| # Licensed to the Apache Software Foundation (ASF) under one |
| # or more contributor license agreements. See the NOTICE file |
| # distributed with this work for additional information |
| # regarding copyright ownership. The ASF licenses this file |
| # to you under the Apache License, Version 2.0 (the |
| # "License"); you may not use this file except in compliance |
| # with the License. You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, |
| # software distributed under the License is distributed on an |
| # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| # KIND, either express or implied. See the License for the |
| # specific language governing permissions and limitations |
| # under the License. |
| |
| name: Publish JavaScript |
| run-name: "JavaScript Release: ${{ github.ref_name }}" |
| |
| on: |
| push: |
| tags: ['v*'] |
| |
| permissions: |
| contents: read |
| id-token: write |
| |
| concurrency: |
| group: release-javascript-${{ github.ref }} |
| cancel-in-progress: false |
| |
| jobs: |
| publish-npm: |
| runs-on: ubuntu-latest |
| if: github.repository == 'apache/fory' && !startsWith(github.ref_name, 'go/fory') |
| steps: |
| - uses: actions/checkout@v5 |
| |
| - uses: actions/setup-node@v4 |
| with: |
| node-version: '20' |
| registry-url: 'https://registry.npmjs.org' |
| |
| - name: Upgrade npm for trusted publishing |
| run: npm i -g npm@latest |
| |
| - name: Verify Node/npm versions |
| shell: bash |
| run: | |
| set -euo pipefail |
| echo "Node: $(node --version)" |
| echo "npm: $(npm --version)" |
| REQUIRED="11.5.1" |
| CURRENT="$(npm --version)" |
| if [[ "$(printf '%s\n' "$REQUIRED" "$CURRENT" | sort -V | head -n1)" != "$REQUIRED" ]]; then |
| echo "npm version must be >= $REQUIRED for trusted publishing. current=$CURRENT" |
| exit 1 |
| fi |
| |
| - name: Bump javascript version |
| shell: bash |
| run: | |
| set -euo pipefail |
| VERSION="${{ github.ref_name }}" |
| VERSION="${VERSION#v}" |
| python ci/release.py bump_version -l javascript -version "$VERSION" |
| |
| - name: Install dependencies |
| shell: bash |
| working-directory: javascript |
| run: npm install |
| |
| - name: Build packages |
| shell: bash |
| working-directory: javascript |
| run: npm run build |
| |
| - name: Prepare npm for trusted publishing |
| shell: bash |
| run: | |
| set -euo pipefail |
| npm config set registry https://registry.npmjs.org/ |
| npm config delete //registry.npmjs.org/:_authToken || true |
| npm config get registry |
| |
| - name: Verify repository metadata for provenance |
| shell: bash |
| run: | |
| set -euo pipefail |
| node <<'EOF' |
| const fs = require("node:fs"); |
| |
| const expected = "git@github.com:apache/fory.git"; |
| const files = [ |
| "javascript/packages/core/package.json", |
| "javascript/packages/hps/package.json" |
| ]; |
| |
| for (const file of files) { |
| const json = JSON.parse(fs.readFileSync(file, "utf8")); |
| const actual = json?.repository ?? ""; |
| if (actual !== expected) { |
| console.error( |
| `Repository URL mismatch in ${file}: expected "${expected}", got "${actual}"` |
| ); |
| process.exit(1); |
| } |
| } |
| |
| console.log("repository metadata verified for all publishable packages"); |
| EOF |
| |
| - name: Publish @apache-fory/hps |
| shell: bash |
| working-directory: javascript/packages/hps |
| run: | |
| set -euo pipefail |
| TAG="latest" |
| if echo "${{ github.ref_name }}" | grep -qE '[-]'; then |
| TAG="next" |
| fi |
| npm publish --access public --tag "$TAG" --provenance |
| env: |
| NODE_AUTH_TOKEN: "" |
| NPM_TOKEN: "" |
| |
| - name: Publish @apache-fory/core |
| shell: bash |
| working-directory: javascript/packages/core |
| run: | |
| set -euo pipefail |
| TAG="latest" |
| if echo "${{ github.ref_name }}" | grep -qE '[-]'; then |
| TAG="next" |
| fi |
| npm publish --access public --tag "$TAG" --provenance |
| env: |
| NODE_AUTH_TOKEN: "" |
| NPM_TOKEN: "" |
