ep_author_neat2 2.0.20 → 2.0.24

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/.github/workflows/backend-tests.yml +3 -3
  2. package/.github/workflows/frontend-tests.yml +3 -3
  3. package/.github/workflows/npmpublish.yml +21 -10
  4. package/.github/workflows/test-and-release.yml +8 -0
  5. package/package.json +3 -3
package/.github/workflows/backend-tests.yml CHANGED
@@ -22,11 +22,11 @@ jobs:
22
22
  version: 1.0
23
23
  -
24
24
  name: Install etherpad core
25
- uses: actions/checkout@v6
25
+ uses: actions/checkout@v4
26
26
  with:
27
27
  repository: ether/etherpad-lite
28
28
  path: etherpad-lite
29
- - uses: pnpm/action-setup@v5
29
+ - uses: pnpm/action-setup@v3
30
30
  name: Install pnpm
31
31
  with:
32
32
  version: 10
@@ -44,7 +44,7 @@ jobs:
44
44
  ${{ runner.os }}-pnpm-store-
45
45
  -
46
46
  name: Checkout plugin repository
47
- uses: actions/checkout@v6
47
+ uses: actions/checkout@v4
48
48
  with:
49
49
  path: plugin
50
50
  - name: Remove tests
package/.github/workflows/frontend-tests.yml CHANGED
@@ -12,10 +12,10 @@ jobs:
12
12
  steps:
13
13
  -
14
14
  name: Check out Etherpad core
15
- uses: actions/checkout@v6
15
+ uses: actions/checkout@v4
16
16
  with:
17
17
  repository: ether/etherpad-lite
18
- - uses: pnpm/action-setup@v5
18
+ - uses: pnpm/action-setup@v3
19
19
  name: Install pnpm
20
20
  with:
21
21
  version: 10
@@ -33,7 +33,7 @@ jobs:
33
33
  ${{ runner.os }}-pnpm-store-
34
34
  -
35
35
  name: Check out the plugin
36
- uses: actions/checkout@v6
36
+ uses: actions/checkout@v4
37
37
  with:
38
38
  path: ./node_modules/__tmp
39
39
  -
package/.github/workflows/npmpublish.yml CHANGED
@@ -1,5 +1,10 @@
1
1
  # This workflow will run tests using node and then publish a package to the npm registry when a release is created
2
2
  # For more information see: https://help.github.com/actions/language-and-framework-guides/publishing-nodejs-packages
3
+ #
4
+ # Publishing uses npm Trusted Publishing (OIDC) — no NPM_TOKEN secret is
5
+ # required. Each package must have a trusted publisher configured on npmjs.com
6
+ # pointing at this workflow file. See:
7
+ # https://docs.npmjs.com/trusted-publishers
3
8
 
4
9
  name: Node.js Package
5
10
 
@@ -9,11 +14,19 @@ on:
9
14
  jobs:
10
15
  publish-npm:
11
16
  runs-on: ubuntu-latest
17
+ permissions:
18
+ contents: write # for `git push --follow-tags` of the version bump
19
+ id-token: write # for npm OIDC trusted publishing
12
20
  steps:
13
21
  - uses: actions/setup-node@v6
14
22
  with:
23
+ # OIDC trusted publishing needs npm >= 11.5.1, which requires
24
+ # Node >= 20.17.0. setup-node's `20` resolves to the latest
25
+ # 20.x, which satisfies that.
15
26
  node-version: 20
16
27
  registry-url: https://registry.npmjs.org/
28
+ - name: Upgrade npm to >=11.5.1 (required for trusted publishing)
29
+ run: npm install -g npm@latest
17
30
  - name: Check out Etherpad core
18
31
  uses: actions/checkout@v6
19
32
  with:
@@ -27,7 +40,7 @@ jobs:
27
40
  shell: bash
28
41
  run: |
29
42
  echo "STORE_PATH=$(pnpm store path --silent)" >> $GITHUB_ENV
30
- - uses: actions/cache@v4
43
+ - uses: actions/cache@v5
31
44
  name: Setup pnpm cache
32
45
  with:
33
46
  path: ${{ env.STORE_PATH }}
@@ -63,12 +76,10 @@ jobs:
63
76
  # already-used version number. By running `npm publish` after `git push`,
64
77
  # back-to-back merges will cause the first merge's workflow to fail but
65
78
  # the second's will succeed.
66
- -
67
- run: pnpm publish
68
- env:
69
- NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}}
70
- #-
71
- # name: Add package to etherpad organization
72
- # run: pnpm access grant read-write etherpad:developers
73
- # env:
74
- # NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}}
79
+ #
80
+ # Use `npm publish` directly (not `pnpm publish`) because OIDC trusted
81
+ # publishing requires npm CLI >= 11.5.1 and `pnpm publish` shells out to
82
+ # whichever `npm` is on PATH; calling `npm` directly avoids any shim
83
+ # ambiguity.
84
+ - name: Publish to npm via OIDC
85
+ run: npm publish --provenance --access public
package/.github/workflows/test-and-release.yml CHANGED
@@ -1,6 +1,11 @@
1
1
  name: Node.js Package
2
2
  on: [push]
3
3
 
4
+ # id-token: write must be granted here so the reusable npmpublish workflow
5
+ # can request an OIDC token for npm trusted publishing.
6
+ permissions:
7
+ contents: write
8
+ id-token: write
4
9
 
5
10
  jobs:
6
11
  backend:
@@ -14,5 +19,8 @@ jobs:
14
19
  needs:
15
20
  - backend
16
21
  - frontend
22
+ permissions:
23
+ contents: write # for the version bump push
24
+ id-token: write # for npm OIDC trusted publishing
17
25
  uses: ./.github/workflows/npmpublish.yml
18
26
  secrets: inherit
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "ep_author_neat2",
3
- "version": "2.0.20",
3
+ "version": "2.0.24",
4
4
  "description": "Etherpad plugin that uses colored underlines instead of colored backgrounds to indicate authorship.",
5
5
  "repository": {
6
6
  "type": "git",
@@ -23,7 +23,7 @@
23
23
  "devDependencies": {
24
24
  "eslint": "^8.57.1",
25
25
  "eslint-config-etherpad": "^4.0.4",
26
- "typescript": "^6.0.2"
26
+ "typescript": "^5.9.3"
27
27
  },
28
28
  "engines": {
29
29
  "node": ">=18.0.0"
@@ -32,4 +32,4 @@
32
32
  "lint": "eslint .",
33
33
  "lint:fix": "eslint --fix ."
34
34
  }
35
- }
35
+ }