@@ -7,33 +7,50 @@ permissions:
77 contents : read
88
99jobs :
10- release-to-npm :
10+ setup-and-compile :
1111 runs-on : ubuntu-latest
12- permissions :
13- # needed for NPM provenance
14- id-token : write
1512 steps :
1613 - name : Checkout Repository
1714 uses : actions/checkout@v5
1815 with :
1916 fetch-depth : 0
20-
2117 - name : Setup Node
2218 uses : actions/setup-node@v5
2319 with :
24- node-version : 18
20+ node-version : 24
2521 registry-url : ' https://registry.npmjs.org'
26-
2722 - run : npm ci
28-
2923 # NOTE: in the past, we've had situations where the compiled files were missing as the `prepublishOnly` script was
3024 # missing in some packages. `npx lerna publish` *should* also run compile, but this is intended as a safeguard
3125 # when that does not happen for whatever reason.
3226 - run : npm run compile
33-
27+ - name : Upload contents for publish
28+ uses : actions/upload-artifact@v4
29+ with :
30+ name : publish-cache-${{ github.run_number }}
31+ path : .
32+ include-hidden-files : true
33+ if-no-files-found : error
34+ retention-days : 10
35+ npm-publish :
36+ needs : setup-and-compile
37+ runs-on : ubuntu-latest
38+ permissions :
39+ contents : read
40+ id-token : write # to generate npm OIDC and provenance statements
41+ environment : npm-publish-environment
42+ steps :
43+ - name : Setup Node
44+ uses : actions/setup-node@v5
45+ with :
46+ node-version : 24
47+ registry-url : ' https://registry.npmjs.org'
48+ - name : Download contents for publish
49+ uses : actions/download-artifact@v4
50+ with :
51+ name : publish-cache-${{ github.run_number }}
3452 - name : Publish to npm
3553 env :
36- NODE_AUTH_TOKEN : ${{secrets.NPM_TOKEN}}
3754 NPM_CONFIG_PROVENANCE : true
3855 # NOTE: using --concurrency 1 to reduce the likelihood of a race when publishing,
3956 # which happens when the npm registry is not fully consistent yet. This can cause the publishing of a package to be
0 commit comments