name: release on: push: tags: - "v*" # Remove default permissions of GITHUB_TOKEN for security # https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs permissions: {} jobs: release: if: github.repository == 'nuxt/nuxt' && (startsWith(github.event.head_commit.message, 'v3.') || startsWith(github.event.head_commit.message, 'v4.')) concurrency: group: release permissions: id-token: write runs-on: ubuntu-latest timeout-minutes: 20 steps: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: fetch-depth: 0 - run: corepack enable - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 with: node-version: 20 registry-url: "https://registry.npmjs.org/" cache: "pnpm" - name: Install dependencies run: pnpm install - name: Build (stub) run: pnpm dev:prepare - name: Release run: ./scripts/release.sh env: NODE_AUTH_TOKEN: ${{secrets.RELEASE_NODE_AUTH_TOKEN}} NPM_CONFIG_PROVENANCE: true