huggingface
diff --git a/‎.devcontainer/devcontainer.json‎
Lines changed: 24 additions & 0 deletions b/‎.devcontainer/devcontainer.json‎
Lines changed: 24 additions & 0 deletions
diff --git a/‎.github/workflows/agents-publish.yml‎
Lines changed: 18 additions & 15 deletions b/‎.github/workflows/agents-publish.yml‎
Lines changed: 18 additions & 15 deletions
diff --git a/‎.github/workflows/blake3-wasm-publish.yml‎
Lines changed: 18 additions & 15 deletions b/‎.github/workflows/blake3-wasm-publish.yml‎
Lines changed: 18 additions & 15 deletions
diff --git a/‎.github/workflows/blob-publish.yml‎
Lines changed: 17 additions & 15 deletions b/‎.github/workflows/blob-publish.yml‎
Lines changed: 17 additions & 15 deletions
diff --git a/‎.github/workflows/dduf-publish.yml‎
Lines changed: 17 additions & 15 deletions b/‎.github/workflows/dduf-publish.yml‎
Lines changed: 17 additions & 15 deletions
diff --git a/‎.github/workflows/gearhash-wasm-publish.yml‎
Lines changed: 18 additions & 15 deletions b/‎.github/workflows/gearhash-wasm-publish.yml‎
Lines changed: 18 additions & 15 deletions
@@ -0,0 +1,24 @@
+// For format details, see https://aka.ms/devcontainer.json. For config options, see the
+// README at: https://github.com/devcontainers/templates/tree/main/src/typescript-node
+{
+    "name": "Node.js & TypeScript",
+    // Or use a Dockerfile or Docker Compose file. More info: https://containers.dev/guide/dockerfile
+    "image": "mcr.microsoft.com/devcontainers/typescript-node:1-22-bookworm",
+
+    // Features to add to the dev container. More info: https://containers.dev/features.
+    "features": {
+        "ghcr.io/joshuanianji/devcontainer-features/mount-pnpm-store:1": {}
+    }
+
+    // Use 'forwardPorts' to make a list of ports inside the container available locally.
+    // "forwardPorts": [],
+
+    // Use 'postCreateCommand' to run commands after the container is created.
+    // "postCreateCommand": "yarn install",
+
+    // Configure tool-specific properties.
+    // "customizations": {},
+
+    // Uncomment to connect as root instead. More info: https://aka.ms/dev-containers-non-root.
+    // "remoteUser": "root"
+}
@@ -19,27 +19,30 @@ defaults:
   run:
     working-directory: packages/agents
 
+permissions:
+  contents: write
+  id-token: write
+  packages: write
+
 jobs:
   version_and_release:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v5
         with:
           # Needed to push the tag and the commit on the main branch, otherwise we get:
           # > Run git push --follow-tags
           # remote: error: GH006: Protected branch update failed for refs/heads/main.
           # remote: error: Changes must be made through a pull request. Required status check "lint" is expected.
           token: ${{ secrets.BOT_ACCESS_TOKEN }}
       - run: npm install -g corepack@latest && corepack enable
-      - uses: actions/setup-node@v3
+      - uses: actions/setup-node@v4
         with:
-          node-version: "20"
+          node-version: "24"
           cache: "pnpm"
           cache-dependency-path: |
             packages/agents/pnpm-lock.yaml
             packages/doc-internal/pnpm-lock.yaml
-          # setting a registry enables the NODE_AUTH_TOKEN env variable where we can set an npm token.  REQUIRED
-          registry-url: "https://registry.npmjs.org"
       - run: pnpm install
       - run: git config --global user.name machineuser
       - run: git config --global user.email [email protected]
@@ -52,19 +55,19 @@ jobs:
           git add ../..
           git commit -m "🔖 @huggingface/agents $BUMPED_VERSION"
           git tag "agents-v$BUMPED_VERSION"
-      - run: pnpm --filter agents... build && pnpm publish --no-git-checks .
-        env:
-          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+
       - run: (git pull --rebase && git push --follow-tags) || (git pull --rebase && git push --follow-tags)
-      # hack - reuse actions/setup-node@v3 just to set a new registry
-      - uses: actions/setup-node@v3
+
+      - run: pnpm --filter agents... build && pnpm publish --no-git-checks .
+      # hack - reuse actions/setup-node@v4 just to set a new registry
+      - uses: actions/setup-node@v4
         with:
-          node-version: "20"
+          node-version: "24"
           registry-url: "https://npm.pkg.github.com"
-      # Disable for now, until github supports PATs for writing github packages (https://github.com/github/roadmap/issues/558)
-      # - run: pnpm publish --no-git-checks .
-      #   env:
-      #     NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - run: pnpm publish --no-git-checks .
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
       - name: "Update Doc"
         uses: peter-evans/repository-dispatch@v2
         with:
 
@@ -19,26 +19,29 @@ defaults:
   run:
     working-directory: packages/blake3-wasm
 
+permissions:
+  contents: write
+  id-token: write
+  packages: write
+
 jobs:
   version_and_release:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v5
         with:
           # Needed to push the tag and the commit on the main branch, otherwise we get:
           # > Run git push --follow-tags
           # remote: error: GH006: Protected branch update failed for refs/heads/main.
           # remote: error: Changes must be made through a pull request. Required status check "lint" is expected.
           token: ${{ secrets.BOT_ACCESS_TOKEN }}
       - run: npm install -g corepack@latest && corepack enable
-      - uses: actions/setup-node@v3
+      - uses: actions/setup-node@v4
         with:
-          node-version: "20"
+          node-version: "24"
           cache: "pnpm"
           cache-dependency-path: |
             packages/blake3-wasm/pnpm-lock.yaml
-          # setting a registry enables the NODE_AUTH_TOKEN env variable where we can set an npm token.  REQUIRED
-          registry-url: "https://registry.npmjs.org"
       - run: pnpm install
       - run: git config --global user.name machineuser
       - run: git config --global user.email [email protected]
@@ -49,16 +52,16 @@ jobs:
           node -e "const fs = require('fs'); const package = JSON.parse(fs.readFileSync('./package.json')); package.version = '$BUMPED_VERSION'; fs.writeFileSync('./package.json', JSON.stringify(package, null, '\t') + '\n');"
           git commit . -m "🔖 @huggingface/blake3-wasm $BUMPED_VERSION"
           git tag "blake3-wasm-v$BUMPED_VERSION"
-      - run: pnpm publish --no-git-checks .
-        env:
-          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+
       - run: (git pull --rebase && git push --follow-tags) || (git pull --rebase && git push --follow-tags)
-      # hack - reuse actions/setup-node@v3 just to set a new registry
-      - uses: actions/setup-node@v3
+
+      - run: pnpm publish --no-git-checks .
+      # hack - reuse actions/setup-node@v4 just to set a new registry
+      - uses: actions/setup-node@v4
         with:
-          node-version: "20"
+          node-version: "24"
           registry-url: "https://npm.pkg.github.com"
-      # Disable for now, until github supports PATs for writing github packages (https://github.com/github/roadmap/issues/558)
-      # - run: pnpm publish --no-git-checks .
-      #   env:
-      #     NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - run: pnpm publish --no-git-checks .
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -19,26 +19,29 @@ defaults:
   run:
     working-directory: packages/blob
 
+permissions:
+  contents: write
+  id-token: write
+  packages: write
+
 jobs:
   version_and_release:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v5
         with:
           # Needed to push the tag and the commit on the main branch, otherwise we get:
           # > Run git push --follow-tags
           # remote: error: GH006: Protected branch update failed for refs/heads/main.
           # remote: error: Changes must be made through a pull request. Required status check "lint" is expected.
           token: ${{ secrets.BOT_ACCESS_TOKEN }}
       - run: npm install -g corepack@latest && corepack enable
-      - uses: actions/setup-node@v3
+      - uses: actions/setup-node@v4
         with:
-          node-version: "20"
+          node-version: "24"
           cache: "pnpm"
           cache-dependency-path: |
             packages/blob/pnpm-lock.yaml
-          # setting a registry enables the NODE_AUTH_TOKEN env variable where we can set an npm token.  REQUIRED
-          registry-url: "https://registry.npmjs.org"
       - run: pnpm install
       - run: git config --global user.name machineuser
       - run: git config --global user.email [email protected]
@@ -50,19 +53,18 @@ jobs:
           git commit . -m "🔖 @huggingface/blob $BUMPED_VERSION"
           git tag "blob-v$BUMPED_VERSION"
 
-      - run: pnpm publish --no-git-checks .
-        env:
-          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
       - run: (git pull --rebase && git push --follow-tags) || (git pull --rebase && git push --follow-tags)
-      # hack - reuse actions/setup-node@v3 just to set a new registry
-      - uses: actions/setup-node@v3
+
+      - run: pnpm publish --no-git-checks .
+      # hack - reuse actions/setup-node@v4 just to set a new registry
+      - uses: actions/setup-node@v4
         with:
-          node-version: "20"
+          node-version: "24"
           registry-url: "https://npm.pkg.github.com"
-      # Disable for now, until github supports PATs for writing github packages (https://github.com/github/roadmap/issues/558)
-      # - run: pnpm publish --no-git-checks .
-      #   env:
-      #     NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - run: pnpm publish --no-git-checks .
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
       - name: "Update Doc"
         uses: peter-evans/repository-dispatch@v2
         with:
 
@@ -19,26 +19,29 @@ defaults:
   run:
     working-directory: packages/dduf
 
+permissions:
+  contents: write
+  id-token: write
+  packages: write
+
 jobs:
   version_and_release:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v5
         with:
           # Needed to push the tag and the commit on the main branch, otherwise we get:
           # > Run git push --follow-tags
           # remote: error: GH006: Protected branch update failed for refs/heads/main.
           # remote: error: Changes must be made through a pull request. Required status check "lint" is expected.
           token: ${{ secrets.BOT_ACCESS_TOKEN }}
       - run: npm install -g corepack@latest && corepack enable
-      - uses: actions/setup-node@v3
+      - uses: actions/setup-node@v4
         with:
-          node-version: "20"
+          node-version: "24"
           cache: "pnpm"
           cache-dependency-path: |
             packages/dduf/pnpm-lock.yaml
-          # setting a registry enables the NODE_AUTH_TOKEN env variable where we can set an npm token.  REQUIRED
-          registry-url: "https://registry.npmjs.org"
       - run: pnpm install
       - run: git config --global user.name machineuser
       - run: git config --global user.email [email protected]
@@ -53,19 +56,18 @@ jobs:
       - name: "Check Deps are published before publishing this package"
         run: pnpm -w check-deps blob
 
-      - run: pnpm publish --no-git-checks .
-        env:
-          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
       - run: (git pull --rebase && git push --follow-tags) || (git pull --rebase && git push --follow-tags)
-      # hack - reuse actions/setup-node@v3 just to set a new registry
-      - uses: actions/setup-node@v3
+
+      - run: pnpm publish --no-git-checks .
+      # hack - reuse actions/setup-node@v4 just to set a new registry
+      - uses: actions/setup-node@v4
         with:
-          node-version: "20"
+          node-version: "24"
           registry-url: "https://npm.pkg.github.com"
-      # Disable for now, until github supports PATs for writing github packages (https://github.com/github/roadmap/issues/558)
-      # - run: pnpm publish --no-git-checks .
-      #   env:
-      #     NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - run: pnpm publish --no-git-checks .
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
       - name: "Update Doc"
         uses: peter-evans/repository-dispatch@v2
         with:
 
@@ -19,26 +19,29 @@ defaults:
   run:
     working-directory: packages/gearhash-wasm
 
+permissions:
+  contents: write
+  id-token: write
+  packages: write
+
 jobs:
   version_and_release:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v5
         with:
           # Needed to push the tag and the commit on the main branch, otherwise we get:
           # > Run git push --follow-tags
           # remote: error: GH006: Protected branch update failed for refs/heads/main.
           # remote: error: Changes must be made through a pull request. Required status check "lint" is expected.
           token: ${{ secrets.BOT_ACCESS_TOKEN }}
       - run: npm install -g corepack@latest && corepack enable
-      - uses: actions/setup-node@v3
+      - uses: actions/setup-node@v4
         with:
-          node-version: "20"
+          node-version: "24"
           cache: "pnpm"
           cache-dependency-path: |
             packages/gearhash-wasm/pnpm-lock.yaml
-          # setting a registry enables the NODE_AUTH_TOKEN env variable where we can set an npm token.  REQUIRED
-          registry-url: "https://registry.npmjs.org"
       - run: pnpm install
       - run: git config --global user.name machineuser
       - run: git config --global user.email [email protected]
@@ -49,16 +52,16 @@ jobs:
           node -e "const fs = require('fs'); const package = JSON.parse(fs.readFileSync('./package.json')); package.version = '$BUMPED_VERSION'; fs.writeFileSync('./package.json', JSON.stringify(package, null, '\t') + '\n');"
           git commit . -m "🔖 @huggingface/gearhash-wasm $BUMPED_VERSION"
           git tag "gearhash-wasm-v$BUMPED_VERSION"
-      - run: pnpm publish --no-git-checks .
-        env:
-          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+
       - run: (git pull --rebase && git push --follow-tags) || (git pull --rebase && git push --follow-tags)
-      # hack - reuse actions/setup-node@v3 just to set a new registry
-      - uses: actions/setup-node@v3
+
+      - run: pnpm publish --no-git-checks .
+      # hack - reuse actions/setup-node@v4 just to set a new registry
+      - uses: actions/setup-node@v4
         with:
-          node-version: "20"
+          node-version: "24"
           registry-url: "https://npm.pkg.github.com"
-      # Disable for now, until github supports PATs for writing github packages (https://github.com/github/roadmap/issues/558)
-      # - run: pnpm publish --no-git-checks .
-      #   env:
-      #     NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - run: pnpm publish --no-git-checks .
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}