You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Only publishes if the version number in `package.json` differs from the latest on npm.
21
21
22
-
- 🛠 **Configurable**
22
+
- 🛠 **Configurable**
23
23
Customize the version-checking behavior, the registry URL, and path of your package.
24
24
25
-
- 🔐 **Secure**
25
+
- 🔐 **Secure**
26
26
Keeps your npm authentication token secret. Doesn't read nor write to `~/.npmrc`.
27
27
28
-
- ⚡ **Fast**
28
+
- ⚡ **Fast**
29
29
100% JavaScript (which is faster than Docker) and bundled to optimize loading time.
30
30
31
-
- 📤 **Outputs**
31
+
- 📤 **Outputs**
32
32
Exposes the old and new version numbers, and the type of change (major, minor, patch, etc.) as variables that you can use in your workflow.
33
33
34
34
## Usage
@@ -287,17 +287,17 @@ For more detailed change logs, see [releases][].
287
287
288
288
### v2 to v3
289
289
290
-
The v3 release does not require any changes to how you use `npm-publish`. The version of Node.js used by the action was updated to v20 due to GitHub Action's [deprecation of Node.js v16][node16-deprecation]. The minimum required version of Node.js for the library and CLI remains v16.
290
+
The v3 release does not require any changes to how you use `npm-publish` from `v2`. The version of Node.js used by the action was updated to v20 due to GitHub Action's [deprecation of Node.js v16][node16-deprecation]. The minimum required version of Node.js for the library and CLI remains v16.
The v2 release made several breaking changes to inputs, outputs, and behaviors. The examples below focus on the action, but the same updates are applicable to the library and CLI, too.
296
+
The v2 release made several breaking changes to inputs, outputs, and behaviors that were present in `v1`. The examples below focus on the action, but the same changes are applicable to the library and CLI, too.
297
297
298
298
#### v2 option changes
299
299
300
-
The `check-version` and `greater-version-only` boolean options have been replaced with the single `strategy` option:
300
+
The `check-version` and `greater-version-only` boolean options were replaced with the `strategy` option:
301
301
302
302
- `strategy: all` (default) will publish any version that does not yet exist in the registry
303
303
- `strategy: upgrade` will publish only if the version is a semver upgrade of the requested `dist-tag`
@@ -353,17 +353,19 @@ The `--ignore-scripts` option is now passed to `npm publish` as a security preca
353
353
+ - run: npm run build
354
354
355
355
- - uses: JS-DevTools/npm-publish@v1
356
-
+ - uses: JS-DevTools/npm-publish@v2
356
+
+ - uses: JS-DevTools/npm-publish@v3
357
357
with:
358
358
token: ${{ secrets.NPM_TOKEN }}
359
359
```
360
360
361
361
If you can't change your build, you can set the `ignore-scripts` input to `false` as a workaround. Be aware that failures during a lifecycle script can be difficult to debug, and any `stdout`/`stderr` output from your build script could interfere with how `npm-publish` interprets results from the `npm` CLI.
362
362
363
363
```diff
364
-
with:
365
-
token: ${{ secrets.NPM_TOKEN }}
366
-
+ ignore-scripts: false
364
+
- - uses: JS-DevTools/npm-publish@v1
365
+
+ - uses: JS-DevTools/npm-publish@v3
366
+
with:
367
+
token: ${{ secrets.NPM_TOKEN }}
368
+
+ ignore-scripts: false
367
369
```
368
370
369
371
The global `.npmrc` file is no longer read nor modified. This means the `token` option is now required for the library and CLI. (It was already required for the action.) You may have workarounds in place referencing `INPUT_TOKEN`, which v1 [erroneously wrote][#15] to `.npmrc`. These workarounds should be removed.
@@ -375,7 +377,7 @@ The global `.npmrc` file is no longer read nor modified. This means the `token`
0 commit comments