chore(npm): Update release npm action to stop using tokens

.github/CODEOWNERS

@@ -1 +1 @@
-* @ionic-team/stencil
+* @stenciljs/technical-steering-committee

.github/workflows/actions/download-archive/action.yml

@@ -15,6 +15,6 @@ runs:
         name: ${{ inputs.name }}
         path: ${{ inputs.path }}
 
-    - name: Extract Archive
+    - name: 🔃 Extract Archive
       run: unzip -q -o ${{ inputs.path }}/${{ inputs.filename }} -d ${{ inputs.path }}
       shell: bash

.github/workflows/actions/get-core-dependencies/action.yml

@@ -6,12 +6,12 @@ runs:
     # this overrides previous versions of the node runtime that was set.
     # jobs that need a different version of the Node runtime should explicitly
     # set their node version after running this step
-    - name: Use Node Version from Volta
-      uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
+    - name: 🟢 Use Node Version from Volta
+      uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
       with:
         node-version-file: './package.json'
         cache: 'npm'
 
-    - name: Install Dependencies
+    - name: 📦 Install Dependencies
       run: npm ci
       shell: bash

.github/workflows/actions/publish-npm/action.yml

@@ -5,37 +5,49 @@ inputs:
     description: 'The type of version to release.'
   tag:
     description: 'The tag to publish to on NPM.'
-  token:
-    description: 'The NPM authentication token required to publish.'
+  node-version:
+    description: 'Node.js version to use when publishing.'
+    required: false
+    default: '20'
+  registry-url:
+    description: 'Registry URL used for npm publish.'
+    required: false
+    default: 'https://registry.npmjs.org'
 runs:
   using: 'composite'
   steps:
     # Log the input from GitHub Actions for easy traceability
-    - name: Log Inputs
+    - name: 📝 Log Inputs
       run: |
         echo "Version: ${{ inputs.version }}"
         echo "Tag: ${{ inputs.tag }}"
       shell: bash
 
-    - name: Checkout Code
-      uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+    - name: 📥 Checkout Code
+      uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
-    - name: Get Core Dependencies
+    - name: 🕸️ Get Core Dependencies
       uses: ./.github/workflows/actions/get-core-dependencies
 
-    - name: Download Build Archive
+    - name: 🟢 Configure Node for Publish
+      uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
+      with:
+        node-version: ${{ inputs.node-version }}
+        registry-url: ${{ inputs.registry-url }}
+
+    - name: 📤 Download Build Archive
       uses: ./.github/workflows/actions/download-archive
       with:
         name: stencil-playwright
         path: .
         filename: stencil-playwright-build.zip
 
     # Remove the ZIP file after we've extracted it - we don't want this committed back to the repo
-    - name: Delete The Archive ZIP File
+    - name: 🗑️ Delete The Archive ZIP File
       run: rm stencil-playwright-build.zip
       shell: bash
 
-    - name: Bump Version
+    - name: 🏷️ Bump Version
       # --allow-same-version is useful for cases when performing a production release, where we expect the version to
       # have been bumped by running the Production PR Creation workflow first.
       #
@@ -44,21 +56,19 @@ runs:
       shell: bash
 
     # Log the git diff for easy debugging
-    - name: Log Generated Changes
+    - name: 📝 Log Generated Changes
       run: git --no-pager diff
       shell: bash
 
     # Log the git status for easy debugging
-    - name: Log Status
+    - name: 📝 Log Status
       run: git status
       shell: bash
 
-    - name: Prepare NPM Token
-      run: echo //registry.npmjs.org/:_authToken=${NPM_TOKEN} > .npmrc
+    - name: 🔄 Ensure Latest npm
+      run: npm install -g npm@latest
       shell: bash
-      env:
-        NPM_TOKEN: ${{ inputs.token }}
 
-    - name: Publish to NPM
+    - name: 📦 Publish to NPM
       run: npm publish --tag ${{ inputs.tag }} --provenance
       shell: bash

.github/workflows/actions/upload-archive/action.yml

@@ -10,7 +10,7 @@ inputs:
 runs:
   using: 'composite'
   steps:
-    - name: Create Archive
+    - name: 🗄️ Create Archive
       run: zip -q -r ${{ inputs.output }} ${{ inputs.paths }}
       shell: bash
 

.github/workflows/build.yml

@@ -10,22 +10,22 @@ jobs:
     name: Build Stencil Playwright
     runs-on: 'ubuntu-22.04'
     steps:
-      - name: Checkout Code
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+      - name: 📥 Checkout Code
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
         with:
           # the pull_request_target event will consider the HEAD of `main` to be the SHA to use.
           # attempt to use the SHA associated with a pull request and fallback to HEAD of `main`
           ref: ${{ github.event_name == 'pull_request_target' && format('refs/pull/{0}/merge', github.event.number) || '' }}
           persist-credentials: false
 
-      - name: Get Core Dependencies
+      - name: 🕸️ Get Core Dependencies
         uses: ./.github/workflows/actions/get-core-dependencies
 
-      - name: Stencil Playwright Build
+      - name: 🏗️ Stencil Playwright Build
         run: npm run build
         shell: bash
 
-      - name: Upload Build Artifacts
+      - name: 📤 Upload Build Artifacts
         uses: ./.github/workflows/actions/upload-archive
         with:
           name: stencil-playwright

.github/workflows/create-production-pr.yml

@@ -22,39 +22,39 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       # Log the input from GitHub Actions for easy traceability
-      - name: Log GitHub Input
+      - name: 📝 Log GitHub Input
         run: |
           echo "Version: ${{ inputs.version }}"
         shell: bash
 
-      - name: Checkout Code
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+      - name: 📥 Checkout Code
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
-      - name: Get Core Dependencies
+      - name: 🕸️ Get Core Dependencies
         uses: ./.github/workflows/actions/get-core-dependencies
 
-      - name: Bump the Version
+      - name: 🏷️ Bump the Version
         run: npm version ${{ inputs.version }} --no-git-tag
 
-      - name: Log Generated Changes
+      - name: 📝 Log Generated Changes
         run: git --no-pager diff
         shell: bash
 
-      - name: Generate Version String and Branch Name
+      - name: 🏷️ Generate Version String and Branch Name
         id: name_gen
         run: |
           VERSION_STR=$(jq '.version' package.json | sed s/\"//g)
           echo "VERSION_STR=$VERSION_STR" >> "$GITHUB_OUTPUT"
           echo "BRANCH_NAME=release/$VERSION_STR-run-${{ github.run_number }}-${{ github.run_attempt }}" >> "$GITHUB_OUTPUT"
         shell: bash
 
-      - name: Print Version String and Branch Name
+      - name: 🖨️ Print Version String and Branch Name
         run: |
           echo Version: ${{ steps.name_gen.outputs.VERSION_STR }}
           echo Branch Name: ${{ steps.name_gen.outputs.BRANCH_NAME }}
         shell: bash
 
-      - name: Create the Pull Request
+      - name: 📝 Create the Pull Request
         uses: peter-evans/create-pull-request@a4f52f8033a6168103c2538976c07b467e8163bc # v6.0.1
         with:
           # specifies the name of the branch to create off of the base branch

.github/workflows/lint-and-format.yml

@@ -11,19 +11,19 @@ jobs:
     name: Check
     runs-on: 'ubuntu-22.04'
     steps:
-      - name: Checkout Code
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+      - name: 📥 Checkout Code
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
-      - name: Get Core Dependencies
+      - name: 🕸️ Get Core Dependencies
         uses: ./.github/workflows/actions/get-core-dependencies
 
-      - name: ESLint
+      - name: 📝 ESLint
         run: npm run lint
 
-      - name: Prettier Check
+      - name: 📝 Prettier Check
         run: npm run format.dry-run
         shell: bash
 
-      - name: Spellcheck
+      - name: 📝 Spellcheck
         run: npm run spellcheck
         shell: bash

.github/workflows/main.yml

@@ -15,15 +15,15 @@ concurrency:
 
 jobs:
   build_playwright:
-    name: Build
+    name: 🏗️ Build
     uses: ./.github/workflows/build.yml
 
   lint_and_format:
-    name: Lint and Format
+    name: 📝 Lint and Format
     uses: ./.github/workflows/lint-and-format.yml
 
   unit_tests:
-    name: Unit Tests
+    name: 🧪 Unit Tests
     needs: [build_playwright]
     uses: ./.github/workflows/test-unit.yml
     with:

.github/workflows/release-dev.yml

@@ -7,19 +7,19 @@ on:
 
 jobs:
   build_stencil_playwright:
-    name: Build
+    name: 🏗️ Build
     uses: ./.github/workflows/build.yml
 
   get_dev_version:
-    name: Get Dev Build Version
+    name: 🏷️ Get Dev Build Version
     runs-on: ubuntu-latest
     outputs:
       dev-version: ${{ steps.generate-dev-version.outputs.DEV_VERSION }}
     steps:
-      - name: Checkout Code
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+      - name: 📥 Checkout Code
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
-      - name: Generate Dev Version
+      - name: 🏷️ Generate Dev Version
         id: generate-dev-version
         run: |
           PKG_JSON_VERSION=$(cat package.json | jq -r '.version')
@@ -37,17 +37,17 @@ jobs:
         shell: bash
 
   release_stencil_playwright:
-    name: Publish Dev Build
+    name: 📦 Publish Dev Build
     needs: [build_stencil_playwright, get_dev_version]
     runs-on: ubuntu-latest
     permissions:
       contents: read
       id-token: write
     steps:
-      - name: Checkout Code
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
-      - uses: ./.github/workflows/actions/publish-npm
+      - name: 📥 Checkout Code
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - name: 📦 Publish Dev Build
+        uses: ./.github/workflows/actions/publish-npm
         with:
           tag: dev
           version: ${{ needs.get_dev_version.outputs.dev-version }}
-          token: ${{ secrets.NPM_TOKEN }}

.github/workflows/release-production.yml

@@ -14,36 +14,36 @@ on:
 
 jobs:
   build_stencil_playwright:
-    name: Build
+    name: 🏗️ Build
     uses: ./.github/workflows/build.yml
 
   release_stencil_playwright_production_build:
-    name: Publish Stencil Playwright (Production)
+    name: 🚀 Publish Stencil Playwright (Production)
     needs: [ build_stencil_playwright ]
     runs-on: ubuntu-latest
     permissions:
       contents: write
       id-token: write
     steps:
       # Log the input from GitHub Actions for easy traceability
-      - name: Log GitHub Workflow UI Input
+      - name: 📝 Log GitHub Workflow UI Input
         run: |
           echo "Tag: ${{ inputs.tag }}"
         shell: bash
 
-      - name: Checkout Code
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+      - name: 📥 Checkout Code
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
         with:
           ref: 'main'
 
-      - name: Get the Version String
+      - name: 🏷️ Get the Version String
         id: version_retrieval
         run: |
           VERSION_STR=$(jq '.version' package.json | sed s/\"//g)
           echo "VERSION_STR=$VERSION_STR" >> "$GITHUB_OUTPUT"
         shell: bash
 
-      - name: Print Version String
+      - name: 🖨️ Print Version String
         run: |
           echo Version: ${{ steps.version_retrieval.outputs.VERSION_STR }}
         shell: bash
@@ -52,4 +52,3 @@ jobs:
         with:
           tag: ${{ inputs.tag }}
           version: ${{ steps.version_retrieval.outputs.VERSION_STR }}
-          token: ${{ secrets.NPM_TOKEN }}

.github/workflows/test-unit.yml

@@ -14,19 +14,19 @@ jobs:
   unit_test:
     runs-on: ubuntu-22.04
     steps:
-      - name: Checkout Code
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+      - name: 📥 Checkout Code
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
-      - name: Get Core Dependencies
+      - name: 🕸️ Get Core Dependencies
         uses: ./.github/workflows/actions/get-core-dependencies
 
-      - name: Download Build Archive
+      - name: 📤 Download Build Archive
         uses: ./.github/workflows/actions/download-archive
         with:
           name: ${{ inputs.build_name }}
           path: .
           filename: stencil-playwright-build.zip
 
-      - name: Unit Tests
+      - name: 🧪 Unit Tests
         run: npm run test
         shell: bash