Skip to content

CD pipeline to auto-publish package updates to npm#4

Merged
jackmisner merged 1 commit intomainfrom
CD
Jan 21, 2026
Merged

CD pipeline to auto-publish package updates to npm#4
jackmisner merged 1 commit intomainfrom
CD

Conversation

@jackmisner
Copy link
Owner

@jackmisner jackmisner commented Jan 21, 2026
edited by coderabbitai bot
Loading

Summary by CodeRabbit

  • Chores
    • Enhanced release automation infrastructure to support continuous integration and publishing workflows.

✏️ Tip: You can customize this high-level summary in your review settings.

@coderabbitai
Copy link

coderabbitai bot commented Jan 21, 2026
edited
Loading

Walkthrough

Introduces a new GitHub Actions workflow that orchestrates continuous integration, publishing, and release processes. The workflow triggers on version tag pushes, executing sequential pipelines for code quality checks, npm package publication with provenance, and automated GitHub release creation.

Changes

Cohort / File(s) Summary
GitHub Actions CI/CD Workflow
.github/workflows/publish.yml		 New workflow file defining three dependent pipelines: ci (type checking, linting, format checks, tests, build), publish (npm publication with provenance and public access), and release (GitHub release with generated notes). Triggered on version tag pushes matching v*.. pattern.
🚥 Pre-merge checks | ✅ 2
✅ Passed checks (2 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately reflects the main change: introducing a CD pipeline that automates package publishing to npm on version tags.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

Comment @coderabbitai help to get the list of available commands and usage tips.

coderabbitai[bot]
coderabbitai bot reviewed Jan 21, 2026
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Fix all issues with AI agents 
In @.github/workflows/publish.yml:
- Around line 68-69: The publish step named "Publish to npm" calls "npm publish
--provenance --access public" but lacks the NODE_AUTH_TOKEN environment variable
required by actions/setup-node for npm authentication; update that step to set
env: NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} (ensure a valid NPM_TOKEN secret
exists) so the "npm publish" command can authenticate successfully with the
registry configured by actions/setup-node.
🧹 Nitpick comments (1)
.github/workflows/publish.yml (1)

47-66: Consider caching build artifacts to reduce redundancy.

The ci and publish jobs both perform checkout, dependency installation, and build steps. Whilst this ensures a clean build, you could optimise by uploading build artifacts from the ci job and downloading them in publish.

This is optional as the current approach is straightforward and ensures reproducibility.

♻️ Optional: Share artifacts between jobs

In the ci job, after the build step:

      - name: Upload build artifacts
        uses: actions/upload-artifact@v4
        with:
          name: dist
          path: dist/

In the publish job, replace the install/build steps:

      - name: Download build artifacts
        uses: actions/download-artifact@v4
        with:
          name: dist
          path: dist/

      - name: Install dependencies
        run: npm ci --omit=dev

@jackmisner jackmisner merged commit e9af330 into main Jan 21, 2026
5 checks passed
@jackmisner jackmisner deleted the CD branch January 21, 2026 17:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jackmisner