Files
pm-claude-skills/.github/workflows/npm-publish.yml
T
mohitagw15856 1d18e50c68 Fix npm-publish tag check to accept capital-V tags (#31)
The release tag check stripped only a lowercase 'v', so a tag like V17.0.0
failed against package.json 17.0.0. Strip a leading v OR V.


Claude-Session: https://claude.ai/code/session_016JWn5jRD5tcEFKrubjQ6Px

Co-authored-by: Claude <noreply@anthropic.com>
2026-06-17 22:50:34 +01:00

51 lines
1.7 KiB
YAML

name: Publish to npm
# Publishes the package to npm when you publish a GitHub Release (or run this
# workflow manually). No local npm needed — set one repo secret, NPM_TOKEN, and
# every release ships `npx pm-claude-skills` to the world.
#
# One-time setup:
# 1. Create a free npm account at https://www.npmjs.com/signup
# 2. Profile -> Access Tokens -> Generate New Token -> "Automation"
# 3. In this repo: Settings -> Secrets and variables -> Actions -> New repository
# secret named NPM_TOKEN with that token.
# Then: publish a GitHub Release tagged vX.Y.Z (matching package.json version).
on:
release:
types: [published]
workflow_dispatch:
permissions:
contents: read
id-token: write # enables npm provenance (a verified "published from this repo" badge)
jobs:
publish:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up Node
uses: actions/setup-node@v4
with:
node-version: '20'
registry-url: 'https://registry.npmjs.org'
- name: Verify release tag matches package.json version
if: github.event_name == 'release'
run: |
TAG="${GITHUB_REF_NAME#[vV]}" # strip a leading v or V (v17.0.0 / V17.0.0)
PKG="$(node -p "require('./package.json').version")"
echo "release tag: $TAG | package.json: $PKG"
if [ "$TAG" != "$PKG" ]; then
echo "::error::Release tag ($TAG) does not match package.json version ($PKG). Bump package.json or fix the tag."
exit 1
fi
- name: Publish to npm (public, with provenance)
run: npm publish --provenance --access public
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}