From 3007f2643e31c3a28edbac692bec4c65dff32c03 Mon Sep 17 00:00:00 2001
From: Denis Rossati Ramos <denis.rossatiramos@gmail.com>
Date: Mon, 30 Mar 2026 16:13:58 -0300
Subject: [PATCH 1/3] Use reusable workflows

---
 .../workflows/deploy-published-releases.yaml  | 59 ++++--------
 .github/workflows/library-validations.yaml    | 95 ++-----------------
 2 files changed, 27 insertions(+), 127 deletions(-)

diff --git a/.github/workflows/deploy-published-releases.yaml b/.github/workflows/deploy-published-releases.yaml
index 5756c75c..2244a504 100644
--- a/.github/workflows/deploy-published-releases.yaml
+++ b/.github/workflows/deploy-published-releases.yaml
@@ -14,7 +14,27 @@ env:
   PREVIEW_WIDGET_URL: https://cdn.croct.io/js/v1/lib/plug/widget-${{ github.ref_name }}.html
 
 jobs:
+  publish-npm:
+    uses: croct-tech/github-workflows/.github/workflows/general/publish-npm-package.yml@unify-workflows
+    with:
+      node-version: "23"
+      publish-access: "public"
+      prepare-script: >-
+        cp LICENSE README.md build/ &&
+        cd build &&
+        find . -type f -path '*/*\.js.map' -exec sed -i -e "s~../src~src~" {} + &&
+        sed -i -e "s~\"version\": \"0.0.0-dev\"~\"version\": \"${GITHUB_REF##*/}\"~" package.json &&
+        sed -i -e "s~<@cdnUrl@>~${CDN_URL}~" constants.* &&
+        sed -i -e "s~<@playgroundOrigin@>~${PLAYGROUND_ORIGIN}~" constants.* &&
+        sed -i -e "s~<@playgroundConnectUrl@>~${PLAYGROUND_CONNECT_URL}~" constants.* &&
+        sed -i -e "s~<@previewWidgetOrigin@>~${PREVIEW_WIDGET_ORIGIN}~" constants.* &&
+        sed -i -e "s~<@previewWidgetUrl@>~${PREVIEW_WIDGET_URL}~" constants.*
+    secrets:
+      NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
+
   deploy-library:
+    if: ${{ !github.event.release.prerelease }}
+    needs: publish-npm
     permissions:
       id-token: write # This is required for requesting the JWT
       contents: read  # This is required for actions/checkout
@@ -37,44 +57,9 @@ jobs:
 
       - name: Install dependencies
         if: steps.cache-dependencies.outputs.cache-hit != 'true'
-        run: |-
-          npm ci
-          rm -rf ~/.npmrc
-
-      - name: Build package
-        run: |-
-          npm run build
-
-      - name: Prepare release
-        run: |-
-          cp LICENSE README.md build/
-          cd build
-          find . -type f -path '*/*\.js.map' -exec sed -i -e "s~../src~src~" {} +
-          sed -i -e "s~\"version\": \"0.0.0-dev\"~\"version\": \"${GITHUB_REF##*/}\"~" package.json
-          sed -i -e "s~<@cdnUrl@>~${CDN_URL}~" constants.*
-          sed -i -e "s~<@playgroundOrigin@>~${PLAYGROUND_ORIGIN}~" constants.*
-          sed -i -e "s~<@playgroundConnectUrl@>~${PLAYGROUND_CONNECT_URL}~" constants.*
-          sed -i -e "s~<@previewWidgetOrigin@>~${PREVIEW_WIDGET_ORIGIN}~" constants.*
-          sed -i -e "s~<@previewWidgetUrl@>~${PREVIEW_WIDGET_URL}~" constants.*
-
-      - name: Publish pre-release to NPM
-        if: ${{ github.event.release.prerelease }}
-        run: |-
-          cd build
-          npm publish --access public --tag next
-        env:
-          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
-
-      - name: Publish release to NPM
-        if: ${{ !github.event.release.prerelease }}
-        run: |-
-          cd build
-          npm publish --access public
-        env:
-          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
+        run: npm ci
 
       - name: Bundle package
-        if: ${{ !github.event.release.prerelease }}
         run: |-
           rm -rf build
           npm run bundle -- --config-cdn-url=${CDN_URL} \
@@ -85,7 +70,6 @@ jobs:
 
       - id: 'auth'
         name: 'Authenticate to Google Cloud'
-        if: ${{ !github.event.release.prerelease }}
         uses: 'google-github-actions/auth@v3'
         with:
           workload_identity_provider: '${{ secrets.GCLOUD_WORKLOAD_IDENTITY }}'
@@ -95,7 +79,6 @@ jobs:
         uses: google-github-actions/setup-gcloud@v3
 
       - name: Deploy to GCS
-        if: ${{ !github.event.release.prerelease }}
         env:
           GCLOUD_BUCKET: ${{ secrets.GCLOUD_BUCKET }}
         run: |-
diff --git a/.github/workflows/library-validations.yaml b/.github/workflows/library-validations.yaml
index 9a4c209c..bb500c12 100644
--- a/.github/workflows/library-validations.yaml
+++ b/.github/workflows/library-validations.yaml
@@ -12,92 +12,9 @@ on:
       - opened
 
 jobs:
-  security-checks:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v6
-      - uses: actions/setup-node@v6
-        with:
-          node-version: 23
-
-      - name: Cache dependencies
-        id: cache-dependencies
-        uses: actions/cache@v5
-        with:
-          path: node_modules
-          key: node_modules-${{ hashFiles('package-lock.json') }}
-
-      - name: Install dependencies
-        if: steps.cache-dependencies.outputs.cache-hit != 'true'
-        run: npm ci
-
-      - name: Check dependency vulnerabilities
-        run: npm audit
-
-  validate:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v6
-      - uses: actions/setup-node@v6
-        with:
-          node-version: 23
-
-      - name: Cache dependencies
-        id: cache-dependencies
-        uses: actions/cache@v5
-        with:
-          path: node_modules
-          key: node_modules-${{ hashFiles('package-lock.json') }}
-
-      - name: Install dependencies
-        if: steps.cache-dependencies.outputs.cache-hit != 'true'
-        run: npm ci
-
-      - name: Check compilation errors
-        run: npm run validate
-
-  lint:
-    runs-on: ubuntu-latest
-    needs: [ validate ]
-    steps:
-      - uses: actions/checkout@v6
-      - uses: actions/setup-node@v6
-        with:
-          node-version: 23
-
-      - name: Cache dependencies
-        id: cache-dependencies
-        uses: actions/cache@v5
-        with:
-          path: node_modules
-          key: node_modules-${{ hashFiles('package-lock.json') }}
-
-      - name: Install dependencies
-        if: steps.cache-dependencies.outputs.cache-hit != 'true'
-        run: npm ci
-
-      - name: Check coding standard violations
-        run: npm run lint
-
-  test:
-    runs-on: ubuntu-latest
-    needs: [ validate ]
-    steps:
-      - uses: actions/checkout@v6
-      - uses: actions/setup-node@v6
-        with:
-          node-version: 23
-
-      - name: Cache dependencies
-        id: cache-dependencies
-        uses: actions/cache@v5
-        with:
-          path: node_modules
-          key: node_modules-${{ hashFiles('package-lock.json') }}
-
-      - name: Install dependencies
-        if: steps.cache-dependencies.outputs.cache-hit != 'true'
-        run: npm ci
-
-      - name: Run tests
-        run: npm run test
+  validations:
+    uses: croct-tech/github-workflows/.github/workflows/general/javascript-validations.yml@unify-workflows
+    with:
+      node-version: '23'
+      run-security: true
+      use-private-registry: false

From a17ad4ff715ab35b76877829e50417ca0b78d3e8 Mon Sep 17 00:00:00 2001
From: Denis Rossati Ramos <denis.rossatiramos@gmail.com>
Date: Wed, 1 Apr 2026 16:10:01 -0300
Subject: [PATCH 2/3] Update workflow

---
 .github/workflows/deploy-published-releases.yaml | 2 +-
 .github/workflows/library-validations.yaml       | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/deploy-published-releases.yaml b/.github/workflows/deploy-published-releases.yaml
index 2244a504..b6dd7a42 100644
--- a/.github/workflows/deploy-published-releases.yaml
+++ b/.github/workflows/deploy-published-releases.yaml
@@ -15,7 +15,7 @@ env:
 
 jobs:
   publish-npm:
-    uses: croct-tech/github-workflows/.github/workflows/general/publish-npm-package.yml@unify-workflows
+    uses: croct-tech/github-workflows/.github/workflows/publish-npm-package.yml@unify-workflows
     with:
       node-version: "23"
       publish-access: "public"
diff --git a/.github/workflows/library-validations.yaml b/.github/workflows/library-validations.yaml
index bb500c12..fbf2199e 100644
--- a/.github/workflows/library-validations.yaml
+++ b/.github/workflows/library-validations.yaml
@@ -13,7 +13,7 @@ on:
 
 jobs:
   validations:
-    uses: croct-tech/github-workflows/.github/workflows/general/javascript-validations.yml@unify-workflows
+    uses: croct-tech/github-workflows/.github/workflows/javascript-validation.yml@unify-workflows
     with:
       node-version: '23'
       run-security: true

From 4c597e508016f479991be48d2af43620459c9879 Mon Sep 17 00:00:00 2001
From: Denis Rossati Ramos <denis.rossatiramos@gmail.com>
Date: Mon, 6 Apr 2026 15:44:18 -0300
Subject: [PATCH 3/3] Set default node version

---
 .github/workflows/deploy-published-releases.yaml | 1 -
 .github/workflows/library-validations.yaml       | 3 +--
 2 files changed, 1 insertion(+), 3 deletions(-)

diff --git a/.github/workflows/deploy-published-releases.yaml b/.github/workflows/deploy-published-releases.yaml
index b6dd7a42..d393ba5a 100644
--- a/.github/workflows/deploy-published-releases.yaml
+++ b/.github/workflows/deploy-published-releases.yaml
@@ -17,7 +17,6 @@ jobs:
   publish-npm:
     uses: croct-tech/github-workflows/.github/workflows/publish-npm-package.yml@unify-workflows
     with:
-      node-version: "23"
       publish-access: "public"
       prepare-script: >-
         cp LICENSE README.md build/ &&
diff --git a/.github/workflows/library-validations.yaml b/.github/workflows/library-validations.yaml
index fbf2199e..d1b1c412 100644
--- a/.github/workflows/library-validations.yaml
+++ b/.github/workflows/library-validations.yaml
@@ -13,8 +13,7 @@ on:
 
 jobs:
   validations:
-    uses: croct-tech/github-workflows/.github/workflows/javascript-validation.yml@unify-workflows
+    uses: croct-tech/renovate-public-presets/.github/workflows/javascript-validations.yml@unify-workflows
     with:
-      node-version: '23'
       run-security: true
       use-private-registry: false