Skip to content

Commit a3f6518

Browse files
jakubnojakubno
authored
Use OIDC for npm publish (#130)
* Use OIDC for npm publish * Apply suggestion from @jakubno * Update node
1 parent 507f2eb commit a3f6518

File tree

2 files changed

+17
-11
lines changed

2 files changed

+17
-11
lines changed

.github/workflows/publish_packages.yml

Lines changed: 11 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -5,12 +5,11 @@ on:
55
secrets:
66
E2B_API_KEY:
77
required: true
8-
NPM_TOKEN:
9-
required: true
108
PYPI_TOKEN:
119
required: true
1210

1311
permissions:
12+
id-token: write
1413
contents: write
1514

1615
jobs:
@@ -46,17 +45,23 @@ jobs:
4645
with:
4746
version: 9.5
4847

49-
- name: Setup Node.js 20
50-
uses: actions/setup-node@v3
48+
- name: Setup Node.js 22
49+
uses: actions/setup-node@v6
5150
with:
52-
node-version: '20.x'
51+
node-version: "22.x"
52+
registry-url: "https://registry.npmjs.org"
5353
cache: pnpm
5454

5555
- name: Configure pnpm
5656
run: |
5757
pnpm config set auto-install-peers true
5858
pnpm config set exclude-links-from-lockfile true
5959
60+
- name: Update npm
61+
run: |
62+
npm install -g npm@^11.6
63+
npm --version
64+
6065
- name: Install dependencies
6166
run: pnpm install --frozen-lockfile
6267

@@ -84,8 +89,8 @@ jobs:
8489
createGithubReleases: true
8590
env:
8691
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
87-
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
8892
PYPI_TOKEN: ${{ secrets.PYPI_TOKEN }}
93+
NPM_TOKEN: "" # See https://github.com/changesets/changesets/issues/1152#issuecomment-3190884868
8994

9095
- name: Update lock file
9196
run: pnpm i --no-link --no-frozen-lockfile

.github/workflows/release.yml

Lines changed: 6 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,7 @@ on:
88
concurrency: ${{ github.workflow }}-${{ github.ref }}
99

1010
permissions:
11+
id-token: write
1112
contents: write
1213

1314
jobs:
@@ -27,10 +28,10 @@ jobs:
2728
version: 9.5
2829

2930
- name: Setup Node
30-
uses: actions/setup-node@v3
31+
uses: actions/setup-node@v6
3132
with:
32-
node-version: '20.x'
33-
registry-url: 'https://registry.npmjs.org'
33+
node-version: "22.x"
34+
registry-url: "https://registry.npmjs.org"
3435
cache: pnpm
3536
cache-dependency-path: pnpm-lock.yaml
3637

@@ -67,9 +68,9 @@ jobs:
6768
version: 9.5
6869

6970
- name: Setup Node
70-
uses: actions/setup-node@v3
71+
uses: actions/setup-node@v6
7172
with:
72-
node-version: '20.x'
73+
node-version: '22.x'
7374
registry-url: 'https://registry.npmjs.org'
7475
cache: pnpm
7576
cache-dependency-path: pnpm-lock.yaml

0 commit comments

Comments
 (0)