Skip to content

Commit a5aa2ff

Browse files
ComfortablyCodingComfortablyCoding
committed
Add trusted publish
1 parent bb1f782 commit a5aa2ff

2 files changed

Lines changed: 20 additions & 9 deletions

File tree

.github/actions/setup/action.yml

Lines changed: 11 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,22 +1,28 @@
11
name: Setup
2-
description: Install dependencies and build package
32

43
runs:
54
using: composite
65
steps:
7-
- name: Install Node.js
6+
- name: setup Node
87
uses: actions/setup-node@v4
98
with:
109
node-version: 'lts/*'
1110
check-latest: true
1211
registry-url: https://registry.npmjs.org/
1312

14-
- uses: pnpm/action-setup@v4
15-
name: Install pnpm
13+
# Trusted publishing requires npm 11.5.1 or later is installed
14+
- name: update npm
15+
# required for composite actions
16+
shell: bash
17+
run: npm install -g npm@11.5.1
18+
19+
- name: setup pnpm
20+
uses: pnpm/action-setup@v4
1621
with:
1722
run_install: false
1823
version: 10
1924

20-
- name: Install dependencies
25+
- name: install dependencies
26+
# required for composite actions
2127
shell: bash
2228
run: pnpm install

.github/workflows/publish.yml

Lines changed: 9 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,8 @@
1-
name: Publish
1+
name: Publish Package
2+
3+
permissions:
4+
id-token: write # Required for OIDC
5+
contents: read
26

37
on:
48
release:
@@ -14,11 +18,12 @@ jobs:
1418
- name: setup
1519
uses: ./.github/actions/setup
1620

21+
- name: test
22+
run: pnpm test
23+
1724
- name: build
1825
run: pnpm run build
1926

2027
- name: publish to npm
21-
env:
22-
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
2328
shell: bash
24-
run: pnpm publish --no-git-checks --access public
29+
run: pnpm publish --access public --no-git-checks

0 commit comments

Comments
 (0)