Skip to content

NPM Provenance

NPM Provenance #7

Workflow file for this run

name: Release
on:
workflow_dispatch:
release:
types:
- published
jobs:
publish:
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write
packages: write
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: 20
- run: npm ci
- run: npm run build
#- run: npm version prerelease --no-git-tag-version --preid ${{ github.ref_name }}-${{ github.sha }} (using self-versioned package.json from now on)
#### PUBLISH TO NPM ####
- uses: JS-DevTools/npm-publish@v3
with:
token: ${{ secrets.NPM_TOKEN }}
access: public
tag: latest
provenance: true
#### PUBLISH TO GITHUB NPM ####
- uses: JS-DevTools/npm-publish@v3
with:
token: ${{ secrets.GITHUB_TOKEN }}
registry: https://npm.pkg.github.com
access: public
tag: beta