vrr/supermemory
2
0
Fork 0
mirror of https://github.com/supermemoryai/supermemory.git synced 2026-05-19 07:42:43 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

ci: switch npm packages to trusted publishing (OIDC) (#863)
Some checks failed
Publish Cartesia SDK Python / publish (push) Has been cancelled
Details
Publish Tools / publish (push) Has been cancelled
Details

Browse source 
Co-authored-by: Dhravya Shah <dhravyashah@gmail.com>
This commit is contained in:
vorflux[bot] 2026-04-16 19:41:58 -07:00 committed by GitHub
parent 9b32d5c951
commit 5493455f69
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
4 changed files with 64 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

25
.github/workflows/publish-ai-sdk.yml vendored
View file

@ -23,8 +23,12 @@ jobs:
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version: '24'
registry-url: 'https://registry.npmjs.org'
- name: Upgrade npm for trusted publishing support
run: npm install -g npm@latest
- name: Setup Bun
uses: oven-sh/setup-bun@v2
@ -34,11 +38,24 @@ jobs:
- name: Install dependencies
run: bun install
- name: Check if version changed
id: version-check
run: |
PACKAGE_NAME=$(jq -r '.name' package.json)
LOCAL_VERSION=$(jq -r '.version' package.json)
NPM_VERSION=$(npm view "$PACKAGE_NAME" version 2>/dev/null || echo "0.0.0")
if [ "$LOCAL_VERSION" = "$NPM_VERSION" ]; then
echo "Version $LOCAL_VERSION already published, skipping."
echo "changed=false" >> "$GITHUB_OUTPUT"
else
echo "Publishing $LOCAL_VERSION (npm has $NPM_VERSION)"
echo "changed=true" >> "$GITHUB_OUTPUT"
fi
- name: Build
if: steps.version-check.outputs.changed == 'true'
run: bun run build
- name: Publish
run: pnpm publish --access public --verbose
env:
NPM_CONFIG_PROVENANCE: true
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
if: steps.version-check.outputs.changed == 'true'
run: npm publish --access public --provenance

25
.github/workflows/publish-memory-graph.yml vendored
View file

@ -23,8 +23,12 @@ jobs:
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version: '24'
registry-url: 'https://registry.npmjs.org'
- name: Upgrade npm for trusted publishing support
run: npm install -g npm@latest
- name: Setup Bun
uses: oven-sh/setup-bun@v2
@ -34,11 +38,24 @@ jobs:
- name: Install dependencies
run: bun install
- name: Check if version changed
id: version-check
run: |
PACKAGE_NAME=$(jq -r '.name' package.json)
LOCAL_VERSION=$(jq -r '.version' package.json)
NPM_VERSION=$(npm view "$PACKAGE_NAME" version 2>/dev/null || echo "0.0.0")
if [ "$LOCAL_VERSION" = "$NPM_VERSION" ]; then
echo "Version $LOCAL_VERSION already published, skipping."
echo "changed=false" >> "$GITHUB_OUTPUT"
else
echo "Publishing $LOCAL_VERSION (npm has $NPM_VERSION)"
echo "changed=true" >> "$GITHUB_OUTPUT"
fi
- name: Build
if: steps.version-check.outputs.changed == 'true'
run: bun run build
- name: Publish
run: pnpm publish --access public --verbose
env:
NPM_CONFIG_PROVENANCE: true
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
if: steps.version-check.outputs.changed == 'true'
run: npm publish --access public --provenance

25
.github/workflows/publish-tools.yml vendored
View file

@ -23,8 +23,12 @@ jobs:
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version: '24'
registry-url: 'https://registry.npmjs.org'
- name: Upgrade npm for trusted publishing support
run: npm install -g npm@latest
- name: Setup Bun
uses: oven-sh/setup-bun@v2
@ -34,11 +38,24 @@ jobs:
- name: Install dependencies
run: bun install
- name: Check if version changed
id: version-check
run: |
PACKAGE_NAME=$(jq -r '.name' package.json)
LOCAL_VERSION=$(jq -r '.version' package.json)
NPM_VERSION=$(npm view "$PACKAGE_NAME" version 2>/dev/null || echo "0.0.0")
if [ "$LOCAL_VERSION" = "$NPM_VERSION" ]; then
echo "Version $LOCAL_VERSION already published, skipping."
echo "changed=false" >> "$GITHUB_OUTPUT"
else
echo "Publishing $LOCAL_VERSION (npm has $NPM_VERSION)"
echo "changed=true" >> "$GITHUB_OUTPUT"
fi
- name: Build
if: steps.version-check.outputs.changed == 'true'
run: bun run build
- name: Publish
run: pnpm publish --access public --verbose
env:
NPM_CONFIG_PROVENANCE: true
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
if: steps.version-check.outputs.changed == 'true'
run: npm publish --access public --provenance