name: Release on: push: branches: [main] workflow_dispatch: jobs: release: runs-on: ubuntu-latest permissions: contents: write issues: write pull-requests: write id-token: write steps: - name: Checkout code uses: actions/checkout@v4 with: fetch-depth: 0 token: ${{ secrets.PAT_TOKEN }} - name: Setup Node.js uses: actions/setup-node@v4 with: node-version: '22' registry-url: 'https://registry.npmjs.org' - name: Setup Bun uses: oven-sh/setup-bun@v2 with: bun-version: latest - name: Install dependencies run: | bun install --frozen-lockfile cd ui && bun install --frozen-lockfile - name: Build package run: bun run build:all - name: Validate (typecheck + lint + tests) run: bun run validate - name: Release env: HUSKY: 0 GITHUB_TOKEN: ${{ secrets.PAT_TOKEN }} GH_TOKEN: ${{ secrets.PAT_TOKEN }} NPM_TOKEN: ${{ secrets.NPM_TOKEN }} NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} run: bunx semantic-release