Publish to npm registry #499
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: 📦 Publish @socketsecurity/cli to npm registry | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| debug: | |
| description: 'Enable debug output' | |
| required: false | |
| default: '0' | |
| type: string | |
| options: | |
| - '0' | |
| - '1' | |
| js-fallback: | |
| description: 'Publish JS-only fallback version (no native binaries)' | |
| required: false | |
| type: boolean | |
| default: false | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| id-token: write | |
| steps: | |
| - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| with: | |
| autocrlf: false | |
| - uses: SocketDev/socket-registry/.github/actions/setup@d8ff3b0581d799466cfbf150f715c1a4bf9f84a5 # main | |
| with: | |
| scope: '@socketsecurity' | |
| - name: Cache build artifacts (external files) | |
| uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 | |
| with: | |
| path: packages/cli/external | |
| key: socket-cli-external-${{ hashFiles('packages/cli/package.json') }} | |
| restore-keys: | | |
| socket-cli-external- | |
| - run: npm install -g npm@latest | |
| - run: pnpm install | |
| # Build and publish 'socket' package (default). | |
| - name: Prepare socket package for publishing | |
| run: | | |
| SOCKET_VERSION=$(node -p "require('./packages/socket/package.json').version") | |
| echo "Socket version: $SOCKET_VERSION" | |
| echo "SOCKET_VERSION=$SOCKET_VERSION" >> $GITHUB_ENV | |
| node scripts/prepare-package-for-publish.mjs packages/socket | |
| - name: Build socket package | |
| run: INLINED_SOCKET_CLI_PUBLISHED_BUILD=1 pnpm run build | |
| - name: Validate socket package | |
| run: node scripts/pre-publish-validate.mjs | |
| - name: Publish socket package | |
| run: cd dist && npm publish --provenance --access public --no-git-checks | |
| continue-on-error: true | |
| env: | |
| SOCKET_CLI_DEBUG: ${{ inputs.debug }} | |
| # Build and publish '@socketsecurity/cli' package (legacy). | |
| - name: Prepare @socketsecurity/cli package for publishing | |
| run: node scripts/prepare-package-for-publish.mjs packages/cli ${{ env.SOCKET_VERSION }} | |
| - name: Build @socketsecurity/cli package | |
| run: INLINED_SOCKET_CLI_PUBLISHED_BUILD=1 INLINED_SOCKET_CLI_LEGACY_BUILD=1 pnpm run build | |
| env: | |
| SOCKET_CLI_DEBUG: ${{ inputs.debug }} | |
| - name: Validate @socketsecurity/cli package | |
| run: node scripts/pre-publish-validate.mjs | |
| - name: Publish @socketsecurity/cli package | |
| run: cd dist && npm publish --provenance --access public --no-git-checks | |
| continue-on-error: true | |
| env: | |
| SOCKET_CLI_DEBUG: ${{ inputs.debug }} | |
| # Build and publish '@socketsecurity/cli-with-sentry' package. | |
| - name: Prepare @socketsecurity/cli-with-sentry package for publishing | |
| run: node scripts/prepare-package-for-publish.mjs packages/cli-with-sentry ${{ env.SOCKET_VERSION }} | |
| - name: Build @socketsecurity/cli-with-sentry package | |
| run: INLINED_SOCKET_CLI_PUBLISHED_BUILD=1 INLINED_SOCKET_CLI_SENTRY_BUILD=1 pnpm run build | |
| env: | |
| SOCKET_CLI_DEBUG: ${{ inputs.debug }} | |
| - name: Validate @socketsecurity/cli-with-sentry package | |
| run: node scripts/pre-publish-validate.mjs | |
| - name: Publish @socketsecurity/cli-with-sentry package | |
| run: cd dist && npm publish --provenance --access public --no-git-checks | |
| continue-on-error: true | |
| env: | |
| SOCKET_CLI_DEBUG: ${{ inputs.debug }} | |
| # Build and publish JS-only fallback version (when native binaries fail). | |
| - name: Build JS-only fallback package | |
| if: ${{ inputs.js-fallback }} | |
| working-directory: packages/cli | |
| run: pnpm run build:js | |
| - name: Validate JS-only fallback package | |
| if: ${{ inputs.js-fallback }} | |
| working-directory: packages/cli | |
| run: | | |
| # Verify build artifacts exist | |
| test -f dist/cli.js || exit 1 | |
| test -f dist/npm-cli.js || exit 1 | |
| test -f dist/npx-cli.js || exit 1 | |
| test -f dist/pnpm-cli.js || exit 1 | |
| test -f dist/yarn-cli.js || exit 1 | |
| echo "✓ JS-only fallback package built successfully" | |
| - name: Publish JS-only fallback package | |
| if: ${{ inputs.js-fallback }} | |
| working-directory: packages/cli | |
| run: npm publish --provenance --access public --no-git-checks | |
| continue-on-error: true |