|
2 | 2 |
|
3 | 3 | ## tywrap (npm) |
4 | 4 |
|
5 | | -1. Ensure the working tree is clean and `main` is up to date. |
6 | | - |
7 | | -2. Check the release-please branch or PR for the next npm release. Verify: |
8 | | - - `package.json` |
9 | | - - `package-lock.json` |
10 | | - - `src/index.ts` |
11 | | - - `CHANGELOG.md` |
12 | | - |
13 | | -3. Run the release gate in CI-style mode: |
| 5 | +Releases publish from `main` via the [`release.yml`](../.github/workflows/release.yml) |
| 6 | +workflow. There is one path: bump the version on a branch, merge to `main`, and the |
| 7 | +workflow tags, releases, and publishes. |
| 8 | + |
| 9 | +1. On a release branch, bump the version and update the changelog: |
| 10 | + - `package.json` — the new `version` |
| 11 | + - `CHANGELOG.md` — add a `## [X.Y.Z](…compare/vPREV...vX.Y.Z) (DATE)` section |
| 12 | + (the workflow extracts the GitHub release notes from this exact header) |
| 13 | + - `src/version.ts` — regenerate with `npm run build:version` (single-sourced |
| 14 | + from `package.json`) |
| 15 | + - `package-lock.json` — refresh if dependencies changed |
| 16 | + |
| 17 | +2. Run the release gate: |
14 | 18 | ```sh |
15 | 19 | CI=1 npm run check:all |
16 | 20 | ``` |
17 | 21 |
|
18 | | -4. Merge the reviewed release branch or PR to `main`. The [`release.yml`](../.github/workflows/release.yml) |
19 | | - workflow has two paths: |
20 | | - - normal path: `release-please` opens or updates the release PR, then creates the npm tag and release after that PR is merged |
21 | | - - fallback path: if `main` already contains an unreleased `package.json` version with a matching `CHANGELOG.md` section, the workflow tags and publishes that version directly from `main` |
22 | | - |
23 | | -5. npm publishing uses npm trusted publishing from GitHub Actions. Keep the npm |
24 | | - package connected to this repository as a trusted publisher, and do not add a |
25 | | - publish token to the workflow for the normal release path. The release job |
26 | | - validates the tagged package on Node 22, then switches to Node 24 for the |
27 | | - final `npm publish --provenance` step so npm uses an OIDC-capable CLI. |
| 22 | +3. Open a PR, get CI green, and merge to `main`. On that push `release.yml` |
| 23 | + detects that `main` carries an unreleased `package.json` version with a |
| 24 | + matching `CHANGELOG.md` section and no existing tag, then tags `vX.Y.Z`, |
| 25 | + creates the GitHub release from that changelog section, and publishes to npm. |
28 | 26 |
|
29 | | -6. For the normal `release-please` path, keep the repository Actions setting |
30 | | - `Allow GitHub Actions to create and approve pull requests` enabled. |
| 27 | +4. npm publishing uses npm trusted publishing (OIDC) from GitHub Actions — keep |
| 28 | + the package connected to this repository as a trusted publisher, and do not |
| 29 | + add a publish token to the workflow. The publish job validates on Node 22, |
| 30 | + then switches to Node 24 for the final `npm publish --provenance` step so npm |
| 31 | + uses an OIDC-capable CLI. |
31 | 32 |
|
32 | | -7. To publish an existing release tag without opening a new release PR, run the |
33 | | - `Release Please` workflow manually with `publish_tag=vX.Y.Z`. |
| 33 | +5. To (re)publish an already-tagged version without changing `main`, run the |
| 34 | + `Release` workflow manually with `publish_tag=vX.Y.Z`. |
34 | 35 |
|
35 | | -8. If GitHub Actions release automation is unavailable, use the manual fallback: |
| 36 | +6. If GitHub Actions release automation is unavailable, use the manual fallback: |
36 | 37 | ```sh |
37 | 38 | node scripts/release.mjs <version> --commit --tag |
38 | 39 | git push && git push --tags |
|
0 commit comments