Add @openzeppelin/contracts as alternative package name (#1840)

* Rename package and repository name from docs and scripts

* undo root package rename

* add @openzeppelin/contracts as subpackage with release automation

* synchronize @openzeppelin/contracts version

* remove private field from package.json

* make file patterns absolute

* change wording of a comment

* use a saner version script

(cherry picked from commit b8c8308d77beaa733104d1d66ec5f2962df81711)

.github/ISSUE_TEMPLATE/feature_request.md

@@ -1,6 +1,6 @@
 ---
 name: Feature request
-about: Suggest an idea for OpenZeppelin
+about: Suggest an idea for OpenZeppelin Contracts
 
 ---
 
@@ -11,4 +11,4 @@ about: Suggest an idea for OpenZeppelin
 <!-- Please describe your feature request in detail. -->
 
 <!-- Make sure that you have reviewed the OpenZeppelin Contributor Guidelines. -->
-<!-- https://github.com/OpenZeppelin/openzeppelin-solidity/blob/master/CONTRIBUTING.md -->
+<!-- https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/CONTRIBUTING.md -->

.github/PULL_REQUEST_TEMPLATE.md

@@ -13,7 +13,7 @@ Fixes #
 
 <!-- 3. Before submitting, please make sure that you have:
   - reviewed the OpenZeppelin Contributor Guidelines
-    (https://github.com/OpenZeppelin/openzeppelin-solidity/blob/master/CONTRIBUTING.md),
+    (https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/CONTRIBUTING.md),
   - added tests where applicable to test new functionality,
   - made sure that your contracts are well-documented,
   - run the Solidity linter (`npm run lint:sol`) and fixed any issues,

.gitignore

@@ -44,3 +44,7 @@ build/
 # docsite artifacts
 docsite-build
 docs/api
+
+# only used to package @openzeppelin/contracts
+contracts/build/
+contracts/README.md

CONTRIBUTING.md

@@ -1,7 +1,7 @@
-Contributing to OpenZeppelin
+Contributing to OpenZeppelin Contracts
 =======
 
-We really appreciate and value contributions to OpenZeppelin. Please take 5' to review the items listed below to make sure that your contributions are merged as soon as possible. 
+We really appreciate and value contributions to OpenZeppelin Contracts. Please take 5' to review the items listed below to make sure that your contributions are merged as soon as possible.
 
 ## Contribution guidelines
 
@@ -11,7 +11,7 @@ Smart contracts manage value and are highly vulnerable to errors and attacks. We
 
 As a contributor, you are expected to fork this repository, work on your own fork and then submit pull requests. The pull requests will be reviewed and eventually merged into the main repo. See ["Fork-a-Repo"](https://help.github.com/articles/fork-a-repo/) for how this works.
 
-*IMPORTANT* 
+*IMPORTANT*
 * Please see ["Git flow wiki entry"](https://github.com/OpenZeppelin/openzeppelin-solidity/wiki/Git-flow) for understanding how to use branches in this repository.
 
 ## A typical workflow
@@ -19,12 +19,12 @@ As a contributor, you are expected to fork this repository, work on your own for
 1) Make sure your fork is up to date with the main repository:
 
 ```
-cd openzeppelin-solidity
-git remote add upstream https://github.com/OpenZeppelin/openzeppelin-solidity.git
+cd openzeppelin-contracts
+git remote add upstream https://github.com/OpenZeppelin/openzeppelin-contracts.git
 git fetch upstream
 git pull --rebase upstream master
 ```
-NOTE: The directory `openzeppelin-solidity` represents your fork's local copy.
+NOTE: The directory `openzeppelin-contracts` represents your fork's local copy.
 
 2) Branch out from `master` into `fix/some-bug-#123`:
 (Postfixing #123 will associate your PR with the issue #123 and make everyone's life easier =D)
@@ -40,9 +40,9 @@ git commit "Fix some bug #123"
 git push origin fix/some-bug-#123
 ```
 
-4) Go to [github.com/OpenZeppelin/openzeppelin-solidity](https://github.com/OpenZeppelin/zeppelin-solidity) in your web browser and issue a new pull request.
+4) Go to [github.com/OpenZeppelin/openzeppelin-contracts](https://github.com/OpenZeppelin/openzeppelin-contracts) in your web browser and issue a new pull request.
 
-*IMPORTANT* Read the PR template very carefully and make sure to follow all the instructions. These instructions 
+*IMPORTANT* Read the PR template very carefully and make sure to follow all the instructions. These instructions
 refer to some very important conditions that your PR must meet in order to be accepted, such as making sure that all tests pass, JS linting tests pass, solidity linting tests pass, etc.
 
 5) Maintainers will review your code and possibly ask for changes before your code is pulled in to the main repository. We'll check that all tests pass, review the coding style, and check for general code correctness. If everything is OK, we'll merge your pull request and your code will be part of OpenZeppelin.
@@ -51,8 +51,8 @@ refer to some very important conditions that your PR must meet in order to be ac
 
 ## All set!
 
-If you have any questions feel free to post them to github.com/OpenZeppelin/openzeppelin-solidity/issues.
+If you have any questions feel free to post them to github.com/OpenZeppelin/openzeppelin-contracts/issues.
 
-Finally, if you're looking to collaborate and want to find easy tasks to start, look at the issues we marked as ["Good first issue"](https://github.com/OpenZeppelin/openzeppelin-solidity/labels/good%20first%20issue).
+Finally, if you're looking to collaborate and want to find easy tasks to start, look at the issues we marked as ["Good first issue"](https://github.com/OpenZeppelin/openzeppelin-contracts/labels/good%20first%20issue).
 
 Thanks for your time and code!

README.md

@@ -1,15 +1,15 @@
 # <img src="logo.png" alt="OpenZeppelin" width="400px">
 
-[![NPM Package](https://img.shields.io/npm/v/openzeppelin-solidity.svg?style=flat-square)](https://www.npmjs.org/package/openzeppelin-solidity)
-[![Build Status](https://travis-ci.com/OpenZeppelin/openzeppelin-solidity.svg?branch=master)](https://travis-ci.com/OpenZeppelin/openzeppelin-solidity)
-[![Coverage Status](https://coveralls.io/repos/github/OpenZeppelin/openzeppelin-solidity/badge.svg?branch=master)](https://coveralls.io/github/OpenZeppelin/openzeppelin-solidity?branch=master)
+[![NPM Package](https://img.shields.io/npm/v/@openzeppelin/contracts.svg)](https://www.npmjs.org/package/@openzeppelin/contracts)
+[![Build Status](https://travis-ci.com/OpenZeppelin/openzeppelin-contracts.svg?branch=master)](https://travis-ci.com/OpenZeppelin/openzeppelin-contracts)
+[![Coverage Status](https://coveralls.io/repos/github/OpenZeppelin/openzeppelin-contracts/badge.svg?branch=master)](https://coveralls.io/github/OpenZeppelin/openzeppelin-contracts?branch=master)
 
 **OpenZeppelin is a library for secure smart contract development.** It provides implementations of standards like ERC20 and ERC721 which you can deploy as-is or extend to suit your needs, as well as Solidity components to build custom contracts and more complex decentralized systems.
 
 ## Install
 
 ```
-npm install openzeppelin-solidity
+npm install @openzeppelin/contracts
 ```
 
 OpenZeppelin features a stable API, which means your contracts won't break unexpectedly when upgrading to a newer minor version. You can read ṫhe details in our [API Stability](https://forum.zeppelin.solutions/t/api-stability/138) document.
@@ -21,8 +21,8 @@ To write your custom contracts, import ours and extend them through inheritance.
 ```solidity
 pragma solidity ^0.5.0;
 
-import 'openzeppelin-solidity/contracts/token/ERC721/ERC721Full.sol';
-import 'openzeppelin-solidity/contracts/token/ERC721/ERC721Mintable.sol';
+import "@openzeppelin/contracts/token/ERC721/ERC721Full.sol";
+import "@openzeppelin/contracts/token/ERC721/ERC721Mintable.sol";
 
 contract MyNFT is ERC721Full, ERC721Mintable {
   constructor() ERC721Full("MyNFT", "MNFT") public {

RELEASING.md

@@ -2,7 +2,7 @@
 
 This document describes our release process, and contains the steps to be followed by an OpenZeppelin maintainer at the several stages of a release.
 
-We release a new version of OpenZeppelin monthly. Release cycles are tracked in the [issue milestones](https://github.com/OpenZeppelin/openzeppelin-solidity/milestones).
+We release a new version of OpenZeppelin monthly. Release cycles are tracked in the [issue milestones](https://github.com/OpenZeppelin/openzeppelin-contracts/milestones).
 
 Each release has at least one release candidate published first, intended for community review and any critical fixes that may come out of it. At the moment we leave 1 week between the first release candidate and the final release.
 
@@ -32,7 +32,7 @@ git push upstream release-vX.Y.Z
 git push upstream vX.Y.Z-rc.R
 ```
 
-Draft the release notes in our [GitHub releases](https://github.com/OpenZeppelin/openzeppelin-solidity/releases). Make sure to mark it as a pre-release! Try to be consistent with our previous release notes in the title and format of the text. Release candidates don't need a detailed changelog, but make sure to include a link to GitHub's compare page.
+Draft the release notes in our [GitHub releases](https://github.com/OpenZeppelin/openzeppelin-contracts/releases). Make sure to mark it as a pre-release! Try to be consistent with our previous release notes in the title and format of the text. Release candidates don't need a detailed changelog, but make sure to include a link to GitHub's compare page.
 
 Once the CI run for the new tag is green, publish on npm under the `next` tag. You should see the contracts compile automatically.
 
@@ -76,7 +76,7 @@ Publish the release notes on GitHub and ask our community manager to announce th
 Delete the `next` tag in the npm package as there is no longer a release candidate.
 
 ```
-npm dist-tag rm --otp $2FA_CODE openzeppelin-solidity next
+npm dist-tag rm --otp $2FA_CODE @openzeppelin/contracts next
 ```
 
 ## Merging the release branch

contracts/drafts/SignedSafeMath.sol

@@ -13,7 +13,7 @@ library SignedSafeMath {
     function mul(int256 a, int256 b) internal pure returns (int256) {
         // Gas optimization: this is cheaper than requiring 'a' not being zero, but the
         // benefit is lost if 'b' is also tested.
-        // See: https://github.com/OpenZeppelin/openzeppelin-solidity/pull/522
+        // See: https://github.com/OpenZeppelin/openzeppelin-contracts/pull/522
         if (a == 0) {
             return 0;
         }

contracts/math/SafeMath.sol

@@ -58,7 +58,7 @@ library SafeMath {
     function mul(uint256 a, uint256 b) internal pure returns (uint256) {
         // Gas optimization: this is cheaper than requiring 'a' not being zero, but the
         // benefit is lost if 'b' is also tested.
-        // See: https://github.com/OpenZeppelin/openzeppelin-solidity/pull/522
+        // See: https://github.com/OpenZeppelin/openzeppelin-contracts/pull/522
         if (a == 0) {
             return 0;
         }

contracts/package.json

@@ -0,0 +1,32 @@
+{
+  "name": "@openzeppelin/contracts",
+  "version": "2.3.0",
+  "description": "Secure Smart Contract library for Solidity",
+  "files": [
+    "**/*.sol",
+    "/build/*.json",
+    "!/mocks",
+    "!/examples"
+  ],
+  "scripts": {
+    "prepare": "bash ../scripts/prepare-contracts-package.sh"
+  },
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/OpenZeppelin/openzeppelin-contracts.git"
+  },
+  "keywords": [
+    "solidity",
+    "ethereum",
+    "smart",
+    "contracts",
+    "security",
+    "zeppelin"
+  ],
+  "author": "OpenZeppelin Community <maintainers@openzeppelin.org>",
+  "license": "MIT",
+  "bugs": {
+    "url": "https://github.com/OpenZeppelin/openzeppelin-contracts/issues"
+  },
+  "homepage": "https://github.com/OpenZeppelin/openzeppelin-contracts"
+}

package-lock.json

@@ -2490,6 +2490,13 @@
         "get-func-name": "^2.0.0",
         "pathval": "^1.1.0",
         "type-detect": "^4.0.5"
+      },
+      "dependencies": {
+        "pify": {
+          "version": "2.3.0",
+          "resolved": "http://registry.npmjs.org/pify/-/pify-2.3.0.tgz",
+          "integrity": "sha1-7RQaasBDqEnqWISY59yosVMw6Qw="
+        }
       }
     },
     "chai-bn": {
@@ -3146,6 +3153,13 @@
           "dev": true,
           "requires": {
             "p-try": "^2.0.0"
+          },
+          "dependencies": {
+            "pify": {
+              "version": "2.3.0",
+              "resolved": "http://registry.npmjs.org/pify/-/pify-2.3.0.tgz",
+              "integrity": "sha1-7RQaasBDqEnqWISY59yosVMw6Qw="
+            }
           }
         },
         "p-locate": {
@@ -3155,6 +3169,13 @@
           "dev": true,
           "requires": {
             "p-limit": "^2.0.0"
+          },
+          "dependencies": {
+            "pify": {
+              "version": "2.3.0",
+              "resolved": "http://registry.npmjs.org/pify/-/pify-2.3.0.tgz",
+              "integrity": "sha1-7RQaasBDqEnqWISY59yosVMw6Qw="
+            }
           }
         },
         "parse-json": {
@@ -4015,7 +4036,7 @@
       "dependencies": {
         "pify": {
           "version": "2.3.0",
-          "resolved": "http://registry.npmjs.org/pify/-/pify-2.3.0.tgz",
+          "resolved": "https://registry.npmjs.org/pify/-/pify-2.3.0.tgz",
           "integrity": "sha1-7RQaasBDqEnqWISY59yosVMw6Qw=",
           "dev": true
         }
@@ -4754,7 +4775,7 @@
           "dependencies": {
             "pify": {
               "version": "2.3.0",
-              "resolved": "http://registry.npmjs.org/pify/-/pify-2.3.0.tgz",
+              "resolved": "https://registry.npmjs.org/pify/-/pify-2.3.0.tgz",
               "integrity": "sha1-7RQaasBDqEnqWISY59yosVMw6Qw=",
               "dev": true
             }
@@ -4771,7 +4792,7 @@
           "dependencies": {
             "pify": {
               "version": "2.3.0",
-              "resolved": "http://registry.npmjs.org/pify/-/pify-2.3.0.tgz",
+              "resolved": "https://registry.npmjs.org/pify/-/pify-2.3.0.tgz",
               "integrity": "sha1-7RQaasBDqEnqWISY59yosVMw6Qw=",
               "dev": true
             }
@@ -5905,7 +5926,7 @@
     },
     "fs-extra": {
       "version": "0.30.0",
-      "resolved": "http://registry.npmjs.org/fs-extra/-/fs-extra-0.30.0.tgz",
+      "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-0.30.0.tgz",
       "integrity": "sha1-8jP/zAjU2n1DLapEl3aYnbHfk/A=",
       "dev": true,
       "requires": {
@@ -7508,7 +7529,7 @@
       "dependencies": {
         "pify": {
           "version": "2.3.0",
-          "resolved": "http://registry.npmjs.org/pify/-/pify-2.3.0.tgz",
+          "resolved": "https://registry.npmjs.org/pify/-/pify-2.3.0.tgz",
           "integrity": "sha1-7RQaasBDqEnqWISY59yosVMw6Qw=",
           "dev": true
         }
@@ -8865,7 +8886,7 @@
     },
     "jsonfile": {
       "version": "2.4.0",
-      "resolved": "http://registry.npmjs.org/jsonfile/-/jsonfile-2.4.0.tgz",
+      "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-2.4.0.tgz",
       "integrity": "sha1-NzaitCi4e72gzIO1P6PWM6NcKug=",
       "dev": true,
       "requires": {

package.json

@@ -3,11 +3,11 @@
   "version": "2.3.0",
   "description": "Secure Smart Contract library for Solidity",
   "files": [
-    "build",
-    "contracts",
-    "!contracts/mocks",
-    "!contracts/examples",
-    "test/behaviors"
+    "/contracts/**/*.sol",
+    "/build/contracts/*.json",
+    "!/contracts/mocks",
+    "!/contracts/examples",
+    "/test/behaviors"
   ],
   "scripts": {
     "compile": "truffle compile",
@@ -22,12 +22,12 @@
     "lint:sol": "solhint --max-warnings 0 \"contracts/**/*.sol\"",
     "prepare": "node scripts/prepare.js",
     "release": "scripts/release/release.sh",
-    "version": "scripts/release/update-changelog-release-date.js && scripts/release/update-ethpm-version.js",
+    "version": "scripts/release/version.sh",
     "test": "scripts/test.sh"
   },
   "repository": {
     "type": "git",
-    "url": "https://github.com/OpenZeppelin/zeppelin-solidity.git"
+    "url": "https://github.com/OpenZeppelin/openzeppelin-contracts.git"
   },
   "keywords": [
     "solidity",
@@ -40,9 +40,9 @@
   "author": "OpenZeppelin Community <maintainers@openzeppelin.org>",
   "license": "MIT",
   "bugs": {
-    "url": "https://github.com/OpenZeppelin/zeppelin-solidity/issues"
+    "url": "https://github.com/OpenZeppelin/openzeppelin-contracts/issues"
   },
-  "homepage": "https://github.com/OpenZeppelin/zeppelin-solidity",
+  "homepage": "https://github.com/OpenZeppelin/openzeppelin-contracts",
   "devDependencies": {
     "chai": "^4.2.0",
     "concurrently": "^4.1.0",

scripts/prepare-contracts-package.sh

@@ -0,0 +1,12 @@
+#!/usr/bin/env bash
+
+# cd to the root of the repo
+cd "$(git rev-parse --show-toplevel)"
+
+# avoids re-compilation during publishing of both packages
+if [[ ! -v ALREADY_COMPILED ]]; then
+  npm run prepare
+fi
+
+cp README.md contracts/
+cp -Tr build/contracts contracts/build

scripts/release/release.sh

@@ -30,20 +30,32 @@ push_release_branch_and_tag() {
   git push upstream "$(current_release_branch)" "$(current_version)"
 }
 
-push_and_publish() {
+publish() {
   dist_tag="$1"
 
-  log "Pushing release branch and tags to upstream"
-  push_release_branch_and_tag
-
-  log "Publishing package on npm"
+  log "Publishing openzeppelin-solidity on npm"
   npm publish --tag "$dist_tag" --otp "$(prompt_otp)"
 
+  log "Publishing @openzeppelin/contracts on npm"
+  env ALREADY_COMPILED= \ # avoid re-compiling
+    npm publish contracts --tag "$dist_tag" --otp "$(prompt_otp)"
+
   if [[ "$dist_tag" == "latest" ]]; then
-    npm dist-tag rm --otp "$(prompt_otp)" openzeppelin-solidity next
+    otp="$(prompt_otp)"
+    npm dist-tag rm --otp "$otp" openzeppelin-solidity next
+    npm dist-tag rm --otp "$otp" @openzeppelin/contracts next
   fi
 }
 
+push_and_publish() {
+  dist_tag="$1"
+
+  log "Pushing release branch and tags to upstream"
+  push_release_branch_and_tag
+
+  publish "$dist_tag"
+}
+
 prompt_otp() {
   log -n "Enter npm 2FA token: "
   read -r otp

scripts/release/synchronize-versions.js

@@ -0,0 +1,18 @@
+#!/usr/bin/env node
+
+// Synchronizes the versions in ethpm.json and contracts/package.json with the
+// one in package.json.
+// This is run automatically when npm version is run.
+
+const fs = require('fs');
+const cp = require('child_process');
+
+setVersion('contracts/package.json');
+setVersion('ethpm.json');
+
+function setVersion(file) {
+  const json = JSON.parse(fs.readFileSync(file));
+  json.version = process.env.npm_package_version;
+  fs.writeFileSync(file, JSON.stringify(json, null, 2) + '\n');
+  cp.execFileSync('git', ['add', file]);
+}

scripts/release/update-ethpm-version.js

@@ -1,16 +0,0 @@
-#!/usr/bin/env node
-
-// Synchronizes ethpm.json version number with package.json.
-// This is run automatically when npm version is run.
-
-const fs = require('fs');
-const cp = require('child_process');
-
-const pkg = require('../../package.json');
-const ethpm = require('../../ethpm.json');
-
-ethpm.version = pkg.version;
-
-fs.writeFileSync('ethpm.json', JSON.stringify(ethpm, null, 2) + '\n');
-
-cp.execSync('git add ethpm.json');

scripts/release/version.sh

@@ -0,0 +1,6 @@
+#!/usr/bin/env bash
+
+set -o errexit
+
+scripts/release/update-changelog-release-date.js
+scripts/release/synchronize-versions.js