Merge branch 'main' into bugfix/48725-v2

.github/workflows/cla.yml

@@ -8,32 +8,5 @@ on:
 
 jobs:
     CLA:
-        runs-on: ubuntu-latest
-        # This job only runs for pull request comments or pull request target events (not issue comments)
-        if: github.event.issue.pull_request || github.event_name == 'pull_request_target'
-        steps:
-            - uses: actions-ecosystem/action-regex-match@9c35fe9ac1840239939c59e5db8839422eed8a73
-              id: sign
-              with:
-                  text: ${{ github.event.comment.body }}
-                  regex: '\s*I have read the CLA Document and I hereby sign the CLA\s*'
-            - uses: actions-ecosystem/action-regex-match@9c35fe9ac1840239939c59e5db8839422eed8a73
-              id: recheck
-              with:
-                  text: ${{ github.event.comment.body }}
-                  regex: '\s*recheck\s*'
-            - name: CLA Assistant
-              if: ${{ steps.recheck.outputs.match != '' || steps.sign.outputs.match != '' }} || github.event_name == 'pull_request_target'
-              # Version: 2.1.2-beta
-              uses: cla-assistant/github-action@948230deb0d44dd38957592f08c6bd934d96d0cf
-              env:
-                  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-                  PERSONAL_ACCESS_TOKEN : ${{ secrets.CLA_BOTIFY_TOKEN }}
-              with:
-                  path-to-signatures: '${{ github.repository }}/cla.json'
-                  path-to-document: 'https://github.com/${{ github.repository }}/blob/main/CLA.md'
-                  branch: 'main'
-                  remote-organization-name: 'Expensify'
-                  remote-repository-name: 'CLA'
-                  lock-pullrequest-aftermerge: false
-                  allowlist: 'snyk-bot,OSBotify'
+        uses: Expensify/GitHub-Actions/.github/workflows/cla.yml@main
+        secrets: inherit

.github/workflows/publish.yml

@@ -1,77 +1,18 @@
 name: Publish package to npmjs
 
-# This workflow runs when code is pushed to `main` (i.e: when a pull request is merged)
 on:
     push:
         branches: [main]
 
-# Ensure that only once instance of this workflow executes at a time.
+# Ensure that only one instance of this workflow executes at a time.
 # If multiple PRs are merged in quick succession, there will only ever be one publish workflow running and one pending.
 concurrency: ${{ github.workflow }}
 
 jobs:
-    version:
-        runs-on: ubuntu-latest
-
-        # OSBotify will update the version on `main`, so this check is important to prevent an infinite loop
-        if: ${{ github.actor != 'OSBotify' }}
-
-        steps:
-            - uses: actions/checkout@v4
-              with:
-                  ref: main
-                  # The OS_BOTIFY_COMMIT_TOKEN is a personal access token tied to osbotify, which allows him to push to protected branches
-                  token: ${{ secrets.OS_BOTIFY_COMMIT_TOKEN }}
-
-            - name: Decrypt & Import OSBotify GPG key
-              run: |
-                  cd .github
-                  gpg --quiet --batch --yes --decrypt --passphrase="$LARGE_SECRET_PASSPHRASE" --output OSBotify-private-key.asc OSBotify-private-key.asc.gpg
-                  gpg --import OSBotify-private-key.asc
-              env:
-                  LARGE_SECRET_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }}
-
-            - name: Set up git for OSBotify
-              run: |
-                  git config --global user.signingkey AEE1036472A782AB
-                  git config --global commit.gpgsign true
-                  git config --global user.name OSBotify
-                  git config --global user.email [email protected]
-
-            - uses: actions/setup-node@v4
-              with:
-                  node-version-file: ".nvmrc"
-                  registry-url: "https://registry.npmjs.org"
-
-            - name: Install npm packages
-              run: npm ci
-
-            - name: Update npm version
-              run: npm version patch
-
-            - name: Set new version in GitHub ENV
-              run: echo "NEW_VERSION=$(jq '.version' package.json)" >> $GITHUB_ENV
-
-            - name: Push branch and publish tags
-              run: git push origin main && git push --tags
-
-            - name: Build package
-              run: npm run build
-
-            - name: Publish to npm
-              run: npm publish
-              env:
-                  NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
-
-            - name: Get merged pull request
-              id: getMergedPullRequest
-              run: |
-                read -r number < <(gh pr list --search ${{ github.sha }} --state merged --json 'number' | jq -r '.[0] | [.number] | join(" ")')
-                echo "number=$number" >> "$GITHUB_OUTPUT"
-              env:
-                GITHUB_TOKEN: ${{ github.token }}
-
-            - name: Comment on merged pull request
-              run: gh pr comment ${{ steps.getMergedPullRequest.outputs.number }} --body "🚀Published to npm in v${{ env.NEW_VERSION }}"
-              env:
-                GITHUB_TOKEN: ${{ github.token }}
+    publish:
+        # os-botify[bot] will update the version on `main`, so this check is important to prevent an infinite loop
+        if: ${{ github.actor != 'os-botify[bot]' }}
+        uses: Expensify/GitHub-Actions/.github/workflows/npmPublish.yml@main
+        secrets: inherit
+        with:
+            should_run_build: true

.gitignore

@@ -12,9 +12,6 @@ dist/
 # IDEs
 .idea
 
-# Decrypted private key we do not want to commit
-.github/OSBotify-private-key.asc
-
 # Published package
 *.tgz
 

package.json

@@ -1,6 +1,6 @@
 {
   "name": "react-native-onyx",
-  "version": "2.0.73",
+  "version": "2.0.75",
   "author": "Expensify, Inc.",
   "homepage": "https://expensify.com",
   "description": "State management for React Native",