Skip to content

chore(npm): Update release npm action to stop using tokens #30778

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 10 commits into
base: main
Choose a base branch
from
Open

chore(npm): Update release npm action to stop using tokens #30778

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
6c5268e
Updated actions setup-node and checkout to use the full commit and ad…
gnbm Nov 9, 2025
2f6b1cf
Update release yaml and consumers to use trusted publishers approach
gnbm Nov 9, 2025
b6f35b5
Update action.yml
gnbm Nov 9, 2025
2a548d1
Set the composite action’s default node-version back to 24.x
gnbm Nov 9, 2025
8ea0611
Update action.yml
gnbm Nov 9, 2025
7982930
Update .github/workflows/actions/publish-npm/action.yml
gnbm Nov 9, 2025
f422280
Removed the remaining secrets.NPM_TOKEN
gnbm Nov 10, 2025
c034f37
Rollback changes based on code review feedback
gnbm Nov 11, 2025
b81a4d0
Update action.yml
gnbm Nov 11, 2025
8e3a7fb
Update action.yml
gnbm Nov 11, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 4 additions & 4 deletions .github/workflows/actions/build-angular-server/action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,23 +3,23 @@ description: 'Build Ionic Angular Server'
runs:
using: 'composite'
steps:
- uses: actions/setup-node@v6
- uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
with:
node-version: 24.x
- uses: ./.github/workflows/actions/download-archive
with:
name: ionic-core
path: ./core
filename: CoreBuild.zip
- name: Install Angular Server Dependencies
- name: 🕸️ Install Angular Server Dependencies
run: npm ci
shell: bash
working-directory: ./packages/angular-server
- name: Sync
- name: 🔄 Sync
run: npm run sync
shell: bash
working-directory: ./packages/angular-server
- name: Build
- name: 🏗️ Build
run: npm run build.prod
shell: bash
working-directory: ./packages/angular-server
Expand Down
10 changes: 5 additions & 5 deletions .github/workflows/actions/build-angular/action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,23 +11,23 @@ runs:
name: ionic-core
path: ./core
filename: CoreBuild.zip
- name: Install Angular Dependencies
- name: 🕸️ Install Angular Dependencies
run: npm ci
shell: bash
working-directory: ./packages/angular
- name: Sync
- name: 🔄 Sync
run: npm run sync
shell: bash
working-directory: ./packages/angular
- name: Lint
- name: 🖌️ Lint
run: npm run lint
shell: bash
working-directory: ./packages/angular
- name: Build
- name: 🏗️ Build
run: npm run build
shell: bash
working-directory: ./packages/angular
- name: Check Diff
- name: 🔍 Check Diff
run: git diff --exit-code
shell: bash
working-directory: ./packages/angular
Expand Down
10 changes: 5 additions & 5 deletions .github/workflows/actions/build-core-stencil-prerelease/action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,20 +8,20 @@ inputs:
runs:
using: 'composite'
steps:
- uses: actions/checkout@v5
- uses: actions/setup-node@v6
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
- uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
with:
node-version: 24.x

- name: Install Dependencies
- name: 🕸️ Install Dependencies
run: npm ci
working-directory: ./core
shell: bash
- name: Install Stencil ${{ inputs.stencil-version }}
- name: 📦 Install Stencil ${{ inputs.stencil-version }}
working-directory: ./core
run: npm i @stencil/core@${{ inputs.stencil-version }}
shell: bash
- name: Build Core
- name: 🏗️ Build Core
run: npm run build -- --ci --debug --verbose
working-directory: ./core
shell: bash
Expand Down
10 changes: 5 additions & 5 deletions .github/workflows/actions/build-core/action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,22 +8,22 @@ inputs:
runs:
using: 'composite'
steps:
- uses: actions/checkout@v5
- uses: actions/setup-node@v6
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
- uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
with:
node-version: 24.x
- name: Install Dependencies
- name: 🕸️ Install Dependencies
run: npm install
working-directory: ./core
shell: bash
# If an Ionicons version was specified install that.
# Otherwise just use the version defined in the package.json.
- name: Install Ionicons Version
- name: 📦 Install Ionicons Version
if: inputs.ionicons-version != ''
run: npm install ionicons@${{ inputs.ionicons-version }}
working-directory: ./core
shell: bash
- name: Build Core
- name: 🏗️ Build Core
run: npm run build -- --ci
working-directory: ./core
shell: bash
Expand Down
10 changes: 5 additions & 5 deletions .github/workflows/actions/build-react-router/action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ description: 'Build Ionic React Router'
runs:
using: 'composite'
steps:
- uses: actions/setup-node@v6
- uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
with:
node-version: 24.x
- uses: ./.github/workflows/actions/download-archive
Expand All @@ -16,19 +16,19 @@ runs:
name: ionic-react
path: ./packages/react
filename: ReactBuild.zip
- name: Install Dependencies
- name: 🕸️ Install Dependencies
run: npm ci
shell: bash
working-directory: ./packages/react-router
- name: Sync
- name: 🔄 Sync
run: npm run sync
shell: bash
working-directory: ./packages/react-router
- name: Lint
- name: 🖌️ Lint
run: npm run lint
shell: bash
working-directory: ./packages/react-router
- name: Build
- name: 🏗️ Build
run: npm run build
shell: bash
working-directory: ./packages/react-router
Expand Down
14 changes: 7 additions & 7 deletions .github/workflows/actions/build-react/action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,35 +3,35 @@ description: 'Build Ionic React'
runs:
using: 'composite'
steps:
- uses: actions/setup-node@v6
- uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
with:
node-version: 24.x
- uses: ./.github/workflows/actions/download-archive
with:
name: ionic-core
path: ./core
filename: CoreBuild.zip
- name: Install React Dependencies
- name: 🕸️ Install React Dependencies
run: npm ci
shell: bash
working-directory: ./packages/react
- name: Sync
- name: 🔄 Sync
run: npm run sync
shell: bash
working-directory: ./packages/react
- name: Lint
- name: 🖌️ Lint
run: npm run lint
shell: bash
working-directory: ./packages/react
- name: Build
- name: 🏗️ Build
run: npm run build
shell: bash
working-directory: ./packages/react
- name: Test Spec
- name: 🧪 Test Spec
run: npm run test.spec
shell: bash
working-directory: ./packages/react
- name: Check Diff
- name: 🔍 Check Diff
run: git diff --exit-code
shell: bash
working-directory: ./packages/react
Expand Down
12 changes: 6 additions & 6 deletions .github/workflows/actions/build-vue-router/action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ description: 'Builds Ionic Vue Router'
runs:
using: 'composite'
steps:
- uses: actions/setup-node@v6
- uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
with:
node-version: 24.x
- uses: ./.github/workflows/actions/download-archive
Expand All @@ -16,23 +16,23 @@ runs:
name: ionic-vue
path: ./packages/vue
filename: VueBuild.zip
- name: Install Vue Router Dependencies
- name: 🕸️ Install Vue Router Dependencies
run: npm ci
shell: bash
working-directory: ./packages/vue-router
- name: Sync
- name: 🔄 Sync
run: npm run sync
shell: bash
working-directory: ./packages/vue-router
- name: Lint
- name: 🖌️ Lint
run: npm run lint
shell: bash
working-directory: ./packages/vue-router
- name: Build
- name: 🏗️ Build
run: npm run build
shell: bash
working-directory: ./packages/vue-router
- name: Test Spec
- name: 🧪 Test Spec
run: npm run test.spec
shell: bash
working-directory: ./packages/vue-router
Expand Down
12 changes: 6 additions & 6 deletions .github/workflows/actions/build-vue/action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,31 +3,31 @@ description: 'Build Ionic Vue'
runs:
using: 'composite'
steps:
- uses: actions/setup-node@v6
- uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
with:
node-version: 24.x
- uses: ./.github/workflows/actions/download-archive
with:
name: ionic-core
path: ./core
filename: CoreBuild.zip
- name: Install Vue Dependencies
- name: 🕸️ Install Vue Dependencies
run: npm ci
shell: bash
working-directory: ./packages/vue
- name: Sync
- name: 🔄 Sync
run: npm run sync
shell: bash
working-directory: ./packages/vue
- name: Lint
- name: 🖌️ Lint
run: npm run lint
shell: bash
working-directory: ./packages/vue
- name: Build
- name: 🏗️ Build
run: npm run build
shell: bash
working-directory: ./packages/vue
- name: Check Diff
- name: 🔍 Check Diff
run: git diff --exit-code
shell: bash
working-directory: ./packages/vue
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/actions/download-archive/action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,6 @@ runs:
with:
name: ${{ inputs.name }}
path: ${{ inputs.path }}
- name: Extract Archive
- name: 🔎 Extract Archive
run: unzip -q -o ${{ inputs.path }}/${{ inputs.filename }}
shell: bash
39 changes: 21 additions & 18 deletions .github/workflows/actions/publish-npm/action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,48 +8,51 @@ inputs:
tag:
description: 'The tag to publish to on NPM.'
preid:
description: 'The prerelease identifier used when doing a prerelease.'
description: "Prerelease identifier such as 'alpha', 'beta', 'rc', or 'next'. Leave blank to skip prerelease tagging."
working-directory:
description: 'The directory of the package.'
folder:
default: './'
description: 'A folder containing a package.json file.'
token:
description: 'The NPM authentication token required to publish.'
node-version:
description: 'Node.js version to use when publishing.'
required: false
default: '24.x'
runs:
using: 'composite'
steps:
- uses: actions/setup-node@v6
- name: 🟢 Configure Node for Publish
uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
with:
node-version: 24.x
node-version: ${{ inputs.node-version }}
registry-url: 'https://registry.npmjs.org'
# Provenance requires npm 9.5.0+
- name: Install latest npm
- name: 📦 Install latest npm
run: npm install -g npm@latest
shell: bash
# This ensures the local version of Lerna is installed
# and that we do not use the global Lerna version
- name: Install root dependencies
- name: 🕸️ Install root dependencies
run: npm ci
shell: bash
- name: Install Dependencies
- name: 📦 Install Dependencies
run: npx lerna@5 bootstrap --include-dependencies --scope ${{ inputs.scope }} --ignore-scripts -- --legacy-peer-deps
shell: bash
working-directory: ${{ inputs.working-directory }}
- name: Update Version
run: npx lerna@5 version ${{ inputs.version }} --yes --exact --no-changelog --no-push --no-git-tag-version --preid=${{ inputs.preid }}
- name: 🏷️ Set Version
run: |
if [ -z "${{ inputs.preid }}" ]; then
npx lerna@5 version ${{ inputs.version }} --yes --exact --no-changelog --no-push --no-git-tag-version
else
npx lerna@5 version ${{ inputs.version }} --yes --exact --no-changelog --no-push --no-git-tag-version --preid=${{ inputs.preid }}
Copy link
Contributor

@thetaPC thetaPC Nov 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Does this command break if no preid is passed?

Copy link
Contributor Author

@gnbm gnbm Nov 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The lerna version guard already handles empty preid: when the workflow passes an empty string, the first branch runs, so no --preid flag is added; any non-empty selection (alpha/beta/etc.) still works through the else branch.
Am I missing something?

Copy link
Contributor

@thetaPC thetaPC Nov 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If no errors are thrown then does this new if statement mainly used to run a cleaner command?

Copy link
Contributor Author

@gnbm gnbm Nov 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Correct!

fi
shell: bash
working-directory: ${{ inputs.working-directory }}
- name: Run Build
- name: 🏗️ Run Build
run: npm run build
shell: bash
working-directory: ${{ inputs.working-directory }}
- name: Prepare NPM Token
run: echo //registry.npmjs.org/:_authToken=${NPM_TOKEN} > .npmrc
working-directory: ${{ inputs.working-directory }}
shell: bash
env:
NPM_TOKEN: ${{ inputs.token }}
- name: Publish to NPM
- name: 🚀 Publish to NPM
run: npm publish ${{ inputs.folder }} --tag ${{ inputs.tag }} --provenance
shell: bash
working-directory: ${{ inputs.working-directory }}
12 changes: 6 additions & 6 deletions .github/workflows/actions/test-angular-e2e/action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ inputs:
runs:
using: 'composite'
steps:
- uses: actions/setup-node@v6
- uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
with:
node-version: 24.x
- uses: ./.github/workflows/actions/download-archive
Expand All @@ -24,23 +24,23 @@ runs:
name: ionic-angular-server
path: ./packages/angular-server
filename: AngularServerBuild.zip
- name: Create Test App
- name: 🧪 Create Test App
run: ./build.sh ${{ inputs.app }}
shell: bash
working-directory: ./packages/angular/test
- name: Install Dependencies
- name: 🕸️ Install Dependencies
run: npm install
shell: bash
working-directory: ./packages/angular/test/build/${{ inputs.app }}
- name: Install Playwright Browsers
- name: 📦 Install Playwright Browsers
run: npx playwright install
shell: bash
working-directory: ./packages/angular/test/build/${{ inputs.app }}
- name: Sync Built Changes
- name: 🔄 Sync Built Changes
run: npm run sync
shell: bash
working-directory: ./packages/angular/test/build/${{ inputs.app }}
- name: Run Tests
- name: 🧪 Run Tests
run: npm run test
shell: bash
working-directory: ./packages/angular/test/build/${{ inputs.app }}
4 changes: 2 additions & 2 deletions .github/workflows/actions/test-core-clean-build/action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ description: 'Test Core Clean Build'
runs:
using: 'composite'
steps:
- uses: actions/setup-node@v6
- uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
with:
node-version: 24.x

Expand All @@ -12,7 +12,7 @@ runs:
name: ionic-core
path: ./core
filename: CoreBuild.zip
- name: Check Diff
- name: 🔍 Check Diff
run: |
git diff --exit-code || {
echo -e "\033[1;31m⚠️ Error: Differences Detected ⚠️\033[0m"
Expand Down
Loading
Loading