Conversation
There was a problem hiding this comment.
Pull request overview
This PR adjusts the npm publish GitHub Actions workflow to stop committing/pushing version bumps and instead run Changesets versioning locally in downstream jobs.
Changes:
- Removed
contents: writepermissions and the git commit/push step from theversion-packagesjob. - Added “Version packages locally from changesets” steps to
build-and-checkandrelease-gate.
You can also share your feedback on Copilot code review. Take the survey.
| - name: Install dependencies | ||
| run: bun install | ||
| - name: Version packages | ||
| run: bun run version-packages |
There was a problem hiding this comment.
The version-packages job now runs bun run version-packages but no longer commits/pushes the resulting version bumps (and doesn’t upload them as an artifact). Because each job checks out a fresh workspace, these version changes won’t be visible to later jobs, so this job is effectively wasted work and can’t ensure consistent versions across the workflow. Either reintroduce a mechanism to persist the versioned files (commit+push with appropriate permissions, or upload/download an artifact), or remove this job and run versioning only in the jobs that need it (including publish).
There was a problem hiding this comment.
We can't commit to master, it was rejected last time. Co we do artifacts then?
| - name: Version packages locally from changesets | ||
| if: ${{ needs.check-changesets.outputs.has_changesets == 'true' }} | ||
| run: bun run version-packages |
There was a problem hiding this comment.
build-and-check versions packages locally and then computes to_publish based on the bumped versions, but the publish job does not run version-packages (and the earlier version-packages job no longer persists changes). This can cause publish to attempt to publish different (likely already-published) versions than the ones build-and-check checked, leading to failed publishes or inconsistent releases. Ensure the exact same versioned state is used for both detection and publishing (e.g., run version-packages in publish, or share a single versioned workspace via commit/artifacts).
| - name: Version packages locally from changesets | |
| if: ${{ needs.check-changesets.outputs.has_changesets == 'true' }} | |
| run: bun run version-packages | |
| # NOTE: Do not run `version-packages` locally here. | |
| # Versioning is handled by the dedicated `version-packages` job so that | |
| # all downstream jobs (including publish) see a consistent versioned state. |
| - name: Version packages locally from changesets | ||
| if: ${{ needs.check-changesets.outputs.has_changesets == 'true' }} | ||
| run: bun run version-packages |
There was a problem hiding this comment.
release-gate versions packages locally before packing/verifying tarballs, but that versioned state is not shared with the publish job. This means the tarballs you verify here may not match what ultimately gets published, undermining the purpose of the gate. Align the workflow so release-gate and publish operate on the same versioned sources (single versioning step with persisted output, or re-run versioning in publish deterministically).
| - name: Version packages locally from changesets | |
| if: ${{ needs.check-changesets.outputs.has_changesets == 'true' }} | |
| run: bun run version-packages |
|
@copilot please fix the workflow. Do not rely on comitting, since master is currently protected. Pass artifacts if that helps. |
Co-authored-by: Looted <6255880+Looted@users.noreply.github.com>
[WIP] Fix npm publish GitHub Actions workflow
No description provided.