--- name: Publish on: push: branches: - main permissions: contents: read env: NPM_TOKEN: ${{ secrets.NPM_TOKEN }} jobs: Linter: name: Lint runs-on: ubuntu-latest timeout-minutes: 15 permissions: statuses: write contents: read packages: read issues: write pull-requests: write steps: - name: Run PR Lint # https://github.com/ivuorinen/actions uses: ivuorinen/actions/pr-lint@fb25736f7e7a438979c11764e9fe6a100278b4c5 # v2026.01.06 publish: name: Publish runs-on: ubuntu-latest needs: - Linter permissions: contents: write # to be able to publish a GitHub release issues: write # to be able to comment on released issues pull-requests: write # to be able to comment on released pull requests id-token: write # to enable use of OIDC for npm provenance steps: - name: Checkout uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 - name: Setup Node.js Environment uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 with: always-auth: true node-version-file: '.nvmrc' registry-url: 'https://registry.npmjs.org' scope: '@ivuorinen' - name: Install and enable corepack shell: sh run: npm install -g corepack --force && corepack enable - name: Cache Node Modules uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 id: cache with: path: node_modules key: node-modules-${{ hashFiles('**/yarn.lock') }} - name: Install Dependencies shell: bash if: steps.cache.outputs.cache-hit != 'true' run: yarn install - name: Semantic Release uses: cycjimmy/semantic-release-action@b12c8f6015dc215fe37bc154d4ad456dd3833c90 # v6.0.0 with: extra_plugins: | @semantic-release/changelog @semantic-release/github @semantic-release/npm env: GITHUB_TOKEN: ${{ secrets.PAT }} NPM_TOKEN: ${{ secrets.NPM_TOKEN }}