Publish to npm registry #505
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: 📦 Publish @socketsecurity/cli to npm registry | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| debug: | |
| description: 'Enable debug output' | |
| required: false | |
| default: '0' | |
| type: string | |
| options: | |
| - '0' | |
| - '1' | |
| js-fallback: | |
| description: 'Publish JS-only fallback version (no native binaries)' | |
| required: false | |
| type: boolean | |
| default: false | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| id-token: write | |
| steps: | |
| - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| with: | |
| autocrlf: false | |
| - uses: SocketDev/socket-registry/.github/actions/setup@d8ff3b0581d799466cfbf150f715c1a4bf9f84a5 # main | |
| with: | |
| scope: '@socketsecurity' | |
| - name: Cache yoga-layout WASM | |
| id: cache-yoga | |
| uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 | |
| with: | |
| path: packages/yoga-layout/build/wasm | |
| key: yoga-wasm-${{ hashFiles('packages/yoga-layout/package.json', 'packages/yoga-layout/yoga/**') }} | |
| restore-keys: | | |
| yoga-wasm- | |
| - name: Verify yoga-layout WASM cache | |
| run: | | |
| if [ ! -f packages/yoga-layout/build/wasm/yoga.wasm ]; then | |
| echo "❌ yoga-layout WASM not found in cache" | |
| echo "Build yoga-layout locally and push to trigger cache update" | |
| echo "Run: pnpm --filter @socketsecurity/yoga-layout run build" | |
| exit 1 | |
| fi | |
| echo "✓ yoga-layout WASM found in cache" | |
| - run: npm install -g npm@latest | |
| - run: pnpm install | |
| # Build and publish 'socket' package (default). | |
| - name: Prepare socket package for publishing | |
| run: | | |
| SOCKET_VERSION=$(node -p "require('./packages/socket/package.json').version") | |
| echo "Socket version: $SOCKET_VERSION" | |
| echo "SOCKET_VERSION=$SOCKET_VERSION" >> $GITHUB_ENV | |
| node scripts/prepare-package-for-publish.mjs packages/socket | |
| - name: Build socket package | |
| run: INLINED_SOCKET_CLI_PUBLISHED_BUILD=1 pnpm run build | |
| - name: Validate socket package | |
| run: pnpm --filter socket run verify | |
| - name: Publish socket package | |
| working-directory: packages/socket | |
| run: npm publish --provenance --access public --no-git-checks | |
| continue-on-error: true | |
| env: | |
| SOCKET_CLI_DEBUG: ${{ inputs.debug }} | |
| # Build and publish '@socketsecurity/cli' package (legacy). | |
| - name: Prepare @socketsecurity/cli package for publishing | |
| run: node scripts/prepare-package-for-publish.mjs packages/cli ${{ env.SOCKET_VERSION }} | |
| - name: Build @socketsecurity/cli package | |
| run: INLINED_SOCKET_CLI_PUBLISHED_BUILD=1 INLINED_SOCKET_CLI_LEGACY_BUILD=1 pnpm run build | |
| env: | |
| SOCKET_CLI_DEBUG: ${{ inputs.debug }} | |
| - name: Validate @socketsecurity/cli package | |
| run: pnpm --filter @socketsecurity/cli run verify | |
| - name: Publish @socketsecurity/cli package | |
| working-directory: packages/cli | |
| run: npm publish --provenance --access public --no-git-checks | |
| continue-on-error: true | |
| env: | |
| SOCKET_CLI_DEBUG: ${{ inputs.debug }} | |
| # Build and publish '@socketsecurity/cli-with-sentry' package. | |
| - name: Prepare @socketsecurity/cli-with-sentry package for publishing | |
| run: node scripts/prepare-package-for-publish.mjs packages/cli-with-sentry ${{ env.SOCKET_VERSION }} | |
| - name: Build @socketsecurity/cli-with-sentry package | |
| run: INLINED_SOCKET_CLI_PUBLISHED_BUILD=1 INLINED_SOCKET_CLI_SENTRY_BUILD=1 pnpm run build --target cli-sentry | |
| env: | |
| SOCKET_CLI_DEBUG: ${{ inputs.debug }} | |
| - name: Validate @socketsecurity/cli-with-sentry package | |
| run: pnpm --filter @socketsecurity/cli-with-sentry run verify | |
| - name: Publish @socketsecurity/cli-with-sentry package | |
| working-directory: packages/cli-with-sentry | |
| run: npm publish --provenance --access public --no-git-checks | |
| continue-on-error: true | |
| env: | |
| SOCKET_CLI_DEBUG: ${{ inputs.debug }} | |
| # Build and publish JS-only fallback version (when native binaries fail). | |
| - name: Build JS-only fallback package | |
| if: ${{ inputs.js-fallback }} | |
| working-directory: packages/cli | |
| run: pnpm run build:js | |
| - name: Validate JS-only fallback package | |
| if: ${{ inputs.js-fallback }} | |
| working-directory: packages/cli | |
| run: | | |
| # Verify build artifacts exist | |
| test -f dist/index.js || exit 1 | |
| test -f dist/cli.js.bz || exit 1 | |
| echo "✓ JS-only fallback package built successfully" | |
| - name: Publish JS-only fallback package | |
| if: ${{ inputs.js-fallback }} | |
| working-directory: packages/cli | |
| run: npm publish --provenance --access public --no-git-checks | |
| continue-on-error: true |