feat: implement automated NPM publishing with GitHub Actions

.changeset/lucky-sheep-trade.md

@@ -0,0 +1,14 @@
+---
+'@ag.ds-next/react': patch
+---
+
+feat: add automated NPM publishing with GitHub Actions
+
+- Implement test-and-publish workflow with changesets integration
+- Add automated Release PR creation from develop branch  
+- Configure secure permissions and NPM authentication
+- Optimize CI/CD with caching and parallel testing
+- Replace manual versioning with changeset-driven releases
+- Add prepublishOnly scripts to prevent manual publishing
+
+Requires: NPM_TOKEN secret for publishing to @ag.ds-next registry

.github/workflows/release.yml

@@ -1,5 +1,10 @@
 name: Release
 
+# Explicit permissions for security
+permissions:
+  contents: read
+  pull-requests: write
+
 on:
   push:
     branches:

.github/workflows/test-and-publish.yml

@@ -0,0 +1,103 @@
+name: Test & Publish
+
+# Explicit permissions for security
+permissions:
+  contents: read
+  pull-requests: write
+  id-token: write
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+  workflow_dispatch:
+
+jobs:
+  test-and-build:
+    name: Test, Lint & Build
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup Node.js 22.15.1
+        uses: actions/setup-node@v4
+        with:
+          node-version: 22.15.1
+
+      - name: Get number of CPU cores
+        id: cpu-cores
+        uses: SimenB/github-actions-cpu-cores@97ba232459a8e02ff6121db9362b09661c875ab8 # v2.0.0
+
+      - name: Get yarn cache directory path
+        id: yarn-cache-dir-path
+        run: echo "dir=$(yarn cache dir)" >> $GITHUB_OUTPUT
+
+      - uses: actions/cache@v3
+        id: yarn-cache
+        with:
+          path: |
+            ${{ steps.yarn-cache-dir-path.outputs.dir }}
+            node_modules
+          key: ${{ runner.os }}-yarn-${{ hashFiles('yarn.lock') }}
+
+      - name: Install dependencies
+        run: yarn install --frozen-lockfile
+
+      - name: Unit tests
+        run: yarn test --max-workers ${{ steps.cpu-cores.outputs.count }}
+
+      - name: Generate component props
+        run: yarn docs:generate-component-props
+
+      - name: Lint
+        run: yarn lint
+
+      - name: Build packages
+        run: yarn build
+
+  publish:
+    name: Publish to NPM
+    runs-on: ubuntu-latest
+    needs: [test-and-build]
+    if: github.ref == 'refs/heads/main' && github.event_name == 'push'
+    permissions:
+      contents: write # Needed to create releases and tags
+      pull-requests: write # Needed to create Release PRs
+      id-token: write # Needed for NPM provenance
+    steps:
+      - name: Checkout Repository
+        uses: actions/checkout@v4
+        with:
+          # This makes Actions fetch all Git history so that Changesets can generate changelogs with the correct commits
+          fetch-depth: 0
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: 22.15.1
+          cache: 'yarn'
+          registry-url: 'https://registry.npmjs.org'
+
+      - name: Install Dependencies
+        run: yarn install --frozen-lockfile
+
+      - name: Configure npm for public publishing
+        run: |
+          echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" > ~/.npmrc
+          echo "@ag.ds-next:registry=https://registry.npmjs.org" >> ~/.npmrc
+          echo "access=public" >> ~/.npmrc
+        env:
+          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
+
+      - name: Publish to NPM
+        run: |
+          echo "Publishing packages to NPM registry..."
+          yarn publish-changed
+        env:
+          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+
+      - name: Display notification if a publish happens
+        run: echo "Packages published to NPM successfully!"

.gitignore

@@ -45,3 +45,5 @@ yarn-error.log*
 
 # typescript
 *.tsbuildinfo
+
+.npmrc

package.json

@@ -34,6 +34,7 @@
 		"new:package": "plop --plopfile scripts/new-package.mjs && yarn format && yarn manypkg fix && preconstruct fix && yarn install",
 		"playroom:build": "yarn --cwd docs playroom:build",
 		"playroom:dev": "yarn --cwd docs playroom:dev",
+		"prepublishOnly": "echo 'Publishing from local machine is disabled. Use CI/CD pipeline.' && echo 'Push changes to develop branch to trigger release process.' && exit 1",
 		"publish-changed": "yarn build && yarn changeset publish",
 		"storybook:build": "storybook build -o docs/public/storybook",
 		"storybook:dev": "storybook dev --port 6006 --no-open",

packages/react/package.json

@@ -341,6 +341,9 @@
 		},
 		"./package.json": "./package.json"
 	},
+	"scripts": {
+		"prepublishOnly": "echo 'Publishing from local machine is disabled. Use CI/CD pipeline.' && echo 'Push changes to develop branch to trigger release process.' && exit 1"
+	},
 	"dependencies": {
 		"@babel/runtime": "^7.27.1",
 		"@floating-ui/react-dom": "^2.0.8",

packages/react/src/date-picker-next/utils.test.ts

@@ -324,7 +324,8 @@ describe('isValidDate', () => {
 
 	describe('minDate', () => {
 		test('returns true when it’s a valid date', () => {
-			expect(isValidDate(new Date(), { minDate: new Date() })).toEqual(true);
+			const fixedDate = new Date();
+			expect(isValidDate(fixedDate, { minDate: fixedDate })).toEqual(true);
 			expect(isValidDate('31/01/1950', { minDate: '31/01/1950' })).toEqual(
 				true
 			);