From 09ed6d9630b3277350f0e973a1d07546499c07d4 Mon Sep 17 00:00:00 2001 From: Kevin Yu Date: Tue, 7 Oct 2025 06:31:38 -0700 Subject: [PATCH 1/4] Update npm in publish-npm.yml only when node is setup --- .github/workflows/publish-npm.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/publish-npm.yml b/.github/workflows/publish-npm.yml index 8a704a5..71da5c4 100644 --- a/.github/workflows/publish-npm.yml +++ b/.github/workflows/publish-npm.yml @@ -47,6 +47,7 @@ jobs: registry-url: 'https://registry.npmjs.org' - name: Install npm version ^11.5.1 # npm trusted publishing requires version ^11.5.1 + if: steps.version_check.outputs.changed == 'true' run: npm install -g npm@^11.5.1 - name: Install dependencies From b9474aabcdca60ffc66b4909474c3696b3c2c258 Mon Sep 17 00:00:00 2001 From: Kevin Yu Date: Tue, 7 Oct 2025 08:16:00 -0700 Subject: [PATCH 2/4] fix comment --- .github/workflows/publish-npm.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish-npm.yml b/.github/workflows/publish-npm.yml index 71da5c4..2982772 100644 --- a/.github/workflows/publish-npm.yml +++ b/.github/workflows/publish-npm.yml @@ -13,7 +13,7 @@ jobs: permissions: contents: read packages: write - # id-token: write required for get-vault-secrets and trusted publishing + # id-token: write required for npm trusted publishing id-token: write outputs: new_version: ${{ steps.version_check.outputs.version }} From 712caffc320aae67641239484cb162bf9ef38424 Mon Sep 17 00:00:00 2001 From: Kevin Yu Date: Tue, 7 Oct 2025 08:29:22 -0700 Subject: [PATCH 3/4] add environment to workflow --- .github/workflows/publish-npm.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/publish-npm.yml b/.github/workflows/publish-npm.yml index 2982772..f2d0721 100644 --- a/.github/workflows/publish-npm.yml +++ b/.github/workflows/publish-npm.yml @@ -10,6 +10,8 @@ jobs: npm-publish: name: Publish to NPM & GitHub Package Registry runs-on: ubuntu-latest + # Required for this workflow to have permission to publish NPM packages + environment: release permissions: contents: read packages: write From d9591f251d6e4fa90665a9350327b73f223c7ce9 Mon Sep 17 00:00:00 2001 From: Kevin Yu Date: Tue, 7 Oct 2025 08:51:31 -0700 Subject: [PATCH 4/4] remove --scope flag as it does nothing here --- .github/workflows/publish-npm.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish-npm.yml b/.github/workflows/publish-npm.yml index f2d0721..3b80b94 100644 --- a/.github/workflows/publish-npm.yml +++ b/.github/workflows/publish-npm.yml @@ -62,7 +62,7 @@ jobs: - name: Publish package to NPM if: steps.version_check.outputs.changed == 'true' - run: npm publish --access public --scope grafana + run: npm publish --access public - name: Setup .npmrc file for GitHub Packages if: steps.version_check.outputs.changed == 'true'