From 587a88b9841272a0049894ca7523bbd61fccf72c Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 4 Feb 2026 01:56:01 +0000 Subject: [PATCH 1/6] Initial plan From 691b170adc186afa3dccc862bc409ef56c08827d Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 4 Feb 2026 01:57:50 +0000 Subject: [PATCH 2/6] Modify publish-release.yml to use OIDC authentication Co-authored-by: compulim <1622400+compulim@users.noreply.github.com> --- .github/workflows/publish-release.yml | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/.github/workflows/publish-release.yml b/.github/workflows/publish-release.yml index 27dc965b..a8329da7 100644 --- a/.github/workflows/publish-release.yml +++ b/.github/workflows/publish-release.yml @@ -44,14 +44,19 @@ jobs: GH_TOKEN: ${{ github.token }} publish-package: - environment: production + environment: + name: production + url: https://npmjs.com/package/${{ steps.get-version.outputs.package-name }}/v/${{ steps.get-version.outputs.version }} needs: build-and-draft runs-on: ubuntu-latest + permissions: + contents: read + id-token: write steps: - uses: actions/setup-node@v3 with: - node-version: 18 + node-version: 24 # Newer Node.js version for OIDC publishing registry-url: https://registry.npmjs.org/ - name: Download tarball artifact uses: actions/download-artifact@v4.2.1 @@ -63,8 +68,6 @@ jobs: echo package-name=`tar --extract --file=\`ls ./*.tgz\` --to-stdout package/package.json | jq -r .name` >> $GITHUB_OUTPUT echo version=`tar --extract --file=\`ls ./*.tgz\` --to-stdout package/package.json | jq -r .version` >> $GITHUB_OUTPUT - run: npm publish --access public `ls ./*.tgz` - env: - NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} - name: Generate job summary run: echo "NPM package has been published to https://npmjs.com/package/${{ steps.get-version.outputs.package-name }}/v/${{ steps.get-version.outputs.version }}." > $GITHUB_STEP_SUMMARY From 6899dc5ee23cb200890dd085140d56fe38e10807 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 4 Feb 2026 02:07:45 +0000 Subject: [PATCH 3/6] Add version validation step from continuous-deployment.yml Co-authored-by: compulim <1622400+compulim@users.noreply.github.com> --- .github/workflows/publish-release.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/publish-release.yml b/.github/workflows/publish-release.yml index a8329da7..48ddfc85 100644 --- a/.github/workflows/publish-release.yml +++ b/.github/workflows/publish-release.yml @@ -67,6 +67,11 @@ jobs: run: | echo package-name=`tar --extract --file=\`ls ./*.tgz\` --to-stdout package/package.json | jq -r .name` >> $GITHUB_OUTPUT echo version=`tar --extract --file=\`ls ./*.tgz\` --to-stdout package/package.json | jq -r .version` >> $GITHUB_OUTPUT + - if: ${{ contains(steps.get-version.outputs.version, '-') }} + name: Validate version + run: | + echo Version number must not be a prerelease. + exit 1 - run: npm publish --access public `ls ./*.tgz` - name: Generate job summary run: echo "NPM package has been published to https://npmjs.com/package/${{ steps.get-version.outputs.package-name }}/v/${{ steps.get-version.outputs.version }}." > $GITHUB_STEP_SUMMARY From 173e7b2e932ec2d4fa4b1645095492fb2419e447 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 4 Feb 2026 02:08:26 +0000 Subject: [PATCH 4/6] Fix step field order: name before if Co-authored-by: compulim <1622400+compulim@users.noreply.github.com> --- .github/workflows/publish-release.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/publish-release.yml b/.github/workflows/publish-release.yml index 48ddfc85..ff46a13d 100644 --- a/.github/workflows/publish-release.yml +++ b/.github/workflows/publish-release.yml @@ -67,8 +67,8 @@ jobs: run: | echo package-name=`tar --extract --file=\`ls ./*.tgz\` --to-stdout package/package.json | jq -r .name` >> $GITHUB_OUTPUT echo version=`tar --extract --file=\`ls ./*.tgz\` --to-stdout package/package.json | jq -r .version` >> $GITHUB_OUTPUT - - if: ${{ contains(steps.get-version.outputs.version, '-') }} - name: Validate version + - name: Validate version + if: ${{ contains(steps.get-version.outputs.version, '-') }} run: | echo Version number must not be a prerelease. exit 1 From 8ac4571f5be9e72097e75b3d2107a79944fb4852 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 4 Feb 2026 02:18:39 +0000 Subject: [PATCH 5/6] Revert "Add version validation step from continuous-deployment.yml" Co-authored-by: compulim <1622400+compulim@users.noreply.github.com> --- .github/workflows/publish-release.yml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/.github/workflows/publish-release.yml b/.github/workflows/publish-release.yml index ff46a13d..a8329da7 100644 --- a/.github/workflows/publish-release.yml +++ b/.github/workflows/publish-release.yml @@ -67,11 +67,6 @@ jobs: run: | echo package-name=`tar --extract --file=\`ls ./*.tgz\` --to-stdout package/package.json | jq -r .name` >> $GITHUB_OUTPUT echo version=`tar --extract --file=\`ls ./*.tgz\` --to-stdout package/package.json | jq -r .version` >> $GITHUB_OUTPUT - - name: Validate version - if: ${{ contains(steps.get-version.outputs.version, '-') }} - run: | - echo Version number must not be a prerelease. - exit 1 - run: npm publish --access public `ls ./*.tgz` - name: Generate job summary run: echo "NPM package has been published to https://npmjs.com/package/${{ steps.get-version.outputs.package-name }}/v/${{ steps.get-version.outputs.version }}." > $GITHUB_STEP_SUMMARY From aea6bbce2e9b85bbcd03606ea2fcc4c00b2cd655 Mon Sep 17 00:00:00 2001 From: William Wong Date: Tue, 3 Feb 2026 18:25:21 -0800 Subject: [PATCH 6/6] Reformat publish-release workflow for clarity --- .github/workflows/publish-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish-release.yml b/.github/workflows/publish-release.yml index a8329da7..490e7333 100644 --- a/.github/workflows/publish-release.yml +++ b/.github/workflows/publish-release.yml @@ -45,7 +45,7 @@ jobs: publish-package: environment: - name: production + name: npm url: https://npmjs.com/package/${{ steps.get-version.outputs.package-name }}/v/${{ steps.get-version.outputs.version }} needs: build-and-draft runs-on: ubuntu-latest