ins-queue-actions 1.2.95 → 1.2.105
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -9,6 +9,8 @@ on:
|
|
|
9
9
|
jobs:
|
|
10
10
|
version_update:
|
|
11
11
|
runs-on: ubuntu-latest
|
|
12
|
+
permissions:
|
|
13
|
+
contents: write # Needed to commit and push version changes
|
|
12
14
|
steps:
|
|
13
15
|
- uses: actions/checkout@v4
|
|
14
16
|
- uses: actions/setup-node@v4
|
|
@@ -29,6 +31,9 @@ jobs:
|
|
|
29
31
|
publish-npm:
|
|
30
32
|
needs: version_update
|
|
31
33
|
runs-on: ubuntu-latest
|
|
34
|
+
permissions:
|
|
35
|
+
id-token: write # Required for trusted publishing with OIDC (if using trusted publishing)
|
|
36
|
+
contents: read
|
|
32
37
|
steps:
|
|
33
38
|
- uses: actions/checkout@v4
|
|
34
39
|
with:
|
|
@@ -37,17 +42,39 @@ jobs:
|
|
|
37
42
|
- uses: actions/setup-node@v4
|
|
38
43
|
with:
|
|
39
44
|
node-version: 20
|
|
40
|
-
registry-url
|
|
45
|
+
# No registry-url to allow Trusted Publishing OIDC authentication
|
|
46
|
+
# setup-node automatically uses NODE_AUTH_TOKEN if registry-url is set
|
|
47
|
+
|
|
48
|
+
- name: Upgrade npm for Trusted Publishing support
|
|
49
|
+
run: npm install -g npm@latest
|
|
50
|
+
# Trusted Publishing requires npm 11.5.1+
|
|
51
|
+
|
|
52
|
+
- name: Configure npm registry (for Trusted Publishing)
|
|
53
|
+
run: npm config set registry https://registry.npmjs.org/
|
|
41
54
|
|
|
42
55
|
- name: Fetch the latest code
|
|
43
56
|
run: git pull origin main # Ensures that the latest version is fetched from the main branch.
|
|
44
57
|
|
|
45
|
-
- name:
|
|
46
|
-
run:
|
|
47
|
-
|
|
48
|
-
|
|
58
|
+
- name: Debug npm configuration
|
|
59
|
+
run: |
|
|
60
|
+
echo "npm version: $(npm --version)"
|
|
61
|
+
echo "Registry: $(npm config get registry)"
|
|
62
|
+
echo "Checking temp .npmrc (created by setup-node):"
|
|
63
|
+
cat $NPM_CONFIG_USERCONFIG 2>/dev/null || echo "No temp .npmrc found"
|
|
64
|
+
echo ""
|
|
65
|
+
echo "Whoami check:"
|
|
66
|
+
npm whoami || echo "Not authenticated"
|
|
67
|
+
echo ""
|
|
68
|
+
echo "NODE_AUTH_TOKEN status:"
|
|
69
|
+
if [ -n "$NODE_AUTH_TOKEN" ]; then
|
|
70
|
+
echo "Token is SET (this should NOT be set for Trusted Publishing)"
|
|
71
|
+
else
|
|
72
|
+
echo "Token is NOT set (good for Trusted Publishing)"
|
|
73
|
+
fi
|
|
49
74
|
|
|
50
75
|
- name: Publish to npm
|
|
51
|
-
run:
|
|
52
|
-
|
|
53
|
-
NODE_AUTH_TOKEN
|
|
76
|
+
run: |
|
|
77
|
+
# Ensure no token is used - Trusted Publishing uses OIDC
|
|
78
|
+
unset NODE_AUTH_TOKEN
|
|
79
|
+
npm config delete //registry.npmjs.org/:_authToken || true
|
|
80
|
+
npm publish --access public
|
package/package.json
CHANGED
|
@@ -1,6 +1,10 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "ins-queue-actions",
|
|
3
|
-
"version": "1.2.
|
|
3
|
+
"version": "1.2.105",
|
|
4
4
|
"main": "index.js",
|
|
5
|
-
"engineStrict": true
|
|
5
|
+
"engineStrict": true,
|
|
6
|
+
"repository": {
|
|
7
|
+
"type": "git",
|
|
8
|
+
"url": "https://github.com/InstaServiceTech/ins-queue-actions.git"
|
|
9
|
+
}
|
|
6
10
|
}
|