chore(deps): update dependency express to v4.19.2 [security] (#102) #29
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Release | |
on: | |
push: | |
branches: | |
- main | |
jobs: | |
release: | |
runs-on: ubuntu-latest | |
steps: | |
# Get GitHub token via the CT Changesets App | |
- name: Generate GitHub token (via CT Changesets App) | |
id: generate_github_token | |
uses: tibdex/[email protected] | |
with: | |
app_id: ${{ secrets.CT_CHANGESETS_APP_ID }} | |
private_key: ${{ secrets.CT_CHANGESETS_APP_PEM }} | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
# Pass a personal access token (using our `ct-changesets` app) to be able to trigger other workflows | |
# https://help.github.com/en/actions/reference/events-that-trigger-workflows#triggering-new-workflows-using-a-personal-access-token | |
# https://github.community/t/action-does-not-trigger-another-on-push-tag-action/17148/8 | |
token: ${{ steps.generate_github_token.outputs.token }} | |
- name: Install pnpm | |
uses: pnpm/[email protected] | |
with: | |
run_install: false | |
- name: Setup Node (uses version in .nvmrc) | |
uses: actions/setup-node@v4 | |
with: | |
node-version-file: '.nvmrc' | |
cache: pnpm | |
- name: Install dependencies | |
run: pnpm install | |
- name: Creating .npmrc | |
run: | | |
cat << EOF > "$HOME/.npmrc" | |
[email protected] | |
//registry.npmjs.org/:_authToken=$NPM_TOKEN | |
EOF | |
env: | |
NPM_TOKEN: ${{ secrets.NPM_TOKEN }} | |
- name: Building packages | |
run: pnpm build | |
- name: Create Release Pull Request or Publish to npm | |
id: changesets | |
uses: changesets/[email protected] | |
with: | |
commit: 'ci(changesets): version packages' | |
publish: pnpm changeset publish | |
version: pnpm changeset:version-and-format | |
env: | |
GITHUB_TOKEN: ${{ steps.generate_github_token.outputs.token }} | |
# Publish canary releases only if the packages weren't published already | |
- name: Publishing canary releases to npm registry | |
if: steps.changesets.outputs.published != 'true' | |
run: | | |
git checkout main | |
pnpm changeset version --snapshot canary | |
pnpm changeset publish --tag canary | |
env: | |
GITHUB_TOKEN: ${{ steps.generate_github_token.outputs.token }} |