chore: bump to 5.12.3 - Socket.dev ESM triage + pipe-mode approval ha… #552
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| "on": | |
| push: | |
| branches: [main] | |
| tags: ['v*'] | |
| pull_request: | |
| branches: [main] | |
| permissions: | |
| contents: read | |
| actions: read | |
| jobs: | |
| test: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| node-version: [18, 20, 22] | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 | |
| - name: Setup Node.js ${{ matrix.node-version }} | |
| uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6 | |
| with: | |
| node-version: ${{ matrix.node-version }} | |
| cache: 'npm' | |
| - name: Install dependencies | |
| run: npm ci | |
| - name: Type check | |
| run: npx tsc --noEmit | |
| - name: Build | |
| run: npm run build | |
| - name: Test - Core (79 tests) | |
| run: npx ts-node test-standalone.ts | |
| - name: Test - Security (33 tests) | |
| run: npx ts-node test-security.ts | |
| - name: Test - Adapters (139 tests) | |
| run: npx ts-node test-adapters.ts | |
| - name: Test - Integration (64 tests) | |
| run: npx ts-node test.ts | |
| - name: Test - Phase 4 Behavioral (147 tests) | |
| run: npx ts-node test-phase4.ts | |
| build: | |
| runs-on: ubuntu-latest | |
| needs: test | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6 | |
| with: | |
| node-version: 20 | |
| cache: 'npm' | |
| - name: Install dependencies | |
| run: npm ci | |
| - name: Build | |
| run: npm run build | |
| - name: Verify dist output | |
| run: | | |
| test -f dist/index.js || (echo "dist/index.js missing" && exit 1) | |
| test -f dist/index.d.ts || (echo "dist/index.d.ts missing" && exit 1) | |
| test -f dist/security.js || (echo "dist/security.js missing" && exit 1) | |
| test -d dist/adapters || (echo "dist/adapters missing" && exit 1) | |
| test -d dist/lib || (echo "dist/lib missing" && exit 1) | |
| echo "Build verification passed" | |
| publish: | |
| runs-on: ubuntu-latest | |
| needs: [test, build] | |
| if: startsWith(github.ref, 'refs/tags/v') | |
| # Serialize publish runs for the same tag ref so a re-pointed/forced tag | |
| # cannot race a still-running publish of the same version. | |
| concurrency: | |
| group: publish-${{ github.ref }} | |
| cancel-in-progress: false | |
| permissions: | |
| contents: read | |
| id-token: write # required for npm provenance | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6 | |
| with: | |
| node-version: 20 | |
| cache: 'npm' | |
| registry-url: 'https://registry.npmjs.org' | |
| - name: Install dependencies | |
| run: npm ci | |
| - name: Build | |
| run: npm run build | |
| - name: Publish to npm (with provenance) | |
| run: | | |
| PKG_VERSION=$(node -p "require('./package.json').version") | |
| if [ -n "$(npm view network-ai@$PKG_VERSION version 2>/dev/null)" ]; then | |
| echo "network-ai@$PKG_VERSION already published — skipping." | |
| exit 0 | |
| fi | |
| if npm publish --provenance --access public; then | |
| echo "Published network-ai@$PKG_VERSION." | |
| elif [ -n "$(npm view network-ai@$PKG_VERSION version 2>/dev/null)" ]; then | |
| echo "network-ai@$PKG_VERSION was published by a concurrent run — treating as success." | |
| else | |
| echo "npm publish failed and network-ai@$PKG_VERSION is not on the registry." | |
| exit 1 | |
| fi | |
| env: | |
| NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} |