Skip to content

Commit c6585c7

Browse files
chenjiahanchenjiahan
authored
chore(workflow): enable npm trusted publishing (#45)
1 parent 6c45ea1 commit c6585c7

File tree

3 files changed

+10
-20
lines changed

3 files changed

+10
-20
lines changed

.github/workflows/release.yml

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -37,23 +37,20 @@ on:
3737
default: false
3838

3939
permissions:
40+
contents: write
4041
# To publish packages with provenance
4142
id-token: write
4243

4344
jobs:
4445
release:
4546
name: Release
46-
permissions:
47-
contents: write
48-
# To publish packages with provenance
49-
id-token: write
5047
runs-on: ubuntu-latest
51-
48+
environment: npm
5249
steps:
5350
- name: Checkout
5451
uses: actions/checkout@v4
5552

56-
- name: Install Pnpm
53+
- name: Setup Pnpm
5754
run: |
5855
npm install -g corepack@latest
5956
corepack enable
@@ -64,6 +61,12 @@ jobs:
6461
node-version: 20
6562
cache: "pnpm"
6663

64+
# Update npm to the latest version to enable OIDC
65+
- name: Update npm
66+
run: |
67+
npm install -g npm@latest
68+
npm --version
69+
6770
- name: Install Dependencies
6871
run: pnpm install
6972

@@ -76,6 +79,3 @@ jobs:
7679
DRY_RUN: ${{ inputs.dry_run }}
7780
TAG: ${{ inputs.tag }}
7881
VERSION: ${{ inputs.version }}
79-
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
80-
81-

package.json

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -7,8 +7,7 @@
77
"types": "./dist/index.d.ts",
88
"publishConfig": {
99
"access": "public",
10-
"registry": "https://registry.npmjs.org/",
11-
"provenance": true
10+
"registry": "https://registry.npmjs.org/"
1211
},
1312
"exports": {
1413
".": {

scripts/release.mjs

Lines changed: 0 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,6 @@ import { inc } from "semver";
77
const RELEASE_TAG = process.env.TAG || "beta";
88
const RELEASE_DRY_RUN = process.env.DRY_RUN || "true";
99
const RELEASE_VERSION_TYPE = process.env.VERSION || "prerelease";
10-
const RELEASE_NPM_TOKEN = process.env.NPM_TOKEN || "";
1110

1211
const __dirname = url.fileURLToPath(new URL(".", import.meta.url));
1312
const PKG_PATH = path.resolve(__dirname, "../package.json");
@@ -27,14 +26,6 @@ console.info(`Updating version from ${currentVersion} to ${nextVersion}`);
2726
pkg.version = nextVersion;
2827
fs.writeJsonSync(PKG_PATH, pkg, { spaces: 2 });
2928

30-
// Write npmrc
31-
const npmrcPath = `${process.env.HOME}/.npmrc`;
32-
console.info(`Writing npmrc to ${npmrcPath}`);
33-
fs.writeFileSync(
34-
npmrcPath,
35-
`//registry.npmjs.org/:_authToken=${RELEASE_NPM_TOKEN}`,
36-
);
37-
3829
// Publish to npm
3930
console.info(`Publishing to npm with tag ${RELEASE_TAG}`);
4031
const dryRun = RELEASE_DRY_RUN === "true" ? ["--dry-run"] : [];

0 commit comments

Comments
 (0)