-
Notifications
You must be signed in to change notification settings - Fork 0
Releasing
All five packs publish to public npm from this repo via GitHub Actions using npm Trusted Publishing (OIDC) — no long-lived npm token.
Each package carries its own version in its package.json and is published independently. Bump the version of any pack you changed before releasing. Packs that didn't change keep their version, and npm publish skips already-published versions.
- Adding/removing a rule → minor bump (new behavior for consumers).
- Editing rule wording → patch bump.
- A breaking restructure → major bump.
.github/workflows/publish.yml runs on a published GitHub Release (or manual workflow_dispatch):
- run: npm install -g npm@latest # Trusted Publishing needs a recent npm
- run: npm ci
- run: npm publish --workspaces --provenance --access public--workspaces publishes every package under packages/. --provenance attaches a signed provenance statement. npm rejects re-publishing an existing version, so only packs with a bumped version actually publish.
Before the first automated publish:
- Enable the wiki in repo Settings → Features (so the wiki sync can push).
-
Create an
NPMGitHub Environment in Settings → Environments. The workflow'senvironment: NPMgates the publish job to it. -
Register each package as a Trusted Publisher on npmjs.com:
- For each of the 5 packages, go to the package page → Settings → Trusted Publishers (or create the package first with a one-time local
npm publish). - Point it at this repo (
prototypdigital/bluetemberg-rules), the workflow filepublish.yml, and theNPMenvironment.
- For each of the 5 packages, go to the package page → Settings → Trusted Publishers (or create the package first with a one-time local
Bootstrapping a brand-new package name on npm requires one initial npm publish from a maintainer's machine (Trusted Publishing can't create a package that doesn't exist yet). After that, all releases go through CI.
- Bump versions on the packs you changed.
- Merge to
main. - Create a GitHub Release (tag it however you like — the workflow triggers on
release: published). - The workflow publishes all changed packs to npm with provenance.
This wiki is generated from docs/wiki/*.md in the repo. .github/workflows/sync-wiki.yml pushes any change under docs/wiki/ to the GitHub Wiki on merge to main — edit the Markdown here, not the wiki directly.