From 4e9c075c1663c9e75fa5e8213f52640322bb3342 Mon Sep 17 00:00:00 2001 From: Dominic Couture Date: Tue, 10 Mar 2026 08:12:44 +0100 Subject: [PATCH 1/4] Use GITHUB_TOKEN where possible --- .github/workflows/release.yml | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index d32bb3d2500..820e5159c9c 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -213,6 +213,7 @@ jobs: permissions: contents: read id-token: write + pull-requests: write steps: - name: Limit action to Clerk members @@ -249,7 +250,6 @@ jobs: result-encoding: string retries: 3 retry-exempt-status-codes: 400,401 - github-token: ${{ secrets.CLERK_COOKIE_PAT }} script: | const commentCreated = new Date(context.payload.comment.created_at); @@ -335,7 +335,6 @@ jobs: if: steps.version-packages.outputs.success == '1' uses: peter-evans/create-or-update-comment@v3.0.0 with: - token: ${{ secrets.CLERK_COOKIE_PAT }} comment-id: ${{ github.event.comment.id }} reactions: heart @@ -343,7 +342,6 @@ jobs: if: steps.version-packages.outputs.success == '1' uses: actions/github-script@v7 with: - github-token: ${{ secrets.CLERK_COOKIE_PAT }} script: | const { data: comments } = await github.rest.issues.listComments({ owner: context.repo.owner, @@ -373,7 +371,6 @@ jobs: if: steps.version-packages.outputs.success == '1' uses: peter-evans/create-or-update-comment@v3.0.0 with: - token: ${{ secrets.CLERK_COOKIE_PAT }} issue-number: ${{ github.event.issue.number }} body: | Hey @${{ github.event.comment.user.login }} - the snapshot version command generated the following package versions: From 5afbbfa9427d02daa327db913cda0731f6beb418 Mon Sep 17 00:00:00 2001 From: Dominic Couture Date: Tue, 10 Mar 2026 08:13:15 +0100 Subject: [PATCH 2/4] Fix PR freshness check --- .github/workflows/release.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 820e5159c9c..f504a6bfb03 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -253,12 +253,11 @@ jobs: script: | const commentCreated = new Date(context.payload.comment.created_at); - const pr = await github.rest.pulls.get({ + const { data: pr } = await github.rest.pulls.get({ owner: 'clerk', repo: 'javascript', pull_number: context.issue.number, }); - const prLastUpdated = new Date(pr.updated_at); if (prLastUpdated > commentCreated) { From 1d38ebdab71e8127c3bed9a7ccb29391551112a1 Mon Sep 17 00:00:00 2001 From: Dominic Couture Date: Tue, 10 Mar 2026 08:19:29 +0100 Subject: [PATCH 3/4] Use pnpm instead of npm in release --- .github/workflows/release.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index f504a6bfb03..2922cf5fc27 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -290,15 +290,15 @@ jobs: - name: Version packages for snapshot id: version-packages - run: npm run version-packages:snapshot ${{ steps.extract-snapshot-name.outputs.name }} | tail -1 >> "$GITHUB_OUTPUT" + run: pnpm version-packages:snapshot ${{ steps.extract-snapshot-name.outputs.name }} | tail -1 >> "$GITHUB_OUTPUT" - name: Build release if: steps.version-packages.outputs.success == '1' - run: npx turbo build $TURBO_ARGS + run: pnpm turbo build $TURBO_ARGS - name: Snapshot release if: steps.version-packages.outputs.success == '1' - run: npm run release:snapshot + run: pnpm release:snapshot env: NPM_CONFIG_PROVENANCE: true From 83cc4ec1d16418adc2b8f6640970721ec894918a Mon Sep 17 00:00:00 2001 From: Dominic Couture Date: Tue, 10 Mar 2026 08:29:12 +0100 Subject: [PATCH 4/4] Await workflow dispatches --- .github/workflows/release.yml | 79 +++++++++++++++++++---------------- 1 file changed, 43 insertions(+), 36 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 2922cf5fc27..5fafb6f7f2b 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -84,28 +84,29 @@ jobs: const clerkUiVersion = require('./packages/ui/package.json').version; const nextjsVersion = require('./packages/nextjs/package.json').version; - github.rest.actions.createWorkflowDispatch({ - owner: 'clerk', - repo: 'sdk-infra-workers', - workflow_id: 'update-pkg-versions.yml', - ref: 'main', - inputs: { clerkjsVersion, clerkUiVersion } - }) - - github.rest.actions.createWorkflowDispatch({ - owner: 'clerk', - repo: 'dashboard', - workflow_id: 'prepare-nextjs-sdk-update.yml', - ref: 'main', - inputs: { version: nextjsVersion } - }) - - github.rest.actions.createWorkflowDispatch({ - owner: 'clerk', - repo: 'clerk-docs', - workflow_id: 'typedoc.yml', - ref: 'main', - }) + const dispatches = [ + github.rest.actions.createWorkflowDispatch({ + owner: 'clerk', + repo: 'sdk-infra-workers', + workflow_id: 'update-pkg-versions.yml', + ref: 'main', + inputs: { clerkjsVersion, clerkUiVersion } + }), + github.rest.actions.createWorkflowDispatch({ + owner: 'clerk', + repo: 'dashboard', + workflow_id: 'prepare-nextjs-sdk-update.yml', + ref: 'main', + inputs: { version: nextjsVersion } + }), + github.rest.actions.createWorkflowDispatch({ + owner: 'clerk', + repo: 'clerk-docs', + workflow_id: 'typedoc.yml', + ref: 'main', + }), + ]; + await Promise.all(dispatches); } else{ core.warning("Changeset in pre-mode should not prepare a ClerkJS production release") } @@ -185,25 +186,31 @@ jobs: const clerkUiVersion = require('./packages/ui/package.json').version; const nextjsVersion = require('./packages/nextjs/package.json').version; - github.rest.actions.createWorkflowDispatch({ - owner: 'clerk', - repo: 'sdk-infra-workers', - workflow_id: 'update-pkg-versions.yml', - ref: 'main', - inputs: { clerkjsVersion, clerkUiVersion, sourceCommit: context.sha } - }) - - if (nextjsVersion.includes('canary')) { - console.log('clerk/nextjs changed, will notify clerk/accounts'); + const dispatches = [ github.rest.actions.createWorkflowDispatch({ owner: 'clerk', - repo: 'accounts', - workflow_id: 'release-staging.yml', + repo: 'sdk-infra-workers', + workflow_id: 'update-pkg-versions.yml', ref: 'main', - inputs: { version: nextjsVersion } - }) + inputs: { clerkjsVersion, clerkUiVersion, sourceCommit: context.sha } + }), + ]; + + if (nextjsVersion.includes('canary')) { + console.log('clerk/nextjs changed, will notify clerk/accounts'); + dispatches.push( + github.rest.actions.createWorkflowDispatch({ + owner: 'clerk', + repo: 'accounts', + workflow_id: 'release-staging.yml', + ref: 'main', + inputs: { version: nextjsVersion } + }), + ); } + await Promise.all(dispatches); + snapshot-release: name: Snapshot release if: ${{ github.event_name == 'issue_comment' && startsWith(github.event.comment.body, '!snapshot') && github.repository == 'clerk/javascript' && github.event.issue.pull_request }}