Fix the security alert for qs #14
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow will publish this package to npm on each release created. | |
| # See https://docs.npmjs.com/trusted-publishers#github-actions-configuration | |
| name: Publish to npm | |
| on: | |
| release: | |
| types: [created] | |
| permissions: | |
| id-token: write # Required for OIDC / trusted publishing | |
| contents: read | |
| jobs: | |
| publish-npm: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-node@v4 | |
| with: | |
| node-version: "latest" | |
| registry-url: https://registry.npmjs.org/ | |
| # Ensure npm 11.5.1 or later is installed | |
| - name: Update npm | |
| run: npm install -g npm@latest && npm -v | |
| - run: npm publish --access public |