Skip to content

Pin third-party GitHub Actions to SHAs (#842) #172

Pin third-party GitHub Actions to SHAs (#842)

Pin third-party GitHub Actions to SHAs (#842) #172

Workflow file for this run

name: release
on:
push:
branches:
- main
permissions:
id-token: write # Required for OIDC
contents: write
pull-requests: write
concurrency: ${{ github.workflow }}-${{ github.ref }}
jobs:
release:
name: Release
runs-on: ubuntu-latest
steps:
- name: Checkout Repo
uses: actions/checkout@v6
- name: Setup Node.js
uses: actions/setup-node@v6
with:
node-version: lts/*
- name: Install dependencies
run: npm ci --no-fund --no-audit
- name: Build
run: npm run build
- name: Create Release Pull Request or Publish
id: changesets
uses: changesets/action@a45c4d594aa4e2c509dc14a9f2b3b67ba3780d0d
with:
# Note: pnpm install after versioning is necessary to refresh lockfile
version: npm run version
publish: npm run release:local
commit: "[ci] release"
title: "[ci] release"
env:
# Needs access to push to main
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}