Skip to content

Merge pull request #492 from ducktors/dependabot/github_actions/wagoi… #453

Merge pull request #492 from ducktors/dependabot/github_actions/wagoi…

Merge pull request #492 from ducktors/dependabot/github_actions/wagoi… #453

Workflow file for this run

name: Release
on:
push:
branches:
- main
concurrency: ${{ github.workflow }}-${{ github.ref }}
env:
NPM_CONFIG_PROVENANCE: true
permissions:
contents: read
jobs:
release:
runs-on: ubuntu-latest
name: Release
permissions:
contents: write
issues: write
pull-requests: write
id-token: write
steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
with:
egress-policy: audit
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
name: Checkout
with:
persist-credentials: false
- uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
name: Install Node
with:
node-version: 20
- uses: pnpm/action-setup@fe02b34f77f8bc703788d5817da081398fad5dd2 # v4.0.0
name: Install pnpm
with:
version: 9.14.2
- name: Install dependencies
run: pnpm install
- name: Verify the integrity of provenance attestations and registry signatures for installed dependencies
run: npm audit signatures
- name: Release
env:
GH_TOKEN: ${{ secrets.DUCKTORS_PAT }}
NPM_TOKEN: ${{ secrets.DUCKTORS_NPM_TOKEN }}
run: pnpm dlx semantic-release