Bump github/codeql-action from 3 to 4 (#2319) #74
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| push: | |
| branches: | |
| - main | |
| # This workflow will run changesets depending on two different scenarios: | |
| # | |
| # 1. If we are landing a specific commit into main (Author PR), then | |
| # changesets will check if there are changes verifying the Markdown files | |
| # generated automatically: | |
| # | |
| # a) There are new versions and there's NO Release PR, then the changesets | |
| # action will create a new Release PR. | |
| # | |
| # b) There's a Release PR, then the changesets action will update the | |
| # existing Release PR with the new commit. | |
| # | |
| # NOTE: (in both cases, changesets will modify the new version in | |
| # package.json for each package, and will remove the MD files as part of the | |
| # Release PR). | |
| # | |
| # 2. If we are landing the Release PR into main, then the changesets action | |
| # will publish the changes to npm. | |
| # | |
| # For more info about this workflow, see: | |
| # https://github.com/changesets/action#usage | |
| jobs: | |
| release: | |
| name: Release | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 0 | |
| persist-credentials: false | |
| - uses: pnpm/action-setup@v4 | |
| name: Install pnpm | |
| with: | |
| run_install: false | |
| package_json_file: 'package.json' | |
| - name: Use Node.js 20.x | |
| uses: actions/setup-node@v5 | |
| with: | |
| node-version: '20.x' | |
| cache: 'pnpm' | |
| cache-dependency-path: 'pnpm-lock.yaml' | |
| - name: Install Dependencies | |
| shell: bash | |
| run: pnpm install --frozen-lockfile | |
| - name: Create Release Pull Request or Publish to npm | |
| id: changesets | |
| uses: changesets/action@v1 | |
| with: | |
| publish: pnpm publish:ci | |
| env: | |
| # We use a Personal Access Token here rather than the GITHUB_TOKEN | |
| # so that it will trigger our other actions. The token has to be on | |
| # the account of someone with appropriate access levels and given the | |
| # repo scope. | |
| GITHUB_TOKEN: ${{ secrets.BOT_PA_TOKEN }} | |
| # This is the token used to publish to npm | |
| NPM_TOKEN: ${{ secrets.NPM_TOKEN }} | |
| # This is for the upload of bundle analysis | |
| CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} |