Commit 4d9402a
authored
ci: use electron/semantic-trusted-release instead of npx (#127)
Replaces unpinned npx semantic-release with the org-standard
electron/semantic-trusted-release composite action. The previous
invocation fetched semantic-release@latest from the registry on
every release with publish credentials in scope.
The .releaserc.json already matches what secret-service-action
uses (commit-analyzer, release-notes-generator, github — all
bundled with semantic-release core), so no config changes needed.
Also:
- drops the redundant setup-node step (the composite action has its own)
- adds persist-credentials: false on checkout
- adds pull-requests/issues write permissions for release comments1 parent af936f7 commit 4d9402a
1 file changed
Lines changed: 8 additions & 7 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
41 | 41 | | |
42 | 42 | | |
43 | 43 | | |
44 | | - | |
| 44 | + | |
| 45 | + | |
| 46 | + | |
45 | 47 | | |
46 | 48 | | |
47 | 49 | | |
48 | | - | |
49 | | - | |
50 | 50 | | |
51 | | - | |
52 | | - | |
53 | | - | |
54 | | - | |
| 51 | + | |
| 52 | + | |
| 53 | + | |
| 54 | + | |
| 55 | + | |
0 commit comments