.body }}
+          regex: '\s*(I have read the CLA Document and I hereby sign the CLA)|(recheck)\s*'
+
+      - name: "CLA Assistant"
+        if: ${{ steps.sign-or-recheck.outputs.match != '' || github.event_name == 'pull_request_target' }}
+        # Alpha Release
+        uses: cla-assistant/github-action@v2.3.0
+        env:
+          # Generated and maintained by GitHub
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          # JFrog organization secret
+          PERSONAL_ACCESS_TOKEN: ${{ secrets.CLA_SIGN_TOKEN }}
+        with:
+          path-to-signatures: 'signed_clas.json'
+          path-to-document: 'https://jfrog.com/cla/'
+          remote-organization-name: 'jfrog'
+          remote-repository-name: 'jfrog-signed-clas'
+          # branch should not be protected
+          branch: 'master'
+          allowlist: bot*

.github/workflows/pr-title.yml

@@ -0,0 +1,19 @@
+name: 'LintPrTitle'
+
+on:
+  pull_request:
+    types:
+      - opened
+      - edited
+      - synchronize
+
+permissions:
+  pull-requests: write
+
+jobs:
+  ValidatePrTitle:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: amannn/action-semantic-pull-request@v5
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/pr.yml

@@ -0,0 +1,59 @@
+name: Pr
+
+on:
+  pull_request:
+  workflow_dispatch:
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+permissions:
+  actions: read
+  contents: read
+  id-token: write # for creating OIDC tokens for signing.
+
+jobs:
+  Check:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          ref: ${{ github.event.pull_request.head.sha || github.ref }}
+
+      - name: Setup JFrog CLI
+        id: setup-cli
+        uses: jfrog/setup-jfrog-cli@v4.9.1
+        env: 
+          JF_URL: https://${{ vars.JF_URL }}/
+          JF_PROJECT: carmit
+        with:
+            oidc-provider-name: github-oidc
+
+      - name: setup jfrog npm repo
+        run: |
+          echo "Setting up jfrog npm repo"
+          # create bunfig.toml file with the following content:
+          echo "[install]" > bunfig.toml
+          echo "registry = { token = \"${{ steps.setup-cli.outputs.oidc-token }}\", url = \"https://ctoa.jfrog.io/artifactory/api/npm/carmit-carmit-npm-virtual/\" }" >> bunfig.toml
+          # add always-auth
+          echo "always-auth = true" >> bunfig.toml
+          cat bunfig.toml
+
+          # configure jfrog npm repo
+          jf npm-config --repo-resolve=carmit-carmit-npm-virtual  --global
+
+      - name: Setup Tooling
+        uses: jdx/mise-action@d6e32c1796099e0f1f3ac741c220a8b7eae9e5dd
+        with:
+          install: true
+          cache: true
+          experimental: true
+
+      - name: Run Checks
+        run: |
+          mise run setup
+          mise run lint
+          mise run test
+          mise run build

.github/workflows/publish.yml

@@ -0,0 +1,49 @@
+name: Publish Package
+
+on:
+  workflow_dispatch:
+    inputs:
+      tag:
+        description: 'npm tag (latest or next)'
+        required: true
+        type: choice
+        options:
+          - latest
+          - next
+  repository_dispatch:
+    types: [publish-package]
+
+permissions:
+  id-token: write
+  contents: read
+
+jobs:
+  publish:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+          fetch-tags: true
+
+      - uses: jdx/mise-action@d6e32c1796099e0f1f3ac741c220a8b7eae9e5dd
+        with:
+          install: true
+          cache: true
+          experimental: true
+
+      - name: Build
+        run: mise run build
+
+      - id: inputs
+        uses: simenandre/setup-inputs@v1
+
+      - name: Publish to npm with OIDC
+        run: |
+          TAG="${{ steps.inputs.outputs.tag }}"
+          if [ -z "$TAG" ]; then
+            TAG="latest"
+          fi
+
+          echo "Publishing with tag: $TAG"
+          mise run publish --tag "$TAG"

.github/workflows/release.yml

@@ -0,0 +1,48 @@
+name: Release
+
+on:
+  push:
+    branches:
+      - main
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+
+permissions:
+  contents: write
+  pull-requests: write
+
+jobs:
+  process:
+    runs-on: ubuntu-latest
+    outputs:
+      releases_created: ${{ steps.release-please.outputs.releases_created }}
+      prs_created: ${{ steps.release-please.outputs.prs_created }}
+    steps:
+      - uses: google-github-actions/release-please-action@v4
+        id: release-please
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+          release-type: node
+          skip-github-pull-request: false
+
+  dispatch-publish:
+    needs: process
+    runs-on: ubuntu-latest
+    if: needs.process.outputs.releases_created == 'true' || needs.process.outputs.prs_created == 'true'
+    steps:
+      - name: Dispatch publish for releases
+        if: needs.process.outputs.releases_created == 'true'
+        uses: peter-evans/repository-dispatch@v2
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+          event-type: publish-package
+          client-payload: '{"tag": "latest"}'
+
+      - name: Dispatch publish for prerelease
+        if: needs.process.outputs.prs_created == 'true'
+        uses: peter-evans/repository-dispatch@v2
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+          event-type: publish-package
+          client-payload: '{"tag": "next"}'

.github/workflows/stale.yml

@@ -0,0 +1,47 @@
+name: Close stale issues and PRs
+
+on:
+  schedule:
+    - cron: '30 1 * * *' # Run daily at 1:30 AM UTC
+  workflow_dispatch: # Allow manual trigger
+
+jobs:
+  stale:
+    runs-on: ubuntu-latest
+    permissions:
+      issues: write
+      pull-requests: write
+
+    steps:
+      - uses: actions/stale@v9
+        with:
+          # Issue settings
+          stale-issue-message: >
+            This issue has been automatically marked as stale because it has not had
+            recent activity. It will be closed in 7 days if no further activity occurs.
+            Thank you for your contributions.
+          close-issue-message: >
+            This issue was closed because it has been stale for 7 days with no activity.
+            Feel free to reopen if this is still relevant.
+          days-before-issue-stale: 60
+          days-before-issue-close: 7
+          stale-issue-label: 'stale'
+
+          # PR settings
+          stale-pr-message: >
+            This pull request has been automatically marked as stale because it has not had
+            recent activity. It will be closed in 14 days if no further activity occurs.
+            Thank you for your contributions.
+          close-pr-message: >
+            This pull request was closed because it has been stale for 14 days with no activity.
+            Feel free to reopen if you'd like to continue working on this.
+          days-before-pr-stale: 60
+          days-before-pr-close: 14
+          stale-pr-label: 'stale'
+
+          # Exempt labels - items with these labels won't be marked stale
+          exempt-issue-labels: 'pinned,security,bug,enhancement'
+          exempt-pr-labels: 'pinned,security,work-in-progress'
+
+          # Don't stale items with milestones
+          exempt-all-milestones: true

.gitignore

@@ -0,0 +1,12 @@
+node_modules/
+dist/
+*.log
+.DS_Store
+.env
+.env.local
+coverage/
+.nyc_output/
+.eslintcache
+.bun/
+.bun.lockb
+.memory/

.mise/tasks/build

@@ -0,0 +1,10 @@
+#!/usr/bin/env bash
+#MISE description="Build the project"
+#MISE depends=["setup"]
+#MISE sources=["src/**/*"]
+#MISE outputs=["dist/index.js"]
+
+bun build ./src/index.ts --outdir dist --target bun
+
+# If you need to exlude some packages from your bundle, you can use the --external flag. For example, to exclude the "lodash" package, you can run:
+# bun build ./src/index.ts --outdir dist --target bun --external lodash

.mise/tasks/dev

@@ -0,0 +1,12 @@
+#!/usr/bin/env bash
+#MISE description="Build for development with sourcemaps and vendor splitting"
+#MISE sources=["src/**/*"]
+#MISE outputs=["dist/index.js", "dist/index.js.map", "dist/vendor.js"]
+
+bun build ./src/index.ts \
+  --outdir dist \
+  --target bun \
+  --sourcemap=inline \
+  --splitting \
+  --entry-naming='[dir]/[name].js' \
+  --chunk-naming='[name].js'

.mise/tasks/lint

@@ -0,0 +1,3 @@
+#!/usr/bin/env bash
+#MISE description="Run ESLint"
+bun x eslint . --ext .ts

.mise/tasks/lint:fix

@@ -0,0 +1,3 @@
+#!/usr/bin/env bash
+#MISE description="Run ESLint with auto-fix"
+eslint . --ext .ts --fix

.mise/tasks/pkgjsonlint

@@ -0,0 +1,12 @@
+#!/usr/bin/env bash
+#MISE description="Validate package.json has no scripts property"
+
+set -e
+
+if jq -e '.scripts' package.json > /dev/null 2>&1; then
+  echo "❌ Error: 'scripts' property found in package.json"
+  echo "Scripts are not allowed. Use .mise/tasks instead."
+  exit 1
+else
+  echo "✓ package.json validation passed"
+fi

.mise/tasks/publish

@@ -0,0 +1,61 @@
+#!/usr/bin/env bash
+#MISE description="Publish to npm registry"
+#MISE depends=["setup", "build"]
+#USAGE flag "-t --tag <tag>" "Tag to publish with" default="latest"
+#USAGE flag "-d --dry-run" "Perform a dry run of the publish process"
+#USAGE flag "--otp <otp>" "One-time password for npm two-factor authentication" default=""
+
+set -e
+
+echo "Publishing to npm"
+echo " > with tag: ${usage_tag}..."
+echo " > npm version: $(npm --version)"
+
+# For 'next' tag, bump version to a prerelease to avoid conflicts
+if [ "${usage_tag}" = "next" ]; then
+	# Count commits since last tag for a semantic build number
+	LAST_TAG=$(git describe --tags --abbrev=0 2>/dev/null || echo "")
+	if [ -n "$LAST_TAG" ]; then
+		BUILD_NUMBER=$(git rev-list "${LAST_TAG}..HEAD" --count)
+		echo " > last tag: ${LAST_TAG}"
+		echo " > commits since last tag: ${BUILD_NUMBER}"
+	else
+		BUILD_NUMBER=$(git rev-list HEAD --count)
+		echo " > no previous tag found"
+		echo " > total commits: ${BUILD_NUMBER}"
+	fi
+	CURRENT_VERSION=$(jq -r '.version' package.json)
+	PRERELEASE_VERSION="$(semver get release "$CURRENT_VERSION")-next.${BUILD_NUMBER}"
+	echo " > bumping version: ${CURRENT_VERSION} -> ${PRERELEASE_VERSION}"
+
+	if [ "${usage_dry_run}" != "true" ]; then
+		npm version "${PRERELEASE_VERSION}" --no-git-tag-version --allow-same-version
+	fi
+fi
+
+args=()
+
+if [ -n "${usage_otp}" ]; then
+	args+=("--otp" "${usage_otp}")
+	echo " > using provided OTP for 2FA"
+fi
+
+# if not usage_dry_run and is in github action, add provenance flag to args.
+if [ -n "${GITHUB_ACTIONS}" ]; then
+	args+=("--provenance")
+	echo " > adding provenance flag for CI publish"
+fi
+
+# Publish directly from source (allows provenance generation in CI)
+if [ "${usage_dry_run}" != "true" ]; then
+	npm publish \
+		--access public \
+		--tag "${usage_tag}" \
+		"${args[@]}"
+
+	echo "Publish process completed."
+else
+	echo "Dry run mode - skipping actual publish"
+	echo "Would have run:"
+	echo "npm publish --access public --tag ${usage_tag} ${args[*]}"
+fi