From 4c03906b7e25966ee0b546c594e1b5f052395cf7 Mon Sep 17 00:00:00 2001 From: Leah Wasser Date: Thu, 5 Mar 2026 20:52:50 -0700 Subject: [PATCH 1/2] chore(ci): setup trusted publishing --- .github/workflows/test-deploy.yml | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/.github/workflows/test-deploy.yml b/.github/workflows/test-deploy.yml index 2be26391..debae4dd 100644 --- a/.github/workflows/test-deploy.yml +++ b/.github/workflows/test-deploy.yml @@ -6,6 +6,10 @@ on: - main pull_request: workflow_dispatch: + release: + types: [published] + +permissions: {} jobs: test: @@ -37,3 +41,28 @@ jobs: files: ./coverage/lcov.info fail_ci_if_error: false verbose: true + publish: + name: >- + Publish cli 📦 to NPM + if: + github.repository_owner == 'all-contributors' && github.event_name == + 'release' + needs: + - test + runs-on: ubuntu-latest + environment: + name: npm-publish + url: https://www.npmjs.com/package/all-contributors-cli + permissions: + id-token: write # mandatory for OIDC / NPM publishing + contents: read + steps: + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0 + with: + node-version: '22' + registry-url: 'https://registry.npmjs.org' + - run: | + npm ci + npm run build + - run: npm publish --provenance From 86e53b41733cbad2e384b70f7bea54d04e906432 Mon Sep 17 00:00:00 2001 From: Leah Wasser Date: Sun, 8 Mar 2026 16:05:22 -0600 Subject: [PATCH 2/2] Apply suggestion from @lwasser --- .github/workflows/test-deploy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test-deploy.yml b/.github/workflows/test-deploy.yml index debae4dd..43900a63 100644 --- a/.github/workflows/test-deploy.yml +++ b/.github/workflows/test-deploy.yml @@ -65,4 +65,4 @@ jobs: - run: | npm ci npm run build - - run: npm publish --provenance + - run: npm publish