Merge pull request #26 from rainstormy/release/1.0.1 #3
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow publishes the package to the npm registry. | |
| # | |
| # It is triggered automatically by pushing a Git tag on the form `v<major.minor.patch[-prerelease][+buildinfo]>`, | |
| # as done by the `release-tags.yml` workflow. | |
| # | |
| # It can be triggered manually via the GitHub CLI: | |
| # | |
| # gh workflow run release-npm.yml --ref <tag-name> | |
| # gh run watch | |
| # | |
| # It can be triggered manually via the GitHub web interface: | |
| # https://github.com/rainstormy/presets-typescript/actions/workflows/release-npm.yml | |
| name: Release / npm | |
| on: | |
| push: | |
| tags: | |
| - 'v[0-9]+.[0-9]+.[0-9]+*' | |
| workflow_dispatch: | |
| # Cancel all previous runs of this workflow that are still in progress on the same branch. | |
| # https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#concurrency | |
| concurrency: | |
| group: release-npm-${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| # All third-party actions are pinned to a specific commit SHA for security reasons. | |
| # https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-third-party-actions | |
| jobs: | |
| quality-assurance: | |
| name: Quality assurance | |
| permissions: | |
| contents: read # Allow the job to call the reusable `ci.yml` workflow. | |
| pull-requests: read # `ci.yml` requires `pull-requests` read permissions. | |
| uses: ./.github/workflows/ci.yml | |
| npm-package: | |
| name: npm package | |
| needs: quality-assurance | |
| runs-on: ubuntu-24.04 | |
| timeout-minutes: 1 | |
| permissions: | |
| contents: read # Allow the job to check out the repository. | |
| id-token: write # Allow npm to publish the package with provenance. | |
| steps: | |
| - name: Check out the repository | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| # | |
| - name: Restore build artifacts | |
| uses: ./.github/actions/build-artifacts | |
| # | |
| - name: Install pnpm and third-party dependencies | |
| uses: ./.github/actions/pnpm | |
| # | |
| - name: Publish the package to npm | |
| uses: rainstormy/release/npm@73fe3aae49ad74af650e529107d94f45002798fd # v1.1.0 | |
| with: | |
| access-level: public | |
| npm-auth-token: ${{ secrets.BOT_NIMBUS_NPM_TOKEN }} | |
| packagejson-excluded-fields: | | |
| packageManager | |
| scripts | |
| // dependencies | |
| // devDependencies |