Skip to content

fix(ci): upgrade npm for trusted publishing#40

Merged
fbosch merged 1 commit intomasterfrom
fix/trusted-publishing-npm11
Apr 10, 2026
Merged

fix(ci): upgrade npm for trusted publishing#40
fbosch merged 1 commit intomasterfrom
fix/trusted-publishing-npm11

Conversation

@fbosch
Copy link
Copy Markdown
Owner

@fbosch fbosch commented Apr 10, 2026
edited by coderabbitai bot
Loading

Summary by CodeRabbit

  • Chores
    • Updated the release workflow to install npm version ^11.10.0 before publishing, ensuring consistent tooling and compatibility during the release process.

Copilot AI review requested due to automatic review settings April 10, 2026 09:15
@coderabbitai
Copy link
Copy Markdown

coderabbitai bot commented Apr 10, 2026
edited
Loading

Caution

Review failed

The pull request is closed.

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: d840d2c6-7e00-4052-828a-43223737b434

📥 Commits

Reviewing files that changed from the base of the PR and between e5403c5 and e30cb17.

📒 Files selected for processing (1)
  • .github/workflows/release-please.yml
📝 Walkthrough

Walkthrough

The pull request adds a workflow step in the publish-npm job of the release-please GitHub Actions workflow to globally upgrade npm to version ^11.10.0 before running the publish command.

Changes

Cohort / File(s) Summary
NPM Workflow Configuration
.github/workflows/release-please.yml		 Added a step to upgrade npm to ^11.10.0 globally before running npm publish --access public --provenance in the publish-npm job.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Possibly related PRs

Poem

🐰 A hop and a skip through the npm registry we go,
Upgrading our tools to let packages flow,
Version eleven point ten, fresh and clean,
The fastest npm the world's ever seen! ✨

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch fix/trusted-publishing-npm11

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@pkg-pr-new
Copy link
Copy Markdown

pkg-pr-new bot commented Apr 10, 2026

Open in StackBlitz

npx https://pkg.pr.new/docs-cache@40

commit: e30cb17

@fbosch fbosch merged commit cb9b7f0 into master Apr 10, 2026
11 of 12 checks passed
@fbosch fbosch deleted the fix/trusted-publishing-npm11 branch April 10, 2026 09:16
@github-actions github-actions bot mentioned this pull request Apr 10, 2026
Merged
Copilot AI reviewed Apr 10, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Updates the release workflow to ensure npm supports OIDC “trusted publishing” when publishing to the npm registry, addressing publish failures on older runner npm versions.

Changes:

  • Add a workflow step to upgrade npm in the publish-npm job prior to npm publish --provenance.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

.github/workflows/release-please.yml
cache: pnpm

- name: Upgrade npm for trusted publishing
run: npm install --global npm@^11.10.0
@fbosch fbosch restored the fix/trusted-publishing-npm11 branch April 10, 2026 10:03
@fbosch fbosch deleted the fix/trusted-publishing-npm11 branch April 10, 2026 10:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@fbosch