docs: add code of conduct, contributor guidelines, security policy #5
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Release | |
# Workflow name based on selected inputs. | |
# Fallback to default GitHub naming when expression evaluates to empty string | |
run-name: >- | |
${{ | |
inputs.release && 'Release ➤ Publish to NPM' || | |
'' | |
}} | |
on: | |
pull_request: | |
push: | |
branches: [main] | |
workflow_dispatch: | |
inputs: | |
release: | |
description: 'Publish new release' | |
required: true | |
default: false | |
type: boolean | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} | |
cancel-in-progress: true | |
jobs: | |
release: | |
# only run if opt-in during workflow_dispatch | |
name: 'Release: Publish to NPM' | |
if: always() && github.event.inputs.release == 'true' | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
# Need to fetch entire commit history to | |
# analyze every commit since last release | |
fetch-depth: 0 | |
- uses: actions/setup-node@v4 | |
with: | |
node-version: lts/* | |
cache: npm | |
- run: npm ci | |
# Branches that will release new versions are defined in .releaserc.json | |
- run: npx semantic-release | |
# Don't allow interrupting the release step if the job is cancelled, as it can lead to an inconsistent state | |
# e.g. git tags were pushed but it exited before `npm publish` | |
if: always() | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
NPM_TOKEN: ${{ secrets.NPM_PUBLISH_TOKEN }} |