New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details →
@mafintosh/ci-testing
Advanced tools
@mafintosh/ci-testing - npm Package Compare versions
| name: Release to public npm | ||
| on: | ||
| pull_request: | ||
| types: [closed] | ||
| branches: | ||
| - main | ||
| jobs: | ||
| approve-release: | ||
| if: "${{ github.event.pull_request.merged == true && startsWith(github.event.pull_request.title, 'Release: ') }}" | ||
| runs-on: ubuntu-latest | ||
| environment: release | ||
| permissions: | ||
| contents: write | ||
| id-token: write | ||
| steps: | ||
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 | ||
| with: | ||
| persist-credentials: false | ||
| - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6 | ||
| with: | ||
| node-version: lts/* | ||
| registry-url: 'https://registry.npmjs.org' | ||
| - run: | | ||
| VERSION=$(node -p "require('./package.json').version") | ||
| npm version $VERSION --no-git-tag-version --allow-same-version | ||
| git remote set-url origin https://x-access-token:${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }}.git | ||
| if ! git ls-remote --tags origin | grep -q "refs/tags/v$VERSION$"; then | ||
| git tag "v$VERSION" | ||
| git push origin "v$VERSION" | ||
| fi | ||
| npm publish --access public --provenance --tag latest --ignore-scripts | ||
| env: | ||
| NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} |
| name: Bump Version | ||
| on: | ||
| workflow_dispatch: | ||
| inputs: | ||
| bump: | ||
| description: Version bump type | ||
| required: true | ||
| type: choice | ||
| options: | ||
| - major | ||
| - minor | ||
| - patch | ||
| - prerelease | ||
| preid: | ||
| description: Pre-release identifier | ||
| required: false | ||
| type: string | ||
| jobs: | ||
| bump-version: | ||
| permissions: | ||
| contents: write | ||
| pull-requests: write | ||
| uses: mafintosh/actions/.github/workflows/release-pr.yml@main | ||
| with: | ||
| bump: ${{ inputs.bump }} | ||
| preid: ${{ inputs.preid }} |
@@ -1,33 +0,1 @@ | ||
| name: Release to public npm | ||
| on: | ||
| pull_request: | ||
| types: [closed] | ||
| branches: | ||
| - main | ||
| jobs: | ||
| approve-release: | ||
| if: "${{ github.event.pull_request.merged == true && startsWith(github.event.pull_request.title, 'Release: ') }}" | ||
| runs-on: ubuntu-latest | ||
| environment: release | ||
| permissions: | ||
| contents: write | ||
| id-token: write | ||
| steps: | ||
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 | ||
| with: | ||
| persist-credentials: false | ||
| - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6 | ||
| with: | ||
| node-version: lts/* | ||
| registry-url: 'https://registry.npmjs.org' | ||
| - run: | | ||
| VERSION=$(node -p "require('./package.json').version") | ||
| npm version $VERSION --no-git-tag-version --allow-same-version | ||
| git remote set-url origin https://x-access-token:${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }}.git | ||
| if ! git ls-remote --tags origin | grep -q "refs/tags/v$VERSION$"; then | ||
| git tag "v$VERSION" | ||
| git push origin "v$VERSION" | ||
| fi | ||
| npm publish --access public --provenance --tag latest --ignore-scripts | ||
| env: | ||
| NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} | ||
+1
-1
| { | ||
| "name": "@mafintosh/ci-testing", | ||
| "version": "3.0.6", | ||
| "version": "4.0.12", | ||
| "description": "hello", | ||
@@ -5,0 +5,0 @@ "homepage": "https://github.com/mafintosh/ci-testing#readme", |
No alert changes
Improved metrics
- Total package byte prevSize
2338
32.92%- Number of package files
5
66.67%No dependency changes