From adcd13691fcd1288f8ad7caf2c818918cb7a44b6 Mon Sep 17 00:00:00 2001 From: Kevin Date: Tue, 17 Mar 2026 08:56:05 +0100 Subject: [PATCH 1/3] chore: Bump package versions to 5.7.2 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - iOS SDK 5.7.1 → 5.7.2 - Android SDK 5.7.1 → 5.7.3 - Update all package versions, tests, and documentation Co-Authored-By: Claude Opus 4.6 (1M context) --- CLAUDE.md | 11 ++++++----- VERSIONS.md | 1 + packages/amazon/android/build.gradle | 2 +- packages/amazon/package.json | 2 +- packages/android-player/android/build.gradle | 2 +- packages/android-player/package.json | 2 +- packages/google/android/build.gradle | 2 +- packages/google/package.json | 2 +- packages/huawei/android/build.gradle | 2 +- packages/huawei/package.json | 2 +- packages/purchasely/android/build.gradle | 2 +- packages/purchasely/package.json | 2 +- packages/purchasely/react-native-purchasely.podspec | 2 +- packages/purchasely/src/__tests__/index.test.ts | 4 ++-- packages/purchasely/src/__tests__/types.test.ts | 4 ++-- packages/purchasely/src/index.ts | 2 +- 16 files changed, 23 insertions(+), 21 deletions(-) diff --git a/CLAUDE.md b/CLAUDE.md index 06e6704..ba91e12 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -11,13 +11,13 @@ | Property | Value | |----------|-------| -| Current Version | 5.7.1 | +| Current Version | 5.7.2 | | React Native | 0.79.2 | | TypeScript | 5.2.2 (strict mode) | | Node.js | v20 (see `.nvmrc`) | | Package Manager | Yarn 3.6.1 (workspaces) | -| Native iOS SDK | 5.7.1 | -| Native Android SDK | 5.7.1 | +| Native iOS SDK | 5.7.2 | +| Native Android SDK | 5.7.3 | ### Supported App Stores - Apple App Store (iOS) @@ -388,11 +388,11 @@ Build orchestration with caching: ### Native Dependencies **iOS (CocoaPods):** -- Purchasely SDK v5.7.1 +- Purchasely SDK v5.7.2 - Deployment target: iOS 13.4 **Android (Gradle):** -- io.purchasely:core:5.7.1 +- io.purchasely:core:5.7.3 - Min SDK: 21 - Kotlin: 1.9+ - Java: 11 @@ -616,6 +616,7 @@ See `VERSIONS.md` for native SDK version mapping: | React Native SDK | iOS SDK | Android SDK | |------------------|---------|-------------| +| 5.7.2 | 5.7.2 | 5.7.3 | | 5.7.1 | 5.7.1 | 5.7.1 | | 5.7.0 | 5.7.0 | 5.7.0 | | 5.6.2 | 5.6.4 | 5.6.0 | diff --git a/VERSIONS.md b/VERSIONS.md index 2d705bd..3a8606a 100644 --- a/VERSIONS.md +++ b/VERSIONS.md @@ -112,3 +112,4 @@ This file provides the underlying native SDK versions that the React Native SDK | 5.6.2 | 5.6.4 | 5.6.0 | | 5.7.0 | 5.7.0 | 5.7.0 | | 5.7.1 | 5.7.1 | 5.7.1 | +| 5.7.2 | 5.7.2 | 5.7.3 | diff --git a/packages/amazon/android/build.gradle b/packages/amazon/android/build.gradle index fc244bb..bea7be1 100644 --- a/packages/amazon/android/build.gradle +++ b/packages/amazon/android/build.gradle @@ -61,5 +61,5 @@ dependencies { api 'com.facebook.react:react-native:+' implementation "org.jetbrains.kotlin:kotlin-stdlib:$kotlin_version" - implementation 'io.purchasely:amazon:5.7.1' + implementation 'io.purchasely:amazon:5.7.3' } diff --git a/packages/amazon/package.json b/packages/amazon/package.json index 5926d52..54f4bb8 100644 --- a/packages/amazon/package.json +++ b/packages/amazon/package.json @@ -1,6 +1,6 @@ { "name": "@purchasely/react-native-purchasely-amazon", - "version": "5.7.1", + "version": "5.7.2", "description": "Purchasely Amazon In-App Purchases dependency", "source": "./src/index.tsx", "main": "./lib/commonjs/index.js", diff --git a/packages/android-player/android/build.gradle b/packages/android-player/android/build.gradle index 91ce32b..acd6986 100644 --- a/packages/android-player/android/build.gradle +++ b/packages/android-player/android/build.gradle @@ -62,5 +62,5 @@ dependencies { api 'com.facebook.react:react-native:+' implementation "org.jetbrains.kotlin:kotlin-stdlib:$kotlin_version" - implementation 'io.purchasely:player:5.7.1' + implementation 'io.purchasely:player:5.7.3' } diff --git a/packages/android-player/package.json b/packages/android-player/package.json index dc800df..83f7ca1 100644 --- a/packages/android-player/package.json +++ b/packages/android-player/package.json @@ -1,6 +1,6 @@ { "name": "@purchasely/react-native-purchasely-android-player", - "version": "5.7.1", + "version": "5.7.2", "description": "Player Android", "source": "./src/index.ts", "main": "./lib/commonjs/index.js", diff --git a/packages/google/android/build.gradle b/packages/google/android/build.gradle index c98ed39..1ed369f 100644 --- a/packages/google/android/build.gradle +++ b/packages/google/android/build.gradle @@ -62,5 +62,5 @@ dependencies { api 'com.facebook.react:react-native:+' implementation "org.jetbrains.kotlin:kotlin-stdlib:$kotlin_version" - implementation 'io.purchasely:google-play:5.7.1' + implementation 'io.purchasely:google-play:5.7.3' } diff --git a/packages/google/package.json b/packages/google/package.json index bf9c0c2..4dff13c 100644 --- a/packages/google/package.json +++ b/packages/google/package.json @@ -1,6 +1,6 @@ { "name": "@purchasely/react-native-purchasely-google", - "version": "5.7.1", + "version": "5.7.2", "description": "Purchasely Google Play Billing dependency", "source": "./src/index.tsx", "main": "./lib/commonjs/index.js", diff --git a/packages/huawei/android/build.gradle b/packages/huawei/android/build.gradle index eab444f..4c08878 100644 --- a/packages/huawei/android/build.gradle +++ b/packages/huawei/android/build.gradle @@ -65,5 +65,5 @@ dependencies { api 'com.facebook.react:react-native:+' implementation "org.jetbrains.kotlin:kotlin-stdlib:$kotlin_version" - implementation 'io.purchasely:huawei-services:5.7.1' + implementation 'io.purchasely:huawei-services:5.7.3' } diff --git a/packages/huawei/package.json b/packages/huawei/package.json index f3ef4bc..a254453 100644 --- a/packages/huawei/package.json +++ b/packages/huawei/package.json @@ -1,6 +1,6 @@ { "name": "@purchasely/react-native-purchasely-huawei", - "version": "5.7.1", + "version": "5.7.2", "description": "Purchasely Huawei Mobile Services dependencies", "source": "./src/index.tsx", "main": "./lib/commonjs/index.js", diff --git a/packages/purchasely/android/build.gradle b/packages/purchasely/android/build.gradle index c3899c0..e73a2cf 100644 --- a/packages/purchasely/android/build.gradle +++ b/packages/purchasely/android/build.gradle @@ -140,7 +140,7 @@ dependencies { implementation 'org.jetbrains.kotlinx:kotlinx-coroutines-core:1.7.2' implementation 'org.jetbrains.kotlinx:kotlinx-coroutines-android:1.7.3' - api 'io.purchasely:core:5.7.1' + api 'io.purchasely:core:5.7.3' api 'androidx.lifecycle:lifecycle-common-java8:2.2.0' // Test dependencies diff --git a/packages/purchasely/package.json b/packages/purchasely/package.json index b9d527f..78a928f 100644 --- a/packages/purchasely/package.json +++ b/packages/purchasely/package.json @@ -1,7 +1,7 @@ { "name": "react-native-purchasely", "title": "Purchasely React Native", - "version": "5.7.1", + "version": "5.7.2", "description": "Purchasely is a solution to ease the integration and boost your In-App Purchase & Subscriptions on the App Store, Google Play Store and Huawei App Gallery.", "source": "./src/index.tsx", "main": "./lib/commonjs/index.js", diff --git a/packages/purchasely/react-native-purchasely.podspec b/packages/purchasely/react-native-purchasely.podspec index d80d52f..1ea20f9 100644 --- a/packages/purchasely/react-native-purchasely.podspec +++ b/packages/purchasely/react-native-purchasely.podspec @@ -20,7 +20,7 @@ Pod::Spec.new do |s| s.requires_arc = true s.dependency "React-Core" - s.dependency "Purchasely", '5.7.1' + s.dependency "Purchasely", '5.7.2' s.test_spec 'Tests' do |test_spec| test_spec.source_files = 'ios/PurchaselyTests/**/*.{h,m,mm,swift}' diff --git a/packages/purchasely/src/__tests__/index.test.ts b/packages/purchasely/src/__tests__/index.test.ts index b49115d..2118e52 100644 --- a/packages/purchasely/src/__tests__/index.test.ts +++ b/packages/purchasely/src/__tests__/index.test.ts @@ -182,7 +182,7 @@ describe('Purchasely SDK', () => { 'test-user', mockConstants.logLevelDebug, mockConstants.runningModeFull, - '5.7.1' + '5.7.2' ) }) @@ -203,7 +203,7 @@ describe('Purchasely SDK', () => { null, mockConstants.logLevelError, mockConstants.runningModeFull, - '5.7.1' + '5.7.2' ) }) diff --git a/packages/purchasely/src/__tests__/types.test.ts b/packages/purchasely/src/__tests__/types.test.ts index 5f7e23b..c670722 100644 --- a/packages/purchasely/src/__tests__/types.test.ts +++ b/packages/purchasely/src/__tests__/types.test.ts @@ -328,7 +328,7 @@ describe('Purchasely Types', () => { const event: PurchaselyEvent = { name: 'PURCHASE_TAPPED', properties: { - sdk_version: '5.7.1', + sdk_version: '5.7.2', event_name: 'PURCHASE_TAPPED', event_created_at_ms: 1705315200000, event_created_at: '2024-01-15T12:00:00Z', @@ -339,7 +339,7 @@ describe('Purchasely Types', () => { } expect(event.name).toBe('PURCHASE_TAPPED') - expect(event.properties.sdk_version).toBe('5.7.1') + expect(event.properties.sdk_version).toBe('5.7.2') }) }) diff --git a/packages/purchasely/src/index.ts b/packages/purchasely/src/index.ts index 3d6025a..41e41b7 100644 --- a/packages/purchasely/src/index.ts +++ b/packages/purchasely/src/index.ts @@ -28,7 +28,7 @@ import type { PurchaselyUserAttribute, } from './types'; -const purchaselyVersion = '5.7.1'; +const purchaselyVersion = '5.7.2'; const constants = NativeModules.Purchasely.getConstants() as Constants; From ddbdcf73b4c56d65f697a4aa3cc25047d00badb1 Mon Sep 17 00:00:00 2001 From: Kevin Date: Tue, 17 Mar 2026 09:16:46 +0100 Subject: [PATCH 2/3] fix(deps): pin minimatch to ~3.1.3 to fix CI coverage The previous resolution `>=3.1.3` resolved to minimatch 10.x (ESM-only), which broke babel-plugin-istanbul/test-exclude in Jest coverage runs. Pin to `~3.1.3` (resolves to 3.1.5) which includes the security fix while remaining CommonJS-compatible. Co-Authored-By: Claude Opus 4.6 (1M context) --- package.json | 2 +- yarn.lock | 36 ++++++++++++++++++++++-------------- 2 files changed, 23 insertions(+), 15 deletions(-) diff --git a/package.json b/package.json index 31b450a..1877c10 100644 --- a/package.json +++ b/package.json @@ -32,7 +32,7 @@ "js-yaml": "^4.1.1", "lodash": ">=4.17.23", "lodash-es": ">=4.17.23", - "minimatch": ">=3.1.3", + "minimatch": "~3.1.3", "fast-xml-parser": ">=4.5.4", "tar": ">=7.5.10", "undici": ">=7.24.0" diff --git a/yarn.lock b/yarn.lock index ed5bd29..ec2f7b3 100644 --- a/yarn.lock +++ b/yarn.lock @@ -4267,10 +4267,10 @@ __metadata: languageName: node linkType: hard -"balanced-match@npm:^4.0.2": - version: 4.0.4 - resolution: "balanced-match@npm:4.0.4" - checksum: fb07bb66a0959c2843fc055838047e2a95ccebb837c519614afb067ebfdf2fa967ca8d712c35ced07f2cd26fc6f07964230b094891315ad74f11eba3d53178a0 +"balanced-match@npm:^1.0.0": + version: 1.0.2 + resolution: "balanced-match@npm:1.0.2" + checksum: 9706c088a283058a8a99e0bf91b0a2f75497f185980d9ffa8b304de1d9e58ebda7c72c07ebf01dadedaac5b2907b2c6f566f660d62bd336c3468e960403b9d65 languageName: node linkType: hard @@ -4329,12 +4329,13 @@ __metadata: languageName: node linkType: hard -"brace-expansion@npm:^5.0.2": - version: 5.0.4 - resolution: "brace-expansion@npm:5.0.4" +"brace-expansion@npm:^1.1.7": + version: 1.1.12 + resolution: "brace-expansion@npm:1.1.12" dependencies: - balanced-match: ^4.0.2 - checksum: ded86c0f0b138734110d67437fee52c1f97bc19175644788b1d71afec2d87d405cf05424ce428f88ae3abe8e09e13ee55f2675534b38076ef70e1e583ed75686 + balanced-match: ^1.0.0 + concat-map: 0.0.1 + checksum: 12cb6d6310629e3048cadb003e1aca4d8c9bb5c67c3c321bafdd7e7a50155de081f78ea3e0ed92ecc75a9015e784f301efc8132383132f4f7904ad1ac529c562 languageName: node linkType: hard @@ -4852,6 +4853,13 @@ __metadata: languageName: node linkType: hard +"concat-map@npm:0.0.1": + version: 0.0.1 + resolution: "concat-map@npm:0.0.1" + checksum: 902a9f5d8967a3e2faf138d5cb784b9979bad2e6db5357c5b21c568df4ebe62bcb15108af1b2253744844eb964fc023fbd9afbbbb6ddd0bcc204c6fb5b7bf3af + languageName: node + linkType: hard + "concat-stream@npm:^2.0.0": version: 2.0.0 resolution: "concat-stream@npm:2.0.0" @@ -9903,12 +9911,12 @@ __metadata: languageName: node linkType: hard -"minimatch@npm:>=3.1.3": - version: 10.2.4 - resolution: "minimatch@npm:10.2.4" +"minimatch@npm:~3.1.3": + version: 3.1.5 + resolution: "minimatch@npm:3.1.5" dependencies: - brace-expansion: ^5.0.2 - checksum: 56dce6b04c6b30b500d81d7a29822c108b7d58c46696ec7332d04a2bd104a5cb69e5c7ce93e1783dc66d61400d831e6e226ca101ac23665aff32ca303619dc3d + brace-expansion: ^1.1.7 + checksum: 47ef6f412c08be045a7291d11b1c40777925accf7252dc6d3caa39b1bfbb3a7ea390ba7aba464d762d783265c644143d2c8a204e6b5763145024d52ee65a1941 languageName: node linkType: hard From 75114e9869484564f82a5e4be017e20e383f2b79 Mon Sep 17 00:00:00 2001 From: Kevin Date: Tue, 17 Mar 2026 11:28:53 +0100 Subject: [PATCH 3/3] feat(ci): add automated npm publishing via trusted publishing - Add publish.yml workflow triggered on GitHub release - Publishes all 5 packages with OIDC provenance (no secrets needed) - Includes version verification against release tag - Modify ci.yml to support workflow_call for reuse from publish.yml - Fix repository.url in package.json files for npm provenance Co-Authored-By: Claude Opus 4.6 (1M context) --- .github/workflows/ci.yml | 4 +- .github/workflows/publish.yml | 74 ++++++++++++++++++++++++++++ packages/amazon/package.json | 6 ++- packages/android-player/package.json | 3 +- packages/google/package.json | 3 +- packages/huawei/package.json | 6 ++- 6 files changed, 89 insertions(+), 7 deletions(-) create mode 100644 .github/workflows/publish.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 7c5f3e5..76dbecd 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,8 +1,6 @@ name: CI on: - push: - branches: - - main + workflow_call: pull_request: branches: - main diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml new file mode 100644 index 0000000..6d219ce --- /dev/null +++ b/.github/workflows/publish.yml @@ -0,0 +1,74 @@ +name: Publish to npm + +on: + release: + types: [published] + +permissions: + contents: read + id-token: write + +jobs: + ci: + name: CI + uses: ./.github/workflows/ci.yml + + publish: + name: Publish packages + needs: ci + runs-on: ubuntu-latest + + permissions: + contents: read + id-token: write + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Setup Node.js + uses: actions/setup-node@v4 + with: + node-version: "22" + registry-url: "https://registry.npmjs.org" + + - name: Ensure npm >= 11.5.1 (required for trusted publishing) + run: npm install -g npm@latest + + - name: Build all packages + run: | + corepack enable + yarn install --immutable + yarn all:prepare + + - name: Verify versions match release tag + run: | + TAG="${GITHUB_REF_NAME}" + for PKG in packages/purchasely packages/google packages/amazon packages/huawei packages/android-player; do + VERSION=$(node -p "require('./$PKG/package.json').version") + if [ "$VERSION" != "$TAG" ]; then + echo "::error::$PKG version ($VERSION) does not match release tag ($TAG)" + exit 1 + fi + done + echo "All package versions match release tag: $TAG" + + - name: Publish react-native-purchasely + working-directory: packages/purchasely + run: npm publish --access public --provenance + + - name: Publish @purchasely/react-native-purchasely-google + working-directory: packages/google + run: npm publish --access public --provenance + + - name: Publish @purchasely/react-native-purchasely-amazon + working-directory: packages/amazon + run: npm publish --access public --provenance + + - name: Publish @purchasely/react-native-purchasely-huawei + working-directory: packages/huawei + run: npm publish --access public --provenance + + - name: Publish @purchasely/react-native-purchasely-android-player + working-directory: packages/android-player + run: npm publish --access public --provenance diff --git a/packages/amazon/package.json b/packages/amazon/package.json index 54f4bb8..54edb10 100644 --- a/packages/amazon/package.json +++ b/packages/amazon/package.json @@ -34,7 +34,11 @@ "ios", "android" ], - "repository": "https://github.com/Purchasely/Purchasely-ReactNative/packages/amazon", + "repository": { + "type": "git", + "url": "git+https://github.com/Purchasely/Purchasely-ReactNative.git", + "directory": "packages/amazon" + }, "author": "Purchasely (https://github.com/Purchasely/Purchasely-ReactNative)", "license": "MIT", "bugs": { diff --git a/packages/android-player/package.json b/packages/android-player/package.json index 83f7ca1..aa22f3e 100644 --- a/packages/android-player/package.json +++ b/packages/android-player/package.json @@ -33,7 +33,8 @@ ], "repository": { "type": "git", - "url": "https://github.com/Purchasely/Purchasely-ReactNative/packages/android-player" + "url": "git+https://github.com/Purchasely/Purchasely-ReactNative.git", + "directory": "packages/android-player" }, "author": "Purchasely (https://github.com/Purchasely/Purchasely-ReactNative)", "license": "MIT", diff --git a/packages/google/package.json b/packages/google/package.json index 4dff13c..2fa18bb 100644 --- a/packages/google/package.json +++ b/packages/google/package.json @@ -33,7 +33,8 @@ ], "repository": { "type": "git", - "url": "https://github.com/Purchasely/Purchasely-ReactNative/packages/google" + "url": "git+https://github.com/Purchasely/Purchasely-ReactNative.git", + "directory": "packages/google" }, "author": "Purchasely (https://github.com/Purchasely/Purchasely-ReactNative)", "license": "MIT", diff --git a/packages/huawei/package.json b/packages/huawei/package.json index a254453..cd124ed 100644 --- a/packages/huawei/package.json +++ b/packages/huawei/package.json @@ -35,7 +35,11 @@ "ios", "android" ], - "repository": "https://github.com/Purchasely/Purchasely-ReactNative/packages/huawei", + "repository": { + "type": "git", + "url": "git+https://github.com/Purchasely/Purchasely-ReactNative.git", + "directory": "packages/huawei" + }, "author": "Purchasely (https://github.com/Purchasely/Purchasely-ReactNative)", "license": "MIT", "bugs": {