Update to Node 20 and latest dependencies + ESM only (#9)

.github/workflows/check-published-scheduled.yml

@@ -3,20 +3,25 @@ name: Check Published
 on:
   workflow_dispatch:
   schedule:
-    - cron: '30 20 * * *'
+    - cron: '11 23 * * *'
 
 jobs:
   checkPublished:
     runs-on: ubuntu-latest
     name: Check Published
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           ref: ${{ github.event.pull_request.head.sha }}
+      - name: Install Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20.x'
+          registry-url: 'https://registry.npmjs.org'
       - name: Check Published
         uses: checkdigit/github-actions/check-published@main
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          NPM_TOKEN: ${{ secrets.NPM_TOKEN_PUBLISH }}
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN_PUBLISH }}
           DEBUG: '*'
           SLACK_PUBLISH_MISMATCH: ${{ secrets.SLACK_PUBLISH_MISMATCH }}

.github/workflows/ci.yml

@@ -5,37 +5,22 @@ on:
     branches:
       - 'main'
 
-env:
-  CI: true
-
 jobs:
   pullRequestBuild:
     name: Pull Request Build
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        node-version: [18.x, 20.x]
+        node-version: [20.x, 21.x]
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Use Node.js ${{ matrix.node-version }}
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
         with:
           node-version: ${{ matrix.node-version }}
           cache: 'npm'
-      - name: Check Label
-        uses: checkdigit/github-actions/check-label@main
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-      - name: Check Imports
-        uses: checkdigit/github-actions/check-imports@main
       - name: Install dependencies
         run: npm ci --ignore-scripts
-        env:
-          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
-      - name: Audit Signatures
-        run: npm audit signatures
-        env:
-          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
       - name: Compile
         run: npm run ci:compile
       - name: Check Code Style
@@ -50,30 +35,18 @@ jobs:
     name: Branch Build
     strategy:
       matrix:
-        node-version: [18.x, 20.x]
+        node-version: [20.x, 21.x]
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           ref: ${{ github.event.pull_request.head.sha }}
       - name: Use Node.js ${{ matrix.node-version }}
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
         with:
           node-version: ${{ matrix.node-version }}
           cache: 'npm'
-      - name: Check Label
-        uses: checkdigit/github-actions/check-label@main
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-      - name: Check Imports
-        uses: checkdigit/github-actions/check-imports@main
       - name: Install dependencies
         run: npm ci --ignore-scripts
-        env:
-          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
-      - name: Audit Signatures
-        run: npm audit signatures
-        env:
-          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
       - name: Compile
         run: npm run ci:compile
       - name: Check Code Style

.github/workflows/codeql-analysis.yml

@@ -6,11 +6,11 @@ on:
   pull_request:
     branches: ['main']
   schedule:
-    - cron: '56 08 * * 1'
+    - cron: '20 3 * * 1'
 
 jobs:
   analyze:
-    name: CodeQL analysis
+    name: Analyze
     runs-on: ubuntu-latest
     permissions:
       actions: read
@@ -22,10 +22,10 @@ jobs:
         language: ['javascript']
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v2
+        uses: github/codeql-action/init@v3
         with:
           languages: ${{ matrix.language }}
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v2
+        uses: github/codeql-action/analyze@v3

.github/workflows/coverage.yml

@@ -13,10 +13,11 @@ jobs:
     runs-on: ubuntu-latest
     name: Coverage
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           ref: ${{ github.event.pull_request.head.sha }}
-      - uses: actions/setup-node@v3
+      - name: Install Node.js
+        uses: actions/setup-node@v4
         with:
           node-version: '20.x'
           cache: 'npm'

.github/workflows/publish-beta.yml

@@ -7,18 +7,27 @@ on:
 
 jobs:
   publishBeta:
-    runs-on: ubuntu-latest
     name: Publish Beta
+    runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - name: Checkout Code
+        uses: actions/checkout@v4
         with:
           ref: ${{ github.event.pull_request.head.sha }}
-      - name: Use Node.js ${{ matrix.node-version }}
-        uses: actions/setup-node@v3
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
         with:
           node-version: '20.x'
           registry-url: 'https://registry.npmjs.org'
-      - name: Install dependencies
+      - name: Check Label
+        uses: checkdigit/github-actions/check-label@main
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: Check Imports
+        uses: checkdigit/github-actions/check-imports@main
+      - name: Install latest npm
+        run: npm install -g npm@latest
+      - name: Install Dependencies
         run: npm ci --ignore-scripts
       - name: Audit Signatures
         run: npm audit signatures
@@ -31,7 +40,7 @@ jobs:
         run: npm publish --tag beta
         env:
           NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN_PUBLISH }}
-      - name: Comment npm publish result
+      - name: Comment
         uses: checkdigit/github-actions/comment-npm-publish@main
         with:
           betaPackage: ${{ steps.prepare-beta.outputs.betaPackage }}

.github/workflows/publish.yml

@@ -7,20 +7,25 @@ on:
 jobs:
   publish:
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      id-token: write
     name: Publish to NPM
     steps:
-      - uses: actions/checkout@v3
-      - uses: actions/setup-node@v3
+      - name: Checkout Code
+        uses: actions/checkout@v4
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
         with:
           node-version: '20.x'
           registry-url: 'https://registry.npmjs.org'
-      - name: Install dependencies
+      - name: Install latest npm
+        run: npm install -g npm@latest
+      - name: Install Dependencies
         run: npm ci --ignore-scripts
       - name: Audit Signatures
         run: npm audit signatures
-      - name: Run Test
-        run: npm run ci:test
       - name: Publish
-        run: npm publish
+        run: npm publish --provenance
         env:
           NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN_PUBLISH }}

LICENSE.txt

@@ -1,7 +1,7 @@
 
 The MIT License
 
-Copyright (c) 2023 Check Digit, LLC
+Copyright (c) 2023-2024 Check Digit, LLC
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

README.md

@@ -1,6 +1,6 @@
 # Memoize
 
-Copyright (c) 2023 [Check Digit, LLC](https://checkdigit.com)
+Copyright (c) 2023–2024 [Check Digit, LLC](https://checkdigit.com)
 
 `@checkdigit/memoize` memoizes async functions, with cache eviction on reject.
 The resulting promise is cached, guaranteeing the underlying function is called at most once for a given set of

SECURITY.md

@@ -6,7 +6,7 @@ These versions of @checkdigit/memoize are currently being supported with securit
 
 | Version | Supported          |
 | ------- | ------------------ |
-| > 1.x   | :white_check_mark: |
+| > 2.x   | :white_check_mark: |
 
 ## Reporting a Vulnerability