chore: fix vulnerabilities via audit and dependency upgrades #104
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow will run tests using node and then publish a package to GitHub Packages when a release is created | |
| # For more information see: https://help.github.com/actions/language-and-framework-guides/publishing-nodejs-packages | |
| # https://httptoolkit.com/blog/automatic-npm-publish-gha/ | |
| name: Publish to NPM | |
| on: | |
| push: | |
| branches: | |
| - master | |
| paths-ignore: | |
| - 'docs/**' | |
| jobs: | |
| publish-npm: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: 'Checkout source code' | |
| uses: actions/checkout@v3 | |
| - uses: actions/setup-node@v3 | |
| with: | |
| node-version: 18 | |
| cache: 'npm' | |
| - name: NPM RC | |
| run: | | |
| echo "//registry.npmjs.org/:_authToken=${NPM_PUBLISH_TOKEN}" >> .npmrc | |
| env: | |
| NPM_PUBLISH_TOKEN: ${{ secrets.NPM_PUBLISH_TOKEN }} | |
| - name: Install | |
| run: yarn | |
| - name: Build | |
| run: yarn build | |
| - name: Test | |
| run: yarn test | |
| - name: Bump version & push | |
| run: | | |
| git config --global user.name ${{ secrets.GIT_USER_NAME }} | |
| git config --global user.email ${{ secrets.GIT_USER_EMAIL }} | |
| # Update the version in package.json, and commit & tag the change: | |
| npm version patch # YMMV - you might want the semver level as a workflow input | |
| git push && git push --tags | |
| - run: npm publish --access public |