Skip to content

fix(ci): use npm 11 via npx for publishing#43

Merged
fbosch merged 1 commit intomasterfrom
fix/trusted-publishing-npx
Apr 10, 2026
Merged

fix(ci): use npm 11 via npx for publishing#43
fbosch merged 1 commit intomasterfrom
fix/trusted-publishing-npx

Conversation

@fbosch
Copy link
Copy Markdown
Owner

@fbosch fbosch commented Apr 10, 2026
edited by coderabbitai bot
Loading

Summary

  • remove global npm upgrade step that failed in CI with MODULE_NOT_FOUND
  • keep install step unchanged and run publish with npm 11 through npx
  • preserve trusted publishing settings and provenance generation

Summary by CodeRabbit

  • Chores
    • Improved release process reliability by ensuring a consistent npm version is used for publishing.

Copilot AI review requested due to automatic review settings April 10, 2026 10:42
@pkg-pr-new
Copy link
Copy Markdown

pkg-pr-new bot commented Apr 10, 2026

Open in StackBlitz

npx https://pkg.pr.new/docs-cache@43

commit: 37b09d4

Copilot AI reviewed Apr 10, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Updates the npm publishing workflow to avoid a flaky global npm upgrade in CI while still publishing with npm v11 for trusted publishing/provenance support.

Changes:

  • Removed the global npm install --global npm@... step that was failing in CI.
  • Switched the publish step to run npm@11.10.0 via npx while keeping the existing pnpm install flow.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@fbosch fbosch merged commit 1e59f1a into master Apr 10, 2026
19 of 20 checks passed
@fbosch fbosch deleted the fix/trusted-publishing-npx branch April 10, 2026 10:46
@github-actions github-actions bot mentioned this pull request Apr 10, 2026
Merged
@coderabbitai
Copy link
Copy Markdown

coderabbitai bot commented Apr 10, 2026
edited
Loading

Caution

Review failed

The pull request is closed.

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 35bd0c45-bd75-416e-9e90-8df6d65b7649

📥 Commits

Reviewing files that changed from the base of the PR and between f27a1b0 and 37b09d4.

📒 Files selected for processing (1)
  • .github/workflows/release-please.yml
📝 Walkthrough

Walkthrough

The release-please workflow was modified to use a pinned npm version (11.10.0) for publishing instead of globally upgrading npm first. The global npm upgrade step was removed and the publish command now explicitly invokes the specific npm version via npx.

Changes

Cohort / File(s) Summary
npm Release Workflow
.github/workflows/release-please.yml		 Removed global npm upgrade step and updated publish command to use pinned npm@11.10.0 version via npx --yes npm@11.10.0 publish instead of ambient npm publish.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Poem

🐰 A version pinned so neat and tight,
No global upgrades in the night,
With npx we invoke with care,
Release workflows, crisp and fair! ✨

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch fix/trusted-publishing-npx

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@github-actions github-actions bot mentioned this pull request Apr 10, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@fbosch