diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 5e1724b..4d6b946 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -6,10 +6,7 @@ concurrency: cancel-in-progress: true permissions: - contents: write # to be able to publish a GitHub release - issues: write # to be able to comment on released issues - pull-requests: write # to be able to comment on released pull requests - id-token: write # to enable use of OIDC for npm provenance + contents: read jobs: validate: @@ -36,26 +33,25 @@ jobs: name: 🚀 Release needs: [validate] runs-on: ubuntu-latest - if: - ${{ github.repository == 'epicweb-dev/config' && - contains('refs/heads/main,refs/heads/beta,refs/heads/next,refs/heads/alpha', - github.ref) && github.event_name == 'push' }} + permissions: + contents: write # to be able to publish a GitHub release + id-token: write # to enable use of OIDC for npm provenance + issues: write # to be able to comment on released issues + pull-requests: write # to be able to comment on released pull requests + if: ${{ github.repository == 'epicweb-dev/config' && github.event_name == 'push' }} steps: - name: ⬇️ Checkout repo - uses: actions/checkout@v5 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5 - name: ⎔ Setup node - uses: actions/setup-node@v6 - with: - node-version: lts/* - - - name: 📥 Download deps - uses: bahmutov/npm-install@v1 + uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6 with: - useLockFile: false + node-version: 24 + registry-url: https://registry.npmjs.org + package-manager-cache: false - name: 🚀 Release - uses: cycjimmy/semantic-release-action@v5.0.2 + uses: cycjimmy/semantic-release-action@ba330626c4750c19d8299de843f05c7aa5574f62 # v5.0.2 with: semantic_version: 25 branches: | @@ -70,3 +66,4 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} NPM_CONFIG_PROVENANCE: true + NPM_CONFIG_IGNORE_SCRIPTS: true