Skip to content
Release

Release #13

Sign in to view logs

Release

Release #13

Workflow file for this run

.github/workflows/release.yml at b53bd8b
name: Release
on:
push:
tags: ['v*']
workflow_dispatch:
inputs:
tag:
description: 'Existing tag to publish (e.g. v0.2.0) — fallback when push-trigger misfires'
required: true
type: string
permissions:
contents: write
id-token: write
jobs:
publish-and-release:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v5
with:
fetch-depth: 0
ref: ${{ github.event.inputs.tag || github.ref }}
- name: Verify tag is on main branch
run: |
git fetch origin main
git merge-base --is-ancestor HEAD origin/main || {
echo "::error::Tagged commit is not on main branch. Aborting publish."
exit 1
}
- name: Verify tag matches package.json version
env:
INPUT_TAG: ${{ github.event.inputs.tag }}
run: |
if [ -n "$INPUT_TAG" ]; then
TAG="${INPUT_TAG#v}"
else
TAG="${GITHUB_REF#refs/tags/v}"
fi
PKG=$(node -p "require('./package.json').version")
[ "$TAG" = "$PKG" ] || {
echo "::error::Tag v$TAG does not match package.json version $PKG"
exit 1
}
- uses: actions/setup-node@v5
with:
node-version: 22
registry-url: https://registry.npmjs.org
# Trusted Publishing requires npm >= 11.5.1. node 22 ships with 10.x,
# so upgrade before publishing. OIDC flow then auths via the trusted
# publisher configured at npmjs.com/package/<name>/access.
- name: Upgrade npm for Trusted Publishing
run: npm install -g npm@latest
- name: Run tests
run: npm test
- name: Publish to npm
run: npm publish --provenance --access public
- name: Create GitHub Release
run: gh release create "$TAG_NAME" --generate-notes
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
TAG_NAME: ${{ github.event.inputs.tag || github.ref_name }}