Use redirectToHandler in StackHandler and disallow string default URL… #105
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish npm packages | |
| on: | |
| push: | |
| branches: | |
| - main | |
| permissions: | |
| id-token: write # Required for npm OIDC provenance | |
| contents: write | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: false # Don't cancel publishing in progress | |
| jobs: | |
| publish: | |
| runs-on: ubuntu-latest | |
| environment: "hexclave/stack-auth — Publish npm packages" | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 | |
| with: | |
| fetch-depth: 0 | |
| token: ${{ secrets.NPM_PUBLISH_VERSION_UPDATE_PR_PAT }} | |
| - name: Setup Node.js | |
| uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6 | |
| with: | |
| node-version: 'latest' | |
| registry-url: 'https://registry.npmjs.org' | |
| - name: Setup pnpm | |
| uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4 | |
| - name: Install dependencies | |
| run: pnpm install --frozen-lockfile | |
| - name: Clean | |
| run: pnpm run clean | |
| - name: Install dependencies (after clean) | |
| run: pnpm install --frozen-lockfile | |
| - name: Build packages | |
| run: pnpm build:packages | |
| - name: Publish packages | |
| # pnpm publish skips versions that already exist on npm by default | |
| run: pnpm publish -r --no-git-checks --access public | |
| env: | |
| NPM_CONFIG_PROVENANCE: true | |
| - name: Update package versions on dev | |
| run: | | |
| git config user.name "github-actions[bot]" | |
| git config user.email "github-actions[bot]@users.noreply.github.com" | |
| git add . | |
| git diff --exit-code HEAD | |
| git fetch origin dev:dev | |
| git checkout dev | |
| git diff --exit-code dev origin/dev | |
| pnpm install --frozen-lockfile | |
| CHANGESET_FILE=".changeset/update-package-versions-${GITHUB_RUN_ID}.md" | |
| cat > "$CHANGESET_FILE" <<'EOF' | |
| --- | |
| "@stackframe/stack": patch | |
| --- | |
| Update package versions. | |
| EOF | |
| pnpm changeset version | |
| version=$(grep '"version":' packages/template/package.json) | |
| sed "s/^[[:space:]]*\"version\":.*/$version/" packages/template/package-template.json > packages/template/package-template.json.untracked.tmp | |
| mv packages/template/package-template.json.untracked.tmp packages/template/package-template.json | |
| git add -A | |
| if git diff --staged --quiet; then | |
| echo "No package version changes to commit" | |
| exit 0 | |
| fi | |
| git commit -m "chore: update package versions" | |
| git push origin dev |