@skilbjo/config-rc 1.0.25 → 1.0.27
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.github/workflows/pr.yml +8 -7
- package/.github/workflows/release.yml +5 -11
- package/CHANGELOG.md +14 -0
- package/package.json +3 -2
package/.github/workflows/pr.yml
CHANGED
|
@@ -9,13 +9,15 @@ defaults:
|
|
|
9
9
|
run:
|
|
10
10
|
shell: bash
|
|
11
11
|
|
|
12
|
-
permissions:
|
|
13
|
-
pull-requests: write
|
|
14
|
-
|
|
15
12
|
jobs:
|
|
16
13
|
build-and-test:
|
|
17
14
|
runs-on: ubuntu-latest
|
|
18
15
|
timeout-minutes: 10
|
|
16
|
+
if: github.event.pull_request.head.repo.full_name == github.repository # Security: Only run on PRs from the same repository
|
|
17
|
+
permissions:
|
|
18
|
+
contents: read # Needed for checkout and npm install
|
|
19
|
+
pull-requests: read # Needed to read PR information
|
|
20
|
+
|
|
19
21
|
steps:
|
|
20
22
|
- uses: actions/checkout@v5
|
|
21
23
|
with:
|
|
@@ -31,10 +33,6 @@ jobs:
|
|
|
31
33
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
32
34
|
|
|
33
35
|
- run: make ci
|
|
34
|
-
env:
|
|
35
|
-
GITHUB_TOKEN: ${{ secrets.READ_ONLY_PAT }}
|
|
36
|
-
NPM_TOKEN: ${{ secrets.READ_ONLY_PAT }}
|
|
37
|
-
NODE_AUTH_TOKEN: ${{ secrets.READ_ONLY_PAT }}
|
|
38
36
|
|
|
39
37
|
- name: Set up NPM authentication for dry release
|
|
40
38
|
run: echo "//npm.pkg.github.com/:_authToken=${{ secrets.ACTIONS_TOKEN }}" >> ~/.npmrc
|
|
@@ -57,7 +55,10 @@ jobs:
|
|
|
57
55
|
runs-on: ubuntu-latest
|
|
58
56
|
needs: build-and-test
|
|
59
57
|
timeout-minutes: 2
|
|
58
|
+
permissions:
|
|
59
|
+
pull-requests: write
|
|
60
60
|
if: ${{ github.actor == 'dependabot[bot]' }}
|
|
61
|
+
|
|
61
62
|
steps:
|
|
62
63
|
- uses: dependabot/fetch-metadata@v2.4.0
|
|
63
64
|
with:
|
|
@@ -15,6 +15,7 @@ jobs:
|
|
|
15
15
|
publish-artifact:
|
|
16
16
|
runs-on: ubuntu-latest
|
|
17
17
|
timeout-minutes: 10
|
|
18
|
+
if: github.repository == 'skilbjo/config-rc' # Security: Only run on pushes to the main repository
|
|
18
19
|
permissions:
|
|
19
20
|
packages: write
|
|
20
21
|
id-token: write # Required for npm provenance generation
|
|
@@ -34,10 +35,6 @@ jobs:
|
|
|
34
35
|
node-version-file: .nvmrc
|
|
35
36
|
cache: npm
|
|
36
37
|
|
|
37
|
-
- run: npm ci
|
|
38
|
-
env:
|
|
39
|
-
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
40
|
-
|
|
41
38
|
- run: make ci
|
|
42
39
|
|
|
43
40
|
- uses: cycjimmy/semantic-release-action@v4
|
|
@@ -63,13 +60,10 @@ jobs:
|
|
|
63
60
|
if: steps.semantic.outputs.new_release_published == 'true'
|
|
64
61
|
run: |
|
|
65
62
|
# npm --no-git-tag-version version ${{ steps.semantic.outputs.new_release_version }}
|
|
66
|
-
|
|
67
|
-
# Ensure npm provenance is enabled
|
|
68
|
-
npm config set provenance true
|
|
63
|
+
npm run prepare-npm
|
|
69
64
|
|
|
70
65
|
- name: Publish to NPM
|
|
71
66
|
if: steps.semantic.outputs.new_release_published == 'true'
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
access: public
|
|
67
|
+
run: |
|
|
68
|
+
npm install -g npm@latest # Ensure npm 11.5.1+ for trusted publishing
|
|
69
|
+
npm publish
|
package/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,17 @@
|
|
|
1
|
+
## [1.0.27](https://github.com/skilbjo/config-rc/compare/v1.0.26...v1.0.27) (2025-08-30)
|
|
2
|
+
|
|
3
|
+
|
|
4
|
+
### Bug Fixes
|
|
5
|
+
|
|
6
|
+
* disallow tokens to see if it works ([f95ab05](https://github.com/skilbjo/config-rc/commit/f95ab057507e9ef7aea9e8cd540a82f74f438d95))
|
|
7
|
+
|
|
8
|
+
## [1.0.26](https://github.com/skilbjo/config-rc/compare/v1.0.25...v1.0.26) (2025-08-30)
|
|
9
|
+
|
|
10
|
+
|
|
11
|
+
### Bug Fixes
|
|
12
|
+
|
|
13
|
+
* trusted publishing with no token ([98bfa61](https://github.com/skilbjo/config-rc/commit/98bfa611e031e9fcf6c9a1b6363354552ddde513))
|
|
14
|
+
|
|
1
15
|
## [1.0.25](https://github.com/skilbjo/config-rc/compare/v1.0.24...v1.0.25) (2025-08-29)
|
|
2
16
|
|
|
3
17
|
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"$schema": "https://json.schemastore.org/package",
|
|
3
3
|
"name": "@skilbjo/config-rc",
|
|
4
|
-
"version": "1.0.
|
|
4
|
+
"version": "1.0.27",
|
|
5
5
|
"description": "eslint, prettier, & tsconfig config",
|
|
6
6
|
"main": "index.js",
|
|
7
7
|
"private": false,
|
|
@@ -14,7 +14,8 @@
|
|
|
14
14
|
"eslint": "eslint .",
|
|
15
15
|
"lint": "npm run eslint",
|
|
16
16
|
"depcheck": "depcheck",
|
|
17
|
-
"test": "echo \"Error: no test specified\" && exit 1"
|
|
17
|
+
"test": "echo \"Error: no test specified\" && exit 1",
|
|
18
|
+
"prepare-npm": "jq 'del(.publishConfig) | . + { publishConfig: { registry: \"https://registry.npmjs.org/\", access: \"public\", provenance: true } }' package.json >package2.json && mv package2.json package.json"
|
|
18
19
|
},
|
|
19
20
|
"keywords": [
|
|
20
21
|
"eslint",
|