File tree Expand file tree Collapse file tree 1 file changed +12
-24
lines changed Expand file tree Collapse file tree 1 file changed +12
-24
lines changed Original file line number Diff line number Diff line change @@ -12,43 +12,31 @@ jobs:
1212 contents : write
1313 issues : write
1414 pull-requests : write
15+ id-token : write
16+ packages : write
1517
1618 steps :
1719 - uses : actions/checkout@v4
1820 with :
1921 fetch-depth : 0
2022 token : ${{ secrets.RELEASE_PAT }}
2123
22- - name : Import GPG key
23- id : import_gpg
24- uses : crazy-max/ghaction-import-gpg@v6
25- with :
26- gpg_private_key : ${{ secrets.GPG_PRIVATE_KEY }}
27- passphrase : ${{ secrets.GPG_PASSPHRASE }}
28- git_config_global : true
29- git_user_signingkey : true
30- git_commit_gpgsign : true
31-
32- # Add these debug steps
33- - name : Debug GPG
34- run : |
35- echo "GPG Key ID: ${{ steps.import_gpg.outputs.keyid }}"
36- git config --global --list
37- gpg --list-secret-keys --keyid-format LONG
38-
3924 - name : Setup Node.js
4025 uses : actions/setup-node@v4
4126 with :
42- node-version : ' 20.x'
27+ node-version : ' lts/*'
28+ cache : ' npm'
4329
4430 - name : Install dependencies
45- run : |
46- npm ci
31+ run : npm ci
32+
33+ - name : Verify the integrity of provenance attestations and registry signatures
34+ run : npm audit signatures
35+
36+ - name : Build
37+ run : npm run build
4738
4839 - name : Release
4940 env :
5041 GITHUB_TOKEN : ${{ secrets.RELEASE_PAT }}
51- GPG_KEY_ID : ${{ steps.import_gpg.outputs.keyid }}
52- run : |
53- git config --global user.signingkey $GPG_KEY_ID
54- npx semantic-release
42+ run : npx semantic-release
You can’t perform that action at this time.
0 commit comments