Enforce Package Dependency Version
ActionsTags
(2)This Github Actions helps enforce that a specific package version, range, prerelease, etc exists in your package.json
and yarn.lock
.
yarn why …
, so only yarn is supported for now.
This action runs itself here.
name: Enforce Package
on: push
jobs:
typescript:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: "Enforce Version"
id: enforce
uses: sharesight/enforce-package-dependency-version@v2
with:
package: "typescript"
range: ">=4.2.0"
- name: Debug
if: always()
run: |
echo target_version: ${{ steps.enforce.outputs.target_version }}
echo resolved_version: ${{ steps.enforce.outputs.resolved_version }}
Name | Description | Example | Default Value |
---|---|---|---|
package | The name of the dependency to check. | '@sharesight/package ' |
[required] |
directory | Directory where your package.json can be found. |
'../packages/static-site' |
env.GITHUB_WORKSPACE |
range | A semver range | '^1.2.3' |
[required] |
version_prerelease | An optional prerelease target (read more) | 'alpha' , true , false |
false |
allow_multiple_versions | Allow multiple versions to be resolved? (read more) | true , false |
false |
false
– requires there is no prerelease.true
– allows a prerelease—but it is not required!1.2.3-prerelease
and1.2.3
are both valid'prerelease'
– means it must match that prerelease.'prerelease.#'
– means it must match that prerelease and identifier.
Example: you may have Typescript at ^4.2.0
in your codebase, but another package points to 3.x
…
false
– means this should only ever resolve to a single version (and that should match our range)true
– does not fail if there are multiple versions⚠️ NOTE: we only look at the first resolved version, assuming this is your version..
Name | Description | Type or Example Value |
---|---|---|
resolved_version | The resolved version of that dependency, eg. in yarn.lock |
'1.2.3' , '1.2.3-prerelease.1' , etc… |
target_version | The target version of that dependency, eg. version in package.json |
'^1.2.3' |
yarn install
code .
yarn jest:tdd
- Deicde on a semver, eg.
1.2.3
. - Bump this version in
package.json
file. - Bump this version in
README.md
example. - Run
yarn build
and commit thatdist/index.js
change. - Version bumps should go via a PR and be merged into master before releasing.
Manually build a New Release: here
- Enter your tag based on the semver.
- Your tag should be prepended with a
v
, eg.v1.2.3
. - Do not use
@latest
tag.
- Your tag should be prepended with a
⚠️ Point the release to the correct commit (not main)! This should be the PR Merge commit.- Enter a title naming the release (eg.
v1.2.3: Brief description of changes
) - Enter a fuller description—link to commits, PRs, etc.
- Release!
Enforce Package Dependency Version is not certified by GitHub. It is provided by a third-party and is governed by separate terms of service, privacy policy, and support documentation.