zachleat 43.0.0 → 43.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.github/dependabot.yml +14 -0
- package/.github/workflows/release.yml +25 -0
- package/README.md +4 -0
- package/package.json +1 -1
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
# To get started with Dependabot version updates, you'll need to specify which
|
|
2
|
+
# package ecosystems to update and where the package manifests are located.
|
|
3
|
+
# Please see the documentation for all configuration options:
|
|
4
|
+
# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
|
|
5
|
+
|
|
6
|
+
version: 2
|
|
7
|
+
updates:
|
|
8
|
+
- package-ecosystem: github-actions
|
|
9
|
+
directories: [".github/workflows/**"]
|
|
10
|
+
schedule:
|
|
11
|
+
interval: weekly
|
|
12
|
+
cooldown:
|
|
13
|
+
default-days: 7
|
|
14
|
+
assignees: [zachleat]
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
name: Publish Release to npm
|
|
2
|
+
on:
|
|
3
|
+
release:
|
|
4
|
+
types: [published]
|
|
5
|
+
permissions: read-all
|
|
6
|
+
jobs:
|
|
7
|
+
release:
|
|
8
|
+
# see https://github.com/11ty/eleventy/settings/environments
|
|
9
|
+
environment: GitHub Publish
|
|
10
|
+
runs-on: ubuntu-latest
|
|
11
|
+
permissions:
|
|
12
|
+
contents: read
|
|
13
|
+
id-token: write
|
|
14
|
+
steps:
|
|
15
|
+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # 6.0.2
|
|
16
|
+
- uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # 6.4.0
|
|
17
|
+
with:
|
|
18
|
+
node-version: "24"
|
|
19
|
+
registry-url: 'https://registry.npmjs.org'
|
|
20
|
+
# Explicit opt out of cache (tanstack cache poison vuln)
|
|
21
|
+
package-manager-cache: false
|
|
22
|
+
- run: npm install -g npm@latest
|
|
23
|
+
- if: ${{ github.event.release.tag_name != '' }}
|
|
24
|
+
# Also runs npm ci and npm test
|
|
25
|
+
run: npm stage publish
|
package/README.md
CHANGED
|
@@ -21,11 +21,15 @@ import zachleat from "zachleat";
|
|
|
21
21
|
// or in CommonJS
|
|
22
22
|
// const zachleat = await import("zachleat");
|
|
23
23
|
|
|
24
|
+
// or in CommonJS (via require(esm) e.g. Deno 2+, Node 22+)
|
|
25
|
+
// const { default: zachleat } = require("zachleat");
|
|
26
|
+
|
|
24
27
|
zachleat();
|
|
25
28
|
```
|
|
26
29
|
|
|
27
30
|
## Changelog
|
|
28
31
|
|
|
32
|
+
* `v43.1` Adds trusted publishers OIDC release process with staged publishing.
|
|
29
33
|
* `v43` Node 20+; Deno instructions
|
|
30
34
|
* `v42` Bump `update-notifier` from v5 to [v6](https://github.com/sindresorhus/update-notifier/releases/tag/v6.0.0) (ESM) to [v7](https://github.com/sindresorhus/update-notifier/releases/tag/v7.0.0); Node 18+
|
|
31
35
|
* `v41` ESM
|