Skip to content

fix: security vulnerabilities (#502) #396

fix: security vulnerabilities (#502)

fix: security vulnerabilities (#502) #396

name: Release
on:
release:
types: [published]
push:
branches: [master]
permissions:
contents: read # for checkout
jobs:
release:
name: Release
runs-on: ubuntu-latest
environment: Production
permissions:
contents: write # to be able to publish a GitHub release
issues: write # to be able to comment on released issues
pull-requests: write # to be able to comment on released pull requests
id-token: write # to enable use of OIDC for npm provenance
steps:
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
with:
fetch-depth: 0
- name: Setup Node.js
uses: actions/setup-node@b39b52d1213e96004bfcb1c61a8a6fa8ab84f3e8
with:
node-version: '20'
- name: Update to latest npm (temporary fix for audit below)
run: npm install --global npm
- name: Install dependencies
run: npm clean-install
- name: Verify the integrity of provenance attestations and registry signatures for installed dependencies
run: npm audit signatures
- name: Prepublish
run: npm run build
- name: Run tests and generate coverage report
run: npm run test:report
- name: Release
if: success()
env:
CI: true
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN}}
run: npx semantic-release