Drop trustPolicy: no-downgrade from workspace (blocks fresh CI reso…
#15
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy to safe26.hccs.dev GitHub Pages | |
| on: | |
| push: { branches: [main] } | |
| workflow_dispatch: | |
| jobs: | |
| ghp: | |
| name: Build/Deploy to GitHub Pages | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: pnpm/action-setup@v4 | |
| with: | |
| version: 10 | |
| - uses: actions/setup-node@v4 | |
| with: | |
| node-version: 22 | |
| cache: pnpm | |
| # The deck pulls `@slidev/*` from pkg.pr.new continuous-release builds | |
| # (see `package.json` → `pnpm.overrides`), so there's no fork checkout to | |
| # build here anymore. `playwright-chromium`'s postinstall fetches the | |
| # headless browser that `slidev build` uses to render per-slide OG shells. | |
| # | |
| # Drop the committed lockfile first: pkg.pr.new tarballs are recorded as | |
| # `{tarball: url}` with no integrity hash, so a clean store can't verify | |
| # them (ERR_PNPM_MISSING_TARBALL_INTEGRITY). Resolving fresh sidesteps | |
| # that — the `@slidev/*` SHAs stay pinned via `pnpm.overrides`. | |
| - run: rm -f pnpm-lock.yaml && pnpm i --no-frozen-lockfile | |
| # Belt + suspenders: guarantee the browser is present even if a cached | |
| # pnpm store skipped the postinstall (the binary lives outside the store, | |
| # in ~/.cache/ms-playwright, which isn't cached between runs). | |
| - run: pnpm exec playwright install --with-deps chromium | |
| - run: pnpm build | |
| - uses: JamesIves/github-pages-deploy-action@v4 | |
| with: | |
| branch: gh-pages | |
| folder: dist |