Skip to content

chore(deps): lock file maintenance #119

chore(deps): lock file maintenance

chore(deps): lock file maintenance #119

Workflow file for this run

name: Release
on:
push:
branches:
- main
- next
- dev
permissions:
contents: read
jobs:
test:
uses: ./.github/workflows/test.yml
permissions:
contents: read
pull-requests: read
secrets:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
release:
needs: test
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
api.github.com:443
github.com:22
github.com:443
registry.npmjs.org:443
tuf-repo-cdn.sigstore.dev:443
- name: Checkout project
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
with:
persist-credentials: false
- name: Use Node.js LTS
uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
with:
node-version: "lts/*"
cache: npm
- name: Install packages
run: npm ci
- name: Audit npm signatures
run: npm audit signatures
- name: Run Semantic Release
run: npx semantic-release
env:
GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}