8eb747663a
This commit updates the release pipeline to use OIDC trusted publishing now that we have configured it between GitHub Actions and NPM. This solution allows us to remove the token variable (because there is no longer a fixed token) and provenance flag (because provenance attestations are generated by default with this approach); refer to https://docs.npmjs.com/trusted-publishers for more information.
38 lines
779 B
YAML
38 lines
779 B
YAML
name: Publish release
|
|
on:
|
|
release:
|
|
types: [published]
|
|
permissions:
|
|
contents: read
|
|
id-token: write
|
|
|
|
jobs:
|
|
publish:
|
|
name: Publish
|
|
runs-on: ubuntu-latest
|
|
|
|
strategy:
|
|
matrix:
|
|
node-version: [lts/*]
|
|
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v6
|
|
with:
|
|
fetch-depth: 0
|
|
|
|
- name: Use Node.js ${{ matrix.node-version }}
|
|
uses: actions/setup-node@v6
|
|
with:
|
|
node-version: ${{ matrix.node-version }}
|
|
registry-url: 'https://registry.npmjs.org'
|
|
|
|
- name: Install dependencies
|
|
run: npm ci
|
|
|
|
- name: Build the `pdfjs-dist` library
|
|
run: npx gulp dist
|
|
|
|
- name: Publish the `pdfjs-dist` library to NPM
|
|
run: npm publish ./build/dist
|