bumped the version number to 25.6.1 #28
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish to npm with provenance | |
| on: | |
| push: | |
| tags: | |
| - '*.*.*' | |
| - '*.*.*-alpha.*' | |
| - '*.*.*-beta.*' | |
| - '*.*.*-rc.*' | |
| permissions: | |
| contents: write # Required for creating GitHub releases | |
| id-token: write # Required for npm provenance | |
| jobs: | |
| publish: | |
| runs-on: ubuntu-latest | |
| concurrency: | |
| group: release-${{ github.ref }} | |
| cancel-in-progress: false | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v5 | |
| with: | |
| path: workspace/ngx-extended-pdf-viewer | |
| fetch-depth: 0 | |
| - name: Checkout mypdf.js repository | |
| uses: actions/checkout@v5 | |
| with: | |
| repository: stephanrauh/pdf.js | |
| path: workspace/mypdf.js | |
| fetch-depth: 0 | |
| - name: Set up Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: '22' | |
| registry-url: 'https://registry.npmjs.org' | |
| - name: Install dependencies (ngx-extended-pdf-viewer) | |
| working-directory: workspace/ngx-extended-pdf-viewer | |
| run: npm ci --ignore-scripts && npm audit fix --ignore-scripts && ./build-tools/search-for-shai-hulud.sh --full && npm rebuild esbuild | |
| - name: Generate SBOM (before npm upgrade) | |
| working-directory: workspace/ngx-extended-pdf-viewer | |
| run: npx -y @cyclonedx/cyclonedx-npm --output-file sbom.json --mc-type library || echo "⚠️ SBOM generation failed (will retry in build script)" | |
| - name: Upgrade to npm 11.5.1+ for trusted publishing | |
| run: | | |
| npm install -g npm@latest | |
| npm config delete always-auth || true | |
| - name: Verify tag matches package.json version | |
| working-directory: workspace/ngx-extended-pdf-viewer | |
| run: | | |
| TAG_VERSION=${GITHUB_REF#refs/tags/} | |
| PACKAGE_VERSION=$(node -p "require('./projects/ngx-extended-pdf-viewer/package.json').version") | |
| if [ "$TAG_VERSION" != "$PACKAGE_VERSION" ]; then | |
| echo "Error: Tag version ($TAG_VERSION) does not match package.json version ($PACKAGE_VERSION)" | |
| exit 1 | |
| fi | |
| echo "✓ Version verified: $PACKAGE_VERSION" | |
| - name: Build and publish library | |
| working-directory: workspace/ngx-extended-pdf-viewer | |
| run: npm run do-release:lib | |
| - name: Create package tarball | |
| working-directory: workspace/ngx-extended-pdf-viewer/dist/ngx-extended-pdf-viewer | |
| run: npm pack | |
| - name: Create minimal source archive | |
| working-directory: workspace/ngx-extended-pdf-viewer | |
| run: | | |
| TAG_VERSION=${GITHUB_REF#refs/tags/} | |
| SOURCE_DIR=$(pwd) | |
| mkdir -p /tmp/ngx-extended-pdf-viewer-source | |
| cp -r projects/ngx-extended-pdf-viewer /tmp/ngx-extended-pdf-viewer-source/ | |
| cp -r build-tools /tmp/ngx-extended-pdf-viewer-source/ | |
| cp angular.json package.json package-lock.json /tmp/ngx-extended-pdf-viewer-source/ | |
| cp tsconfig*.json tslint.json jest.config.ts setup-jest.ts /tmp/ngx-extended-pdf-viewer-source/ | |
| cp README.md LICENSE .editorconfig .prettierrc /tmp/ngx-extended-pdf-viewer-source/ | |
| cd /tmp | |
| tar -czf ngx-extended-pdf-viewer-${TAG_VERSION}-source.tar.gz ngx-extended-pdf-viewer-source | |
| mv ngx-extended-pdf-viewer-${TAG_VERSION}-source.tar.gz "${SOURCE_DIR}/" | |
| - name: Create GitHub Release | |
| uses: softprops/action-gh-release@v1 | |
| with: | |
| generate_release_notes: true | |
| repository: stephanrauh/ngx-extended-pdf-viewer | |
| files: | | |
| workspace/ngx-extended-pdf-viewer/dist/ngx-extended-pdf-viewer/*.tgz | |
| workspace/ngx-extended-pdf-viewer/*-source.tar.gz | |
| workspace/ngx-extended-pdf-viewer/sbom.json | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |