Skip to content
Publish Packages to npm

Publish Packages to npm #11

Sign in to view logs

Publish Packages to npm

Publish Packages to npm #11

Workflow file for this run

.github/workflows/provenance.yml at e70a902
# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
name: Publish Packages to npm
on:
workflow_dispatch:
inputs:
debug:
description: 'Enable debug output'
required: false
default: '0'
type: string
options:
- '0'
- '1'
jobs:
build:
runs-on: ubuntu-latest
permissions:
contents: write
id-token: write
steps:
- uses: actions/checkout@v5
- uses: actions/setup-node@v5
with:
node-version: '22'
registry-url: 'https://registry.npmjs.org'
cache: npm
scope: '@socketregistry'
- run: npm install -g npm@latest
- run: npm ci
- name: Build package
run: npm run build
- name: Get package version
id: package-version
run: echo "version=$(node -p "require('./package.json').version")" >> $GITHUB_OUTPUT
- run: npm pack
- run: npm publish --provenance --access public
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
SOCKET_CLI_DEBUG: ${{ inputs.debug }}
- name: Create GitHub Release
id: create_release
uses: actions/create-release@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: v${{ steps.package-version.outputs.version }}
release_name: Release v${{ steps.package-version.outputs.version }}
body: |
Release of @socketsecurity/mcp v${{ steps.package-version.outputs.version }}
This release has been published to npm with provenance.
draft: false
prerelease: false
- name: Upload Package to Release
uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ steps.create_release.outputs.upload_url }}
asset_path: ./socketsecurity-mcp-${{ steps.package-version.outputs.version }}.tgz
asset_name: socketsecurity-mcp-${{ steps.package-version.outputs.version }}.tgz
asset_content_type: application/gzip