npm - @codfish/actions-playground - Versions diffs - 0.0.0-PR-98--f43d338 → 0.0.0-PR-98--6b8b2a3 - Mend

@codfish/actions-playground 0.0.0-PR-98--f43d338 → 0.0.0-PR-98--6b8b2a3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/.github/workflows/validate.yml +60 -37
package/package.json +1 -1

package/.github/workflows/validate.yml CHANGED Viewed

@@ -41,24 +41,63 @@ jobs:
           echo "$PNPM_CONTEXT"
           echo "PNPM_HOME: $PNPM_HOME"
-      - uses: actions/setup-node@v4
-        with:
-          node-version-file: 'package.json'
-          cache: 'pnpm'
-      - name: Install dependencies
-        run: pnpm install --frozen-lockfile
+      - uses: codfish/actions/setup-node-and-install@npm-trusted-publishing
-      - name: Ensure npm 11.5.1+ for trusted publishing
-        run: |
-          echo "Current npm version: $(npm --version)"
-          # npm 11.5.1+ is required for OIDC trusted publishing (Jan 2026)
-          npm install -g npm@latest
-          echo "Updated npm version: $(npm --version)"
-          if [ "$(npm --version | cut -d. -f1)" -lt 11 ]; then
-            echo "ERROR: npm 11.5.1+ is required for trusted publishing"
-            exit 1
-          fi
+      - name: semantic release dry run
+        uses: docker://ghcr.io/codfish/semantic-release-action@sha256:327a3ce08284f9dd9b83b607e3f668dae90139e68ce90780b0a43a09d577dc3a
+        with:
+          dry-run: true
+          additional-packages: |
+            ['@google/semantic-release-replace-plugin', '@semantic-release/git', 'conventional-changelog-conventionalcommits@7']
+          plugins: |
+            [
+              '@semantic-release/commit-analyzer',
+              [
+                '@google/semantic-release-replace-plugin',
+                {
+                  'replacements': [
+                    {
+                      'files': ['Dockerfile'],
+                      'from': 'RELEASE_VERSION=.*',
+                      'to': 'RELEASE_VERSION=${nextRelease.version}'
+                    },
+                    {
+                      'files': ['provisioning/Chart.yml'],
+                      'from': 'ersion: .*',
+                      'to': 'ersion: ${nextRelease.version}'
+                    }
+                  ]
+                }
+              ],
+              [ '@semantic-release/git', {'assets': ['Dockerfile', 'provisioning/Chart.yml']} ],
+              [
+                "@semantic-release/release-notes-generator",
+                {
+                  "preset": "conventionalcommits",
+                  "presetConfig": {
+                    "types": [
+                      { type: 'feat', section: 'Features', hidden: false },
+                      { type: 'fix', section: 'Bug Fixes', hidden: false },
+                      { type: 'perf', section: 'Performance Improvements', hidden: false },
+                      { type: 'revert', section: 'Reverts', hidden: false },
+                      { type: 'docs', section: 'Other Updates', hidden: false },
+                      { type: 'style', section: 'Other Updates', hidden: false },
+                      { type: 'chore', section: 'Other Updates', hidden: false },
+                      { type: 'refactor', section: 'Other Updates', hidden: false },
+                      { type: 'test', section: 'Other Updates', hidden: false },
+                      { type: 'build', section: 'Other Updates', hidden: false },
+                      { type: 'ci', section: 'Other Updates', hidden: false }
+                    ]
+                  }
+                }
+              ],
+              '@semantic-release/npm',
+              '@semantic-release/github'
+            ]
+          pnpm-dest: ${{ steps.pnpm-setup.outputs.dest }}
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
       - name: Retrieve text file
         uses: actions/download-artifact@v4
@@ -74,26 +113,10 @@ jobs:
       - name: run tests
         run: pnpm test
-      - name: Publish PR package (direct)
-        if: github.event.pull_request.head.repo.full_name == github.repository
-        shell: bash
-        env:
-          PR_NUMBER: ${{ github.event.number }}
-          PR_SHA: ${{ github.event.pull_request.head.sha }}
-        run: |
-          set -euo pipefail
-          short_sha="$(echo "$PR_SHA" | cut -c -7)"
-          version="0.0.0-PR-${PR_NUMBER}--${short_sha}"
-          echo "Publishing $(jq -r '.name' package.json)@$version via OIDC trusted publishing"
-          npm version "$version" --no-git-tag-version
-          # CRITICAL: Do not set, unset, or manipulate NODE_AUTH_TOKEN or NPM_TOKEN
-          # They must not exist in the environment for OIDC to work
-          echo "npm version: $(npm --version)"
-          # Publish with OIDC - npm will automatically use OIDC when --provenance is used
-          npm publish --access public --tag pr --provenance
+      - uses: codfish/actions/npm-publish-pr@npm-trusted-publishing
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          # npm-token: ${{ secrets.NPM_TOKEN }}
       - name: Build package
         run: pnpm build

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@codfish/actions-playground",
-  "version": "0.0.0-PR-98--f43d338",
+  "version": "0.0.0-PR-98--6b8b2a3",
   "description": "My own testing ground for messing around with GitHub Actions.",
   "private": false,
   "publishConfig": {