Skip to content

Commit 2050257

Browse files
SMAKSSSMAKSS
committed
fix(workflow): update npm publish workflow to support GitHub Packages and OIDC
1 parent 3f7227f commit 2050257

3 files changed

Lines changed: 23 additions & 5 deletions

File tree

.github/workflows/npm-publish.yml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -34,8 +34,10 @@ jobs:
3434
run: pnpm release
3535
env:
3636
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
37+
NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
3738
- name: Release (develop)
3839
if: github.ref_name == 'develop'
3940
run: pnpm release
4041
env:
4142
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
43+
NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.releaserc.js

Lines changed: 15 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,21 @@ export default {
66
plugins: [
77
'@semantic-release/commit-analyzer',
88
'@semantic-release/release-notes-generator',
9-
'@semantic-release/npm',
9+
[
10+
'@semantic-release/npm',
11+
{
12+
npmPublish: true,
13+
pkgRoot: '.',
14+
},
15+
],
16+
[
17+
'@semantic-release/npm',
18+
{
19+
npmPublish: true,
20+
npmRegistryUrl: 'https://npm.pkg.github.com/',
21+
pkgRoot: '.',
22+
},
23+
],
1024
[
1125
'@semantic-release/github',
1226
{

CONTRIBUTING.md

Lines changed: 6 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -47,10 +47,12 @@ Releases are automated with semantic-release on every push to the `master` and
4747
- Do not manually bump versions or edit a changelog; releases are published on
4848
GitHub without committing files back to the repo.
4949
- Follow Conventional Commits so the release type can be inferred.
50-
- Releases use npm trusted publishing (OIDC). Configure the repository as a
51-
trusted publisher in npm (using this workflow file) and ensure the workflow
52-
has `id-token: write` and npm CLI >= 11.5.1.
53-
- `GITHUB_TOKEN` is used to create GitHub releases.
50+
- Releases use npm trusted publishing (OIDC) for the npm registry and also
51+
publish to GitHub Packages. Configure the repository as a trusted publisher in
52+
npm (using this workflow file) and ensure the workflow has `id-token: write`
53+
and npm CLI >= 11.5.1.
54+
- `GITHUB_TOKEN` is used to create GitHub releases and to publish to GitHub
55+
Packages.
5456

5557
To run a local dry run:
5658

0 commit comments

Comments
 (0)