feat(ci): automated npm publishing via trusted publishing

.github/workflows/ci.yml

@@ -1,8 +1,6 @@
 name: CI
 on:
-  push:
-    branches:
-      - main
+  workflow_call:
   pull_request:
     branches:
       - main

.github/workflows/publish.yml

@@ -0,0 +1,74 @@
+name: Publish to npm
+
+on:
+  release:
+    types: [published]
+
+permissions:
+  contents: read
+  id-token: write
+
+jobs:
+  ci:
+    name: CI
+    uses: ./.github/workflows/ci.yml
+
+  publish:
+    name: Publish packages
+    needs: ci
+    runs-on: ubuntu-latest
+
+    permissions:
+      contents: read
+      id-token: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: "22"
+          registry-url: "https://registry.npmjs.org"
+
+      - name: Ensure npm >= 11.5.1 (required for trusted publishing)
+        run: npm install -g npm@latest
+
+      - name: Build all packages
+        run: |
+          corepack enable
+          yarn install --immutable
+          yarn all:prepare
+
+      - name: Verify versions match release tag
+        run: |
+          TAG="${GITHUB_REF_NAME}"
+          for PKG in packages/purchasely packages/google packages/amazon packages/huawei packages/android-player; do
+            VERSION=$(node -p "require('./$PKG/package.json').version")
+            if [ "$VERSION" != "$TAG" ]; then
+              echo "::error::$PKG version ($VERSION) does not match release tag ($TAG)"
+              exit 1
+            fi
+          done
+          echo "All package versions match release tag: $TAG"
+
+      - name: Publish react-native-purchasely
+        working-directory: packages/purchasely
+        run: npm publish --access public --provenance
+
+      - name: Publish @purchasely/react-native-purchasely-google
+        working-directory: packages/google
+        run: npm publish --access public --provenance
+
+      - name: Publish @purchasely/react-native-purchasely-amazon
+        working-directory: packages/amazon
+        run: npm publish --access public --provenance
+
+      - name: Publish @purchasely/react-native-purchasely-huawei
+        working-directory: packages/huawei
+        run: npm publish --access public --provenance
+
+      - name: Publish @purchasely/react-native-purchasely-android-player
+        working-directory: packages/android-player
+        run: npm publish --access public --provenance

CLAUDE.md

@@ -11,13 +11,13 @@
 
 | Property | Value |
 |----------|-------|
-| Current Version | 5.7.1 |
+| Current Version | 5.7.2 |
 | React Native | 0.79.2 |
 | TypeScript | 5.2.2 (strict mode) |
 | Node.js | v20 (see `.nvmrc`) |
 | Package Manager | Yarn 3.6.1 (workspaces) |
-| Native iOS SDK | 5.7.1 |
-| Native Android SDK | 5.7.1 |
+| Native iOS SDK | 5.7.2 |
+| Native Android SDK | 5.7.3 |
 
 ### Supported App Stores
 - Apple App Store (iOS)
@@ -388,11 +388,11 @@ Build orchestration with caching:
 ### Native Dependencies
 
 **iOS (CocoaPods):**
-- Purchasely SDK v5.7.1
+- Purchasely SDK v5.7.2
 - Deployment target: iOS 13.4
 
 **Android (Gradle):**
-- io.purchasely:core:5.7.1
+- io.purchasely:core:5.7.3
 - Min SDK: 21
 - Kotlin: 1.9+
 - Java: 11
@@ -616,6 +616,7 @@ See `VERSIONS.md` for native SDK version mapping:
 
 | React Native SDK | iOS SDK | Android SDK |
 |------------------|---------|-------------|
+| 5.7.2 | 5.7.2 | 5.7.3 |
 | 5.7.1 | 5.7.1 | 5.7.1 |
 | 5.7.0 | 5.7.0 | 5.7.0 |
 | 5.6.2 | 5.6.4 | 5.6.0 |

VERSIONS.md

@@ -112,3 +112,4 @@ This file provides the underlying native SDK versions that the React Native SDK
 | 5.6.2   | 5.6.4       | 5.6.0           |
 | 5.7.0   | 5.7.0       | 5.7.0           |
 | 5.7.1   | 5.7.1       | 5.7.1           |
+| 5.7.2   | 5.7.2       | 5.7.3           |

package.json

@@ -32,7 +32,7 @@
     "js-yaml": "^4.1.1",
     "lodash": ">=4.17.23",
     "lodash-es": ">=4.17.23",
-    "minimatch": ">=3.1.3",
+    "minimatch": "~3.1.3",
     "fast-xml-parser": ">=4.5.4",
     "tar": ">=7.5.10",
     "undici": ">=7.24.0"

packages/amazon/android/build.gradle

@@ -61,5 +61,5 @@ dependencies {
   api 'com.facebook.react:react-native:+'
   implementation "org.jetbrains.kotlin:kotlin-stdlib:$kotlin_version"
 
-  implementation 'io.purchasely:amazon:5.7.1'
+  implementation 'io.purchasely:amazon:5.7.3'
 }

packages/amazon/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@purchasely/react-native-purchasely-amazon",
-  "version": "5.7.1",
+  "version": "5.7.2",
   "description": "Purchasely Amazon In-App Purchases dependency",
   "source": "./src/index.tsx",
   "main": "./lib/commonjs/index.js",
@@ -34,7 +34,11 @@
     "ios",
     "android"
   ],
-  "repository": "https://github.com/Purchasely/Purchasely-ReactNative/packages/amazon",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/Purchasely/Purchasely-ReactNative.git",
+    "directory": "packages/amazon"
+  },
   "author": "Purchasely <kevin@purchasely.com> (https://github.com/Purchasely/Purchasely-ReactNative)",
   "license": "MIT",
   "bugs": {

packages/android-player/android/build.gradle

@@ -62,5 +62,5 @@ dependencies {
   api 'com.facebook.react:react-native:+'
   implementation "org.jetbrains.kotlin:kotlin-stdlib:$kotlin_version"
 
-  implementation 'io.purchasely:player:5.7.1'
+  implementation 'io.purchasely:player:5.7.3'
 }

packages/android-player/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@purchasely/react-native-purchasely-android-player",
-  "version": "5.7.1",
+  "version": "5.7.2",
   "description": "Player Android",
   "source": "./src/index.ts",
   "main": "./lib/commonjs/index.js",
@@ -33,7 +33,8 @@
   ],
   "repository": {
     "type": "git",
-    "url": "https://github.com/Purchasely/Purchasely-ReactNative/packages/android-player"
+    "url": "git+https://github.com/Purchasely/Purchasely-ReactNative.git",
+    "directory": "packages/android-player"
   },
   "author": "Purchasely <kevin@purchasely.com> (https://github.com/Purchasely/Purchasely-ReactNative)",
   "license": "MIT",

packages/google/android/build.gradle

@@ -62,5 +62,5 @@ dependencies {
   api 'com.facebook.react:react-native:+'
   implementation "org.jetbrains.kotlin:kotlin-stdlib:$kotlin_version"
 
-  implementation 'io.purchasely:google-play:5.7.1'
+  implementation 'io.purchasely:google-play:5.7.3'
 }

packages/google/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@purchasely/react-native-purchasely-google",
-  "version": "5.7.1",
+  "version": "5.7.2",
   "description": "Purchasely Google Play Billing dependency",
   "source": "./src/index.tsx",
   "main": "./lib/commonjs/index.js",
@@ -33,7 +33,8 @@
   ],
   "repository": {
     "type": "git",
-    "url": "https://github.com/Purchasely/Purchasely-ReactNative/packages/google"
+    "url": "git+https://github.com/Purchasely/Purchasely-ReactNative.git",
+    "directory": "packages/google"
   },
   "author": "Purchasely <kevin@purchasely.com> (https://github.com/Purchasely/Purchasely-ReactNative)",
   "license": "MIT",

packages/huawei/android/build.gradle

@@ -65,5 +65,5 @@ dependencies {
   api 'com.facebook.react:react-native:+'
   implementation "org.jetbrains.kotlin:kotlin-stdlib:$kotlin_version"
 
-  implementation 'io.purchasely:huawei-services:5.7.1'
+  implementation 'io.purchasely:huawei-services:5.7.3'
 }

packages/huawei/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@purchasely/react-native-purchasely-huawei",
-  "version": "5.7.1",
+  "version": "5.7.2",
   "description": "Purchasely Huawei Mobile Services dependencies",
   "source": "./src/index.tsx",
   "main": "./lib/commonjs/index.js",
@@ -35,7 +35,11 @@
     "ios",
     "android"
   ],
-  "repository": "https://github.com/Purchasely/Purchasely-ReactNative/packages/huawei",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/Purchasely/Purchasely-ReactNative.git",
+    "directory": "packages/huawei"
+  },
   "author": "Purchasely <kevin@purchasely.com> (https://github.com/Purchasely/Purchasely-ReactNative)",
   "license": "MIT",
   "bugs": {

packages/purchasely/android/build.gradle

@@ -140,7 +140,7 @@ dependencies {
   implementation 'org.jetbrains.kotlinx:kotlinx-coroutines-core:1.7.2'
   implementation 'org.jetbrains.kotlinx:kotlinx-coroutines-android:1.7.3'
 
-  api 'io.purchasely:core:5.7.1'
+  api 'io.purchasely:core:5.7.3'
   api 'androidx.lifecycle:lifecycle-common-java8:2.2.0'
 
   // Test dependencies

packages/purchasely/package.json

@@ -1,7 +1,7 @@
 {
   "name": "react-native-purchasely",
   "title": "Purchasely React Native",
-  "version": "5.7.1",
+  "version": "5.7.2",
   "description": "Purchasely is a solution to ease the integration and boost your In-App Purchase & Subscriptions on the App Store, Google Play Store and Huawei App Gallery.",
   "source": "./src/index.tsx",
   "main": "./lib/commonjs/index.js",

packages/purchasely/react-native-purchasely.podspec

@@ -20,7 +20,7 @@ Pod::Spec.new do |s|
   s.requires_arc = true
 
   s.dependency "React-Core"
-  s.dependency "Purchasely", '5.7.1'
+  s.dependency "Purchasely", '5.7.2'
 
   s.test_spec 'Tests' do |test_spec|
     test_spec.source_files = 'ios/PurchaselyTests/**/*.{h,m,mm,swift}'

packages/purchasely/src/__tests__/index.test.ts

@@ -182,7 +182,7 @@ describe('Purchasely SDK', () => {
                 'test-user',
                 mockConstants.logLevelDebug,
                 mockConstants.runningModeFull,
-                '5.7.1'
+                '5.7.2'
             )
         })
 
@@ -203,7 +203,7 @@ describe('Purchasely SDK', () => {
                 null,
                 mockConstants.logLevelError,
                 mockConstants.runningModeFull,
-                '5.7.1'
+                '5.7.2'
             )
         })
 

packages/purchasely/src/__tests__/types.test.ts

@@ -328,7 +328,7 @@ describe('Purchasely Types', () => {
             const event: PurchaselyEvent = {
                 name: 'PURCHASE_TAPPED',
                 properties: {
-                    sdk_version: '5.7.1',
+                    sdk_version: '5.7.2',
                     event_name: 'PURCHASE_TAPPED',
                     event_created_at_ms: 1705315200000,
                     event_created_at: '2024-01-15T12:00:00Z',
@@ -339,7 +339,7 @@ describe('Purchasely Types', () => {
             }
 
             expect(event.name).toBe('PURCHASE_TAPPED')
-            expect(event.properties.sdk_version).toBe('5.7.1')
+            expect(event.properties.sdk_version).toBe('5.7.2')
         })
     })
 

packages/purchasely/src/index.ts

@@ -28,7 +28,7 @@ import type {
   PurchaselyUserAttribute,
 } from './types';
 
-const purchaselyVersion = '5.7.1';
+const purchaselyVersion = '5.7.2';
 
 const constants = NativeModules.Purchasely.getConstants() as Constants;
 

yarn.lock

@@ -4267,10 +4267,10 @@ __metadata:
   languageName: node
   linkType: hard
 
-"balanced-match@npm:^4.0.2":
-  version: 4.0.4
-  resolution: "balanced-match@npm:4.0.4"
-  checksum: fb07bb66a0959c2843fc055838047e2a95ccebb837c519614afb067ebfdf2fa967ca8d712c35ced07f2cd26fc6f07964230b094891315ad74f11eba3d53178a0
+"balanced-match@npm:^1.0.0":
+  version: 1.0.2
+  resolution: "balanced-match@npm:1.0.2"
+  checksum: 9706c088a283058a8a99e0bf91b0a2f75497f185980d9ffa8b304de1d9e58ebda7c72c07ebf01dadedaac5b2907b2c6f566f660d62bd336c3468e960403b9d65
   languageName: node
   linkType: hard
 
@@ -4329,12 +4329,13 @@ __metadata:
   languageName: node
   linkType: hard
 
-"brace-expansion@npm:^5.0.2":
-  version: 5.0.4
-  resolution: "brace-expansion@npm:5.0.4"
+"brace-expansion@npm:^1.1.7":
+  version: 1.1.12
+  resolution: "brace-expansion@npm:1.1.12"
   dependencies:
-    balanced-match: ^4.0.2
-  checksum: ded86c0f0b138734110d67437fee52c1f97bc19175644788b1d71afec2d87d405cf05424ce428f88ae3abe8e09e13ee55f2675534b38076ef70e1e583ed75686
+    balanced-match: ^1.0.0
+    concat-map: 0.0.1
+  checksum: 12cb6d6310629e3048cadb003e1aca4d8c9bb5c67c3c321bafdd7e7a50155de081f78ea3e0ed92ecc75a9015e784f301efc8132383132f4f7904ad1ac529c562
   languageName: node
   linkType: hard
 
@@ -4852,6 +4853,13 @@ __metadata:
   languageName: node
   linkType: hard
 
+"concat-map@npm:0.0.1":
+  version: 0.0.1
+  resolution: "concat-map@npm:0.0.1"
+  checksum: 902a9f5d8967a3e2faf138d5cb784b9979bad2e6db5357c5b21c568df4ebe62bcb15108af1b2253744844eb964fc023fbd9afbbbb6ddd0bcc204c6fb5b7bf3af
+  languageName: node
+  linkType: hard
+
 "concat-stream@npm:^2.0.0":
   version: 2.0.0
   resolution: "concat-stream@npm:2.0.0"
@@ -9903,12 +9911,12 @@ __metadata:
   languageName: node
   linkType: hard
 
-"minimatch@npm:>=3.1.3":
-  version: 10.2.4
-  resolution: "minimatch@npm:10.2.4"
+"minimatch@npm:~3.1.3":
+  version: 3.1.5
+  resolution: "minimatch@npm:3.1.5"
   dependencies:
-    brace-expansion: ^5.0.2
-  checksum: 56dce6b04c6b30b500d81d7a29822c108b7d58c46696ec7332d04a2bd104a5cb69e5c7ce93e1783dc66d61400d831e6e226ca101ac23665aff32ca303619dc3d
+    brace-expansion: ^1.1.7
+  checksum: 47ef6f412c08be045a7291d11b1c40777925accf7252dc6d3caa39b1bfbb3a7ea390ba7aba464d762d783265c644143d2c8a204e6b5763145024d52ee65a1941
   languageName: node
   linkType: hard