chore: initial commit (#1)

* chore: initial commit

* style: run prettier

.eslintrc.js

@@ -0,0 +1,59 @@
+"use strict";
+
+module.exports = {
+	env: {
+		es2023: true,
+		node: true,
+	},
+	extends: [
+		"airbnb-base",
+		"plugin:@eslint-community/eslint-comments/recommended",
+		"plugin:jsdoc/recommended",
+		"plugin:promise/recommended",
+		"plugin:regexp/recommended",
+		"plugin:security/recommended-legacy",
+		"prettier",
+	],
+	overrides: [
+		{
+			extends: ["plugin:jest/recommended", "plugin:jest/style"],
+			files: ["src/**/*.test.js"],
+			plugins: ["jest"],
+			rules: {
+				"jest/no-duplicate-hooks": "error",
+				"jest/no-test-return-statement": "error",
+				"jest/prefer-comparison-matcher": "error",
+				"jest/prefer-each": "warn",
+				"jest/prefer-equality-matcher": "error",
+				"jest/prefer-expect-resolves": "error",
+				"jest/prefer-hooks-in-order": "error",
+				"jest/prefer-hooks-on-top": "error",
+				"jest/prefer-mock-promise-shorthand": "error",
+				"jest/prefer-spy-on": "error",
+				"jest/require-top-level-describe": "error",
+			},
+		},
+	],
+	parserOptions: {
+		ecmaVersion: 2023,
+		// Explicitly tell ESLint to parse JavaScript as CommonJS, as airbnb-base sets this to "modules" for ECMAScript
+		sourceType: "script",
+	},
+	plugins: ["import", "jsdoc", "promise", "regexp", "security"],
+	root: true,
+	rules: {
+		"@eslint-community/eslint-comments/disable-enable-pair": "off",
+		"@eslint-community/eslint-comments/no-unused-disable": "error",
+		"@eslint-community/eslint-comments/require-description": "error",
+		"import/no-extraneous-dependencies": "error",
+		"jsdoc/check-syntax": "error",
+		"jsdoc/require-description-complete-sentence": "error",
+		"jsdoc/require-hyphen-before-param-description": "error",
+		"no-multiple-empty-lines": ["error", { max: 1 }],
+		"prefer-destructuring": ["error", { object: true, array: false }],
+		"promise/prefer-await-to-callbacks": "warn",
+		"promise/prefer-await-to-then": "warn",
+		"security/detect-object-injection": "off",
+		strict: ["error", "global"],
+	},
+};

.gitattributes

@@ -0,0 +1,2 @@
+# Set default behaviour to automatically convert line endings
+* text=auto eol=lf

.github/codeql-config.yml

@@ -0,0 +1,13 @@
+name: CodeQL Config
+
+# **What it does**: This provides a config to the CodeQL GitHub Action in this repo.
+# **Why we have it**: Security scanning.
+
+queries:
+    - uses: security-and-quality
+
+# Limit the paths scanning takes place, improving speed of scan
+paths:
+    - "**/*.html"
+    - "**/*.js"
+    - "**/*.yml"

.github/dependabot.yml

@@ -0,0 +1,35 @@
+version: 2
+updates:
+    - package-ecosystem: github-actions
+      commit-message:
+          include: scope
+          prefix: ci
+      directory: /
+      ignore:
+          # Staying on v3 due to incomplete migration guide for v4
+          - dependency-name: google-github-actions/release-please-action
+            update-types: ["version-update:semver-major"]
+      open-pull-requests-limit: 20
+      schedule:
+          interval: monthly
+
+    - package-ecosystem: npm
+      commit-message:
+          include: scope
+          prefix: build
+      directory: /
+      groups:
+          commitlint:
+              patterns:
+                  - "@commitlint*"
+          eslint:
+              patterns:
+                  - "eslint*"
+      ignore:
+          # Below are dependencies that have migrated to ESM
+          # in their next major version so we can't use them
+          - dependency-name: is-html
+            update-types: ["version-update:semver-major"]
+      open-pull-requests-limit: 20
+      schedule:
+          interval: monthly

.github/workflows/automerge.yml

@@ -0,0 +1,66 @@
+name: Automerge Dependabot PRs
+
+# **What it does**: Automatically merge Dependabot PRs that pass the CI workflow run.
+# **Why we have it**: To keep our dependencies up-to-date, to avoid security issues.
+
+on:
+    workflow_run:
+        workflows: ["CI"]
+        types: [completed]
+
+permissions:
+    contents: write
+    pull-requests: write
+
+jobs:
+    on-success:
+        if: >
+            github.event.workflow_run.event == 'pull_request' &&
+            github.event.workflow_run.conclusion == 'success' &&
+            github.actor == 'dependabot[bot]'
+        runs-on: ubuntu-latest
+        steps:
+            - name: Download artifact
+              uses: actions/github-script@v7
+              with:
+                  script: |
+                      const { writeFile } = require("node:fs/promises");
+                      const { owner, repo } = context.repo;
+
+                      const artifacts = await github.rest.actions.listWorkflowRunArtifacts({
+                          owner,
+                          repo,
+                          run_id: ${{ github.event.workflow_run.id }},
+                      });
+                      const matchArtifact = artifacts.data.artifacts.find(
+                          (artifact) => artifact.name == "pr"
+                      );
+
+                      const download = await github.rest.actions.downloadArtifact({
+                          owner,
+                          repo,
+                          artifact_id: matchArtifact.id,
+                          archive_format: "zip",
+                      });
+
+                      await writeFile("${{github.workspace}}/pr.zip", Buffer.from(download.data));
+
+            - name: Unzip artifact
+              run: unzip pr.zip
+
+            - name: Merge PR
+              uses: actions/github-script@v7
+              with:
+                  github-token: ${{ secrets.GITHUB_TOKEN }}
+                  script: |
+                      const { readFile } = require("node:fs/promises");
+                      const { owner, repo } = context.repo;
+
+                      const pull_number = Number(await readFile("./NR", "utf8"));
+
+                      await github.rest.pulls.merge({
+                          merge_method: "squash",
+                          owner,
+                          repo,
+                          pull_number,
+                      });

.github/workflows/cd.yml

@@ -0,0 +1,100 @@
+name: CD
+
+# **What it does**: Automatically generates releases and release notes.
+# **Why we have it**: Allows development to focus on higher value work.
+
+on:
+    push:
+        branches:
+            - main
+    # Allows this workflow to be run manually from the Actions tab
+    workflow_dispatch:
+
+jobs:
+    release:
+        name: Create/Update Release Pull Request
+        runs-on: ubuntu-latest
+        permissions:
+            contents: write
+            pull-requests: write
+        outputs:
+            release_created: ${{ steps.release.outputs.release_created }}
+        steps:
+            - name: Release Please
+              id: release
+              # Staying on v3 due to incomplete migration guide for v4
+              uses: google-github-actions/release-please-action@v3
+              with:
+                  changelog-types: '[ { "type": "feat", "section": "Features", "hidden": false }, { "type": "fix", "section": "Bug fixes", "hidden": false }, { "type": "build", "section": "Dependencies", "hidden": false }, { "type": "chore", "section": "Miscellaneous", "hidden": false }, { "type": "ci", "section": "Continuous integration", "hidden": false }, { "type": "perf", "section": "Improvements", "hidden": false }, { "type": "refactor", "section": "Improvements", "hidden": false }, { "type": "style", "section": "Miscellaneous", "hidden": false }, { "type": "docs", "section": "Documentation", "hidden": false }]'
+                  release-type: node
+                  package-name: fix-latin1-to-utf8
+
+    publish-npm:
+        name: Publish to NPM
+        needs: release
+        if: needs.release.outputs.release_created == 'true'
+        runs-on: ubuntu-latest
+        environment: main
+        permissions:
+            contents: read
+            id-token: write
+        steps:
+            - name: Check out repo
+              uses: actions/checkout@v4
+              with:
+                  persist-credentials: false
+
+            - name: Setup Node
+              uses: actions/setup-node@v4
+              with:
+                  node-version: lts/*
+                  registry-url: https://registry.npmjs.org
+
+            - name: Publish to NPM
+              env:
+                  NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+              # Build docs and TS definitions, and remove dev values
+              # from package.json before publishing to reduce package size
+              run: |
+                  npm i --ignore-scripts
+                  npm run build
+                  npm pkg delete commitlint devDependencies jest scripts
+                  npm publish --access public --ignore-scripts --provenance
+
+    publish-ghp:
+        name: Publish to GitHub Packages
+        needs: release
+        if: needs.release.outputs.release_created == 'true'
+        runs-on: ubuntu-latest
+        permissions:
+            contents: read
+            id-token: write
+            packages: write
+        steps:
+            - name: Check out repo
+              uses: actions/checkout@v4
+              with:
+                  persist-credentials: false
+
+            - name: Setup Node
+              uses: actions/setup-node@v4
+              with:
+                  node-version: lts/*
+                  registry-url: https://npm.pkg.github.com
+                  scope: "@fdawgs"
+
+            - name: Scope package
+              run: |
+                  pkgName=$(npm pkg get name | tr -d '"')
+                  npm pkg set name="@fdawgs/$pkgName"
+
+            - name: Publish to GitHub Packages
+              env:
+                  NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+              # Build docs and TS definitions, and remove dev values
+              # from package.json before publishing to reduce package size
+              run: |
+                  npm i --ignore-scripts
+                  npm run build
+                  npm pkg delete commitlint devDependencies jest scripts
+                  npm publish --access public --ignore-scripts --provenance