Skip to content

chore(deps): lock file maintenance #83

chore(deps): lock file maintenance

chore(deps): lock file maintenance #83

Workflow file for this run

name: Release
on:
push:
branches:
- main
- next
- dev
permissions:
contents: read
jobs:
test:
uses: ./.github/workflows/test.yml
permissions:
contents: read
pull-requests: read
secrets:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
release:
needs: test
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
api.github.com:443
github.com:22
github.com:443
registry.npmjs.org:443
tuf-repo-cdn.sigstore.dev:443
- name: Checkout project
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
with:
persist-credentials: false
- name: Use Node.js LTS
uses: actions/setup-node@8f152de45cc393bb48ce5d89d36b731f54556e65 # v4
with:
node-version: "lts/*"
cache: npm
- name: Install packages
run: npm ci
- name: Audit npm signatures
run: npm audit signatures
- name: Run Semantic Release
run: npx semantic-release
env:
GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}