perron
perron copied to clipboard
Automatic NPM publish
Automatically publish a new version when a new commit with a version bump in package.json
is pushed to master
branch.
- Pros:
- easier maintenance
- Cons:
- no good 2FA support https://github.com/nodejs/package-maintenance/issues/244
npm rolled out Automation Tokens! https://dev.to/bnb/securely-automating-npm-publish-with-the-new-npm-automation-tokens-oei
Options for publishing:
- https://github.com/marketplace/actions/automated-releases-for-npm-packages A popular GitHub action. For each merge to
master
,version
is automatically updated based on the commit message. A commit and a tag are created and pushed to GitHub.version
doesn't need to be updated in PRs. The versioning rule may not work well with0.x.x
versions. - https://github.com/marketplace/actions/publish-to-npm
version
has to be explicitly updated in PRs. A tag is pushed to GitHub for each merge. - https://docs.github.com/en/free-pro-team@latest/actions/guides/publishing-nodejs-packages Manual configuration.
version
has to be explicitly updated in PRs. Tag push is missing and has to be implemented if necessary.
https://snyk.io/blog/github-actions-to-securely-publish-npm-packages/