Publish to npm #1

Summary
Jobs
- publish
Run details
- Usage
- Workflow file

Workflow file for this run

.github/workflows/publish.yml at 53de59c

	name: Publish to npm

	on:
	release:
	types: [released]
	workflow_dispatch:
	inputs:
	tag_name:
	description: "Release tag (e.g., v1.2.3)"
	required: true
	release_id:
	description: "GitHub release ID"
	required: true

	concurrency:
	group: publish
	cancel-in-progress: true

	permissions:
	contents: write
	packages: write

	env:
	NODE_VERSION: 22

	jobs:
	publish:
	runs-on: ubuntu-latest
	if: github.event.release.prerelease == false
	steps:
	- uses: actions/checkout@v4
	with:
	ref: ${{ github.event.release.tag_name \|\| inputs.tag_name }}

	- name: Setup Node
	uses: actions/setup-node@v4
	with:
	node-version: ${{ env.NODE_VERSION }}

	- name: Configure npm authentication
	run: \|
	echo "//registry.npmjs.org/:_authToken=${{ secrets.NPM_TOKEN }}" > ~/.npmrc

	- name: Download release assets
	uses: actions/github-script@v7
	env:
	RELEASE_ID: ${{ inputs.release_id }}
	with:
	script: \|
	const fs = require('fs');
	const path = require('path');

	const releaseId = context.payload.release?.id \|\| process.env.RELEASE_ID;
	console.log("releaseId:", releaseId);

	if (!releaseId) {
	core.setFailed('No release ID found.');
	return;
	}

	const release = await github.rest.repos.getRelease({
	owner: context.repo.owner,
	repo: context.repo.repo,
	release_id: releaseId
	});

	const tgzAsset = release.data.assets.find(asset => asset.name.endsWith('.tgz'));

	if (!tgzAsset) {
	core.setFailed('No .tgz file found in release assets');
	return;
	}

	const response = await github.rest.repos.getReleaseAsset({
	owner: context.repo.owner,
	repo: context.repo.repo,
	asset_id: tgzAsset.id,
	headers: {
	Accept: 'application/octet-stream'
	}
	});

	const filePath = path.join('npx-cli', tgzAsset.name);
	fs.writeFileSync(filePath, Buffer.from(response.data));

	console.log(`Downloaded ${tgzAsset.name} to ${filePath}`);

	core.setOutput('package-file', filePath);
	core.setOutput('package-name', tgzAsset.name);

	- name: Verify package integrity
	id: verify
	run: \|
	cd npx-cli
	ls -la *.tgz
	PACKAGE_FILE=$(ls *.tgz \| head -n1)
	echo "package-file=$PACKAGE_FILE" >> $GITHUB_OUTPUT

	- name: Publish to npm
	run: \|
	cd npx-cli
	PACKAGE_FILE="${{ steps.verify.outputs.package-file }}"
	echo "Publishing $PACKAGE_FILE to npm..."
	npm publish "$PACKAGE_FILE" --provenance --access public
	echo "✅ Successfully published to npm!"
	env:
	NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

	- name: Update release description
	uses: actions/github-script@v7
	env:
	RELEASE_ID: ${{ inputs.release_id }}
	with:
	script: \|
	const releaseId = context.payload.release?.id \|\| process.env.RELEASE_ID;

	const release = await github.rest.repos.getRelease({
	owner: context.repo.owner,
	repo: context.repo.repo,
	release_id: releaseId
	});

	const currentBody = release.data.body \|\| '';
	await github.rest.repos.updateRelease({
	owner: context.repo.owner,
	repo: context.repo.repo,
	release_id: releaseId,
	body: currentBody + '\n\n✅ Published to npm registry'
	});

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Publish to npm #1

Workflow file

Publish to npm #1

Uh oh!

Jobs

Run details

Workflow file for this run