archive
/
matrix-spec
mirror of https://github.com/matrix-org/matrix-spec
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Use NPM Trusted Publishers over token (#2239)

Browse Source 
* Use NPM Trusted Publishers over token

due to security changes being enacted next month by npm

* Add changelog entry

* Update npm
pull/2241/head
Michael Telatynski 1 month ago committed by GitHub
parent 967b54195c
commit e2b2e56bd2
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 9 additions and 7 deletions
Show Stats Download Patch File Download Diff File

15
.github/workflows/release.yaml vendored
Unescape Escape View File

@ -12,6 +12,9 @@ jobs:
defaults: defaults:
run: run:
working-directory: packages/npm working-directory: packages/npm
permissions:
contents: read
id-token: write
steps: steps:
- name: 🧮 Checkout code - name: 🧮 Checkout code
uses: actions/checkout@v4 uses: actions/checkout@v4
@ -23,6 +26,10 @@ jobs:
cache-dependency-path: packages/npm/yarn.lock cache-dependency-path: packages/npm/yarn.lock
registry-url: "https://registry.npmjs.org" registry-url: "https://registry.npmjs.org"
# Ensure npm 11.5.1 or later is installed
- name: Update npm
run: npm install -g npm@latest
- name: 🔨 Install dependencies - name: 🔨 Install dependencies
run: "yarn install --frozen-lockfile" run: "yarn install --frozen-lockfile"
@ -33,10 +40,4 @@ jobs:
VERSION: ${{ github.event.release.tag_name }}.0 VERSION: ${{ github.event.release.tag_name }}.0
- name: 🚀 Publish to npm - name: 🚀 Publish to npm
id: npm-publish run: npm publish --provenance --access public --tag latest
uses: JS-DevTools/npm-publish@19c28f1ef146469e409470805ea4279d47c3d35c # v3.1.1
with:
token: ${{ secrets.NPM_TOKEN }}
package: packages/npm
access: public
ignore-scripts: false

1
changelogs/internal/newsfragments/2239.clarification
Unescape Escape View File

@ -0,0 +1 @@
Use NPM Trusted Publishers for publishing `@matrix-org/spec` to npm.
Write Preview
Loading…
Cancel
Save