@alphatechma/expo-rn-template 1.0.2 → 1.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.github/workflows/publish.yml +31 -5
- package/.github/workflows/release.yml +25 -3
- package/README.md +12 -0
- package/package.json +2 -2
|
@@ -10,6 +10,9 @@ jobs:
|
|
|
10
10
|
publish:
|
|
11
11
|
name: Publish package
|
|
12
12
|
runs-on: ubuntu-latest
|
|
13
|
+
permissions:
|
|
14
|
+
id-token: write # habilita OIDC
|
|
15
|
+
contents: write
|
|
13
16
|
steps:
|
|
14
17
|
- name: Checkout repository
|
|
15
18
|
uses: actions/checkout@v4
|
|
@@ -20,8 +23,28 @@ jobs:
|
|
|
20
23
|
node-version: '18'
|
|
21
24
|
registry-url: 'https://registry.npmjs.org'
|
|
22
25
|
|
|
26
|
+
- name: Show versions
|
|
27
|
+
run: |
|
|
28
|
+
node --version
|
|
29
|
+
npm --version
|
|
30
|
+
|
|
23
31
|
- name: Install dependencies
|
|
24
|
-
run:
|
|
32
|
+
run: |
|
|
33
|
+
if [ -f package-lock.json ]; then
|
|
34
|
+
npm ci --no-audit --no-fund || npm install --legacy-peer-deps --no-audit --no-fund
|
|
35
|
+
else
|
|
36
|
+
npm install --legacy-peer-deps --no-audit --no-fund
|
|
37
|
+
fi
|
|
38
|
+
|
|
39
|
+
- name: Verify OIDC authentication (npm whoami)
|
|
40
|
+
run: |
|
|
41
|
+
echo "Attempting OIDC authentication (trusted publisher must be configured on npmjs)."
|
|
42
|
+
if npm whoami; then
|
|
43
|
+
echo "OIDC authentication succeeded"
|
|
44
|
+
else
|
|
45
|
+
echo "OIDC authentication failed. Configure Trusted Publishers on npmjs for this repository/workflow or add NODE_AUTH_TOKEN as a secret as a fallback."
|
|
46
|
+
exit 1
|
|
47
|
+
fi
|
|
25
48
|
|
|
26
49
|
- name: Run lint
|
|
27
50
|
run: npm run lint || true
|
|
@@ -32,9 +55,12 @@ jobs:
|
|
|
32
55
|
- name: Build (if defined)
|
|
33
56
|
run: npm run build --if-present
|
|
34
57
|
|
|
58
|
+
- name: Publish (dry-run)
|
|
59
|
+
run: |
|
|
60
|
+
echo "Dry-run publish (OIDC)..."
|
|
61
|
+
npm publish --dry-run --access public || true
|
|
62
|
+
|
|
35
63
|
- name: Publish to npm
|
|
36
|
-
env:
|
|
37
|
-
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
|
|
38
64
|
run: |
|
|
39
|
-
echo "Publishing package..."
|
|
40
|
-
npm publish --access public
|
|
65
|
+
echo "Publishing package (OIDC)..."
|
|
66
|
+
npm publish --access public --provenance
|
|
@@ -8,6 +8,9 @@ on:
|
|
|
8
8
|
jobs:
|
|
9
9
|
release:
|
|
10
10
|
runs-on: ubuntu-latest
|
|
11
|
+
permissions:
|
|
12
|
+
id-token: write
|
|
13
|
+
contents: write
|
|
11
14
|
steps:
|
|
12
15
|
- name: Checkout
|
|
13
16
|
uses: actions/checkout@v4
|
|
@@ -18,11 +21,30 @@ jobs:
|
|
|
18
21
|
node-version: '18'
|
|
19
22
|
registry-url: 'https://registry.npmjs.org'
|
|
20
23
|
|
|
24
|
+
- name: Show environment versions
|
|
25
|
+
run: |
|
|
26
|
+
node --version
|
|
27
|
+
npm --version
|
|
28
|
+
|
|
21
29
|
- name: Install dependencies
|
|
22
|
-
run: npm
|
|
30
|
+
run: npm install --legacy-peer-deps --no-audit --no-fund
|
|
31
|
+
|
|
32
|
+
- name: Verify OIDC authentication (npm whoami)
|
|
33
|
+
run: |
|
|
34
|
+
echo "Attempting OIDC authentication (trusted publisher must be configured on npmjs)."
|
|
35
|
+
if npm whoami; then
|
|
36
|
+
echo "OIDC authentication succeeded"
|
|
37
|
+
else
|
|
38
|
+
echo "OIDC authentication failed. Configure Trusted Publishers on npmjs for this repository/workflow or add NODE_AUTH_TOKEN as a secret as a fallback."
|
|
39
|
+
exit 1
|
|
40
|
+
fi
|
|
41
|
+
|
|
42
|
+
- name: Semantic-release (dry-run)
|
|
43
|
+
env:
|
|
44
|
+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
45
|
+
run: npx semantic-release --dry-run
|
|
23
46
|
|
|
24
|
-
- name:
|
|
47
|
+
- name: Semantic-release (publish)
|
|
25
48
|
env:
|
|
26
49
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
27
|
-
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
|
|
28
50
|
run: npx semantic-release
|
package/README.md
CHANGED
|
@@ -257,3 +257,15 @@ Se quiser eu:
|
|
|
257
257
|
- 3) adiciono um script `create-app` simples que copia o template e roda um assistant de setup.
|
|
258
258
|
|
|
259
259
|
Diga qual das opções acima prefere que eu crie em seguida.
|
|
260
|
+
|
|
261
|
+
### Nota sobre lockfile (recomendado)
|
|
262
|
+
|
|
263
|
+
Para builds reprodutíveis e para que o workflow `npm ci` funcione sem problemas, é recomendável commitar o `package-lock.json` no repositório. Porém, alguns ambientes (ou templates) não incluem o lockfile — por isso os workflows desse template utilizam `npm install --legacy-peer-deps --no-audit --no-fund` quando necessário, que é mais tolerante a ausência do lockfile e a conflitos de peer.
|
|
264
|
+
|
|
265
|
+
Se quiser garantir installs idempotentes em CI, gere o lockfile localmente e commite:
|
|
266
|
+
|
|
267
|
+
```bash
|
|
268
|
+
npm install --legacy-peer-deps
|
|
269
|
+
git add package-lock.json
|
|
270
|
+
git commit -m "chore: add package-lock.json"
|
|
271
|
+
```
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@alphatechma/expo-rn-template",
|
|
3
|
-
"version": "1.0.
|
|
3
|
+
"version": "1.0.3",
|
|
4
4
|
"main": "index.ts",
|
|
5
5
|
"description": "Expo React Native template by Alphatech - base templatizada para apps Expo.",
|
|
6
6
|
"keywords": ["expo", "react-native", "template", "starter", "typescript", "mobile", "alphatech"],
|
|
@@ -51,7 +51,7 @@
|
|
|
51
51
|
"react-native-date-picker": "^5.0.13",
|
|
52
52
|
"react-native-gesture-handler": "^2.30.0",
|
|
53
53
|
"react-native-iphone-x-helper": "^1.3.1",
|
|
54
|
-
"react-native-reanimated": "
|
|
54
|
+
"react-native-reanimated": "^4.2.1",
|
|
55
55
|
"react-native-responsive-fontsize": "^0.5.1",
|
|
56
56
|
"react-native-safe-area-context": "^5.6.2",
|
|
57
57
|
"react-native-screens": "^4.19.0",
|