diff --git a/.github/workflows/_ci-build-electron-package-apps.reusable.yml b/.github/workflows/_ci-build-electron-package-apps.reusable.yml index b8ab731c0..b99ed2768 100644 --- a/.github/workflows/_ci-build-electron-package-apps.reusable.yml +++ b/.github/workflows/_ci-build-electron-package-apps.reusable.yml @@ -49,7 +49,7 @@ jobs: - name: ๐Ÿ› ๏ธ Setup Development Environment uses: ./.github/workflows/actions/setup-workspace with: - node-version: '20' + node-version: '24' - name: ๐Ÿ“Š Generate Build Information id: build-info diff --git a/.github/workflows/_ci-build-tauri-apps.reusable.yml b/.github/workflows/_ci-build-tauri-apps.reusable.yml index 0c7d6a5d2..7b4d37bef 100644 --- a/.github/workflows/_ci-build-tauri-apps.reusable.yml +++ b/.github/workflows/_ci-build-tauri-apps.reusable.yml @@ -59,7 +59,7 @@ jobs: - name: ๐Ÿ› ๏ธ Setup Development Environment uses: ./.github/workflows/actions/setup-workspace with: - node-version: '20' + node-version: '24' # Install Rust toolchain for Tauri compilation - name: ๐Ÿฆ€ Install Rust Toolchain diff --git a/.github/workflows/_ci-build-tauri-e2e-app.reusable.yml b/.github/workflows/_ci-build-tauri-e2e-app.reusable.yml index b03cfaaaa..0bb26a219 100644 --- a/.github/workflows/_ci-build-tauri-e2e-app.reusable.yml +++ b/.github/workflows/_ci-build-tauri-e2e-app.reusable.yml @@ -65,7 +65,7 @@ jobs: - name: ๐Ÿ› ๏ธ Setup Development Environment uses: ./.github/workflows/actions/setup-workspace with: - node-version: '20' + node-version: '24' - name: ๐Ÿฆ€ Install Rust Toolchain uses: dtolnay/rust-toolchain@stable diff --git a/.github/workflows/_ci-build-tauri-package-app.reusable.yml b/.github/workflows/_ci-build-tauri-package-app.reusable.yml index 955b3afbf..cdc38e4c6 100644 --- a/.github/workflows/_ci-build-tauri-package-app.reusable.yml +++ b/.github/workflows/_ci-build-tauri-package-app.reusable.yml @@ -61,7 +61,7 @@ jobs: - name: ๐Ÿ› ๏ธ Setup Development Environment uses: ./.github/workflows/actions/setup-workspace with: - node-version: '20' + node-version: '24' # Download the pre-built packages from the main build job # This ensures workspace dependencies (e.g. @wdio/native-spy dist/) are available diff --git a/.github/workflows/_ci-build.reusable.yml b/.github/workflows/_ci-build.reusable.yml index dd5b6c6e2..af7542e28 100644 --- a/.github/workflows/_ci-build.reusable.yml +++ b/.github/workflows/_ci-build.reusable.yml @@ -56,7 +56,7 @@ jobs: - name: ๐Ÿ› ๏ธ Setup Development Environment uses: ./.github/workflows/actions/setup-workspace with: - node-version: '20' + node-version: '24' # Generate build information for tracking - name: ๐Ÿ“Š Generate Build Information diff --git a/.github/workflows/_ci-lint.reusable.yml b/.github/workflows/_ci-lint.reusable.yml index c31f25a20..f9176cf7d 100644 --- a/.github/workflows/_ci-lint.reusable.yml +++ b/.github/workflows/_ci-lint.reusable.yml @@ -37,7 +37,7 @@ jobs: - name: ๐Ÿ› ๏ธ Setup Development Environment uses: ./.github/workflows/actions/setup-workspace with: - node-version: '20' + node-version: '24' # Cache ESLint and Prettier results - name: ๐Ÿ“ฆ Cache Linting Results diff --git a/.github/workflows/_ci-package.reusable.yml b/.github/workflows/_ci-package.reusable.yml index f72912f42..c9170cb09 100644 --- a/.github/workflows/_ci-package.reusable.yml +++ b/.github/workflows/_ci-package.reusable.yml @@ -61,7 +61,7 @@ jobs: - name: ๐Ÿ› ๏ธ Setup Development Environment uses: ./.github/workflows/actions/setup-workspace with: - node-version: '20' + node-version: '24' # Install Rust toolchain for auto-installing tauri-driver if testing Tauri service # The @wdio/tauri-service will automatically install tauri-driver via cargo if not found diff --git a/.github/workflows/_ci-unit.reusable.yml b/.github/workflows/_ci-unit.reusable.yml index 46f72255b..34b5f69d3 100644 --- a/.github/workflows/_ci-unit.reusable.yml +++ b/.github/workflows/_ci-unit.reusable.yml @@ -47,7 +47,7 @@ jobs: - name: ๐Ÿ› ๏ธ Setup Development Environment uses: ./.github/workflows/actions/setup-workspace with: - node-version: '20' + node-version: '24' # Download the pre-built packages from the build job # This ensures all tests use the same build artifacts diff --git a/.github/workflows/_release-publish.reusable.yml b/.github/workflows/_release-publish.reusable.yml index d461771da..3c70965b4 100644 --- a/.github/workflows/_release-publish.reusable.yml +++ b/.github/workflows/_release-publish.reusable.yml @@ -176,6 +176,18 @@ jobs: fi + # Request OIDC token for NPM + - name: Request OIDC token for NPM + if: ${{ !inputs.dry_run }} + run: | + # Request OIDC token from GitHub Actions + TOKEN=$(curl -s -H "Authorization: Bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" \ + "$ACTIONS_ID_TOKEN_REQUEST_URL&audience=npm:registry.npmjs.org" | jq -r '.value') + echo "NPM_ID_TOKEN=$TOKEN" >> $GITHUB_ENV + # Configure both npm and pnpm to use the OIDC token + npm config set //registry.npmjs.org/:_authToken "$TOKEN" + pnpm config set //registry.npmjs.org/:_authToken "$TOKEN" + # Publish all versioned packages to NPM - name: Publish to NPM env: diff --git a/.github/workflows/actions/setup-workspace/action.yml b/.github/workflows/actions/setup-workspace/action.yml index f50969884..16fb6122c 100644 --- a/.github/workflows/actions/setup-workspace/action.yml +++ b/.github/workflows/actions/setup-workspace/action.yml @@ -2,8 +2,9 @@ name: 'Setup Development Environment' description: 'Sets up Node.js environment with PNPM for CI/CD workflows' inputs: node-version: - description: 'Node.js version to use for the environment (e.g., "20")' - required: true + description: 'Node.js version to use for the environment (e.g., "24")' + required: false + default: '24' runs: using: composite diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b739314fb..4ec35de5e 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -354,7 +354,7 @@ jobs: secrets: inherit with: os: ${{ matrix.os }} - node-version: '20' + node-version: '24' scenario: ${{ matrix.scenario }} build_id: ${{ needs.build.outputs.build_id }} artifact_size: ${{ needs.build.outputs.artifact_size }} @@ -382,7 +382,7 @@ jobs: secrets: inherit with: os: ${{ matrix.os }} - node-version: '20' + node-version: '24' scenario: ${{ matrix.scenario }} variant: window build_id: ${{ needs.build.outputs.build_id }} @@ -403,7 +403,7 @@ jobs: secrets: inherit with: os: 'ubuntu-latest' - node-version: '20' + node-version: '24' scenario: ${{ matrix.scenario }} test-type: ${{ matrix.test-type }} build_id: ${{ needs.build.outputs.build_id }} @@ -425,7 +425,7 @@ jobs: secrets: inherit with: os: 'windows-latest' - node-version: '20' + node-version: '24' scenario: ${{ matrix.scenario }} test-type: ${{ matrix.test-type }} build_id: ${{ needs.build.outputs.build_id }} @@ -472,7 +472,7 @@ jobs: secrets: inherit with: os: ${{ matrix.os }} - node-version: '20' + node-version: '24' scenario: ${{ matrix.scenario }} test-type: ${{ matrix.test-type }} build_id: ${{ needs.build.outputs.build_id }} @@ -494,7 +494,7 @@ jobs: secrets: inherit with: os: 'ubuntu-latest' - node-version: '20' + node-version: '24' scenario: 'tauri-basic-embedded' test-type: ${{ matrix.test-type }} build_id: ${{ needs.build.outputs.build_id }} @@ -514,7 +514,7 @@ jobs: secrets: inherit with: os: 'windows-latest' - node-version: '20' + node-version: '24' scenario: 'tauri-basic-embedded' test-type: ${{ matrix.test-type }} build_id: ${{ needs.build.outputs.build_id }} @@ -535,7 +535,7 @@ jobs: secrets: inherit with: os: 'macos-latest' - node-version: '20' + node-version: '24' scenario: 'tauri-basic-embedded' test-type: ${{ matrix.test-type }} build_id: ${{ needs.build.outputs.build_id }} @@ -555,7 +555,7 @@ jobs: secrets: inherit with: os: 'macos-15-intel' - node-version: '20' + node-version: '24' scenario: 'tauri-basic-embedded' test-type: ${{ matrix.test-type }} build_id: ${{ needs.build.outputs.build_id }} @@ -577,7 +577,7 @@ jobs: secrets: inherit with: os: 'ubuntu-latest' - node-version: '20' + node-version: '24' scenario: 'tauri-basic-crabnebula' test-type: ${{ matrix.test-type }} build_id: ${{ needs.build.outputs.build_id }} @@ -597,7 +597,7 @@ jobs: secrets: inherit with: os: 'windows-latest' - node-version: '20' + node-version: '24' scenario: 'tauri-basic-crabnebula' test-type: ${{ matrix.test-type }} build_id: ${{ needs.build.outputs.build_id }} @@ -617,7 +617,7 @@ jobs: secrets: inherit with: os: 'macos-latest' - node-version: '20' + node-version: '24' scenario: 'tauri-basic-crabnebula' test-type: ${{ matrix.test-type }} build_id: ${{ needs.build.outputs.build_id }} @@ -637,7 +637,7 @@ jobs: secrets: inherit with: os: 'macos-15-intel' - node-version: '20' + node-version: '24' scenario: 'tauri-basic-crabnebula' test-type: ${{ matrix.test-type }} build_id: ${{ needs.build.outputs.build_id }} @@ -658,7 +658,7 @@ jobs: - name: ๐Ÿ› ๏ธ Setup Development Environment uses: ./.github/workflows/actions/setup-workspace with: - node-version: '20' + node-version: '24' - name: ๐Ÿ“ฆ Download Build Artifacts uses: ./.github/workflows/actions/download-archive diff --git a/.github/workflows/release-native.yml b/.github/workflows/release-native.yml index 0d82cbeab..bcfa8db6e 100644 --- a/.github/workflows/release-native.yml +++ b/.github/workflows/release-native.yml @@ -38,18 +38,16 @@ jobs: fetch-depth: 0 token: ${{ secrets.GITHUB_TOKEN }} - - name: Setup pnpm - uses: pnpm/action-setup@v4 - - name: Setup Node.js uses: actions/setup-node@v6 with: - node-version: '20' - cache: 'pnpm' + node-version: '24' registry-url: 'https://registry.npmjs.org' - - name: Install dependencies - run: pnpm install --frozen-lockfile + - name: Setup pnpm + uses: pnpm/action-setup@v4 + with: + run_install: true - name: Build packages run: pnpm turbo run build --filter='@wdio/native-types...' --filter='@wdio/native-utils...' @@ -144,32 +142,32 @@ jobs: # Note: Commits and tags created locally by package-versioner # Push will happen after successful publish - - name: Configure NPM registry - if: ${{ !inputs.dry_run }} - run: | - pnpm config set registry "https://registry.npmjs.org/" - - name: Publish to NPM + id: publish env: NPM_CONFIG_PROVENANCE: true run: | if [ "${{ inputs.dry_run }}" = "true" ]; then echo "๐Ÿงช DRY RUN: Testing NPM publish (will not actually publish)" - DRY_RUN_FLAG="--dry-run" + echo "Would publish @wdio/native-types@${{ steps.version.outputs.types_version }}..." + echo "Would publish @wdio/native-utils@${{ steps.version.outputs.utils_version }}..." else echo "๐Ÿš€ LIVE RELEASE: Publishing to NPM" - DRY_RUN_FLAG="" - fi - echo "Publishing @wdio/native-types@${{ steps.version.outputs.types_version }}..." - cd packages/native-types - pnpm publish --access public --no-git-checks $DRY_RUN_FLAG - cd ../.. + # Read actual versions from package.json after bumping + TYPES_VERSION=$(jq -r '.version' packages/native-types/package.json) + UTILS_VERSION=$(jq -r '.version' packages/native-utils/package.json) + + echo "Publishing @wdio/native-types@${TYPES_VERSION}..." + pnpm --filter @wdio/native-types publish --access public --no-git-checks --provenance + + echo "Publishing @wdio/native-utils@${UTILS_VERSION}..." + pnpm --filter @wdio/native-utils publish --access public --no-git-checks --provenance - echo "Publishing @wdio/native-utils@${{ steps.version.outputs.utils_version }}..." - cd packages/native-utils - pnpm publish --access public --no-git-checks $DRY_RUN_FLAG - cd ../.. + # Output actual published versions for later steps + echo "types_version=${TYPES_VERSION}" >> $GITHUB_OUTPUT + echo "utils_version=${UTILS_VERSION}" >> $GITHUB_OUTPUT + fi - name: Push Version Commits and Tags if: ${{ !inputs.dry_run }} @@ -185,14 +183,14 @@ jobs: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | # Create release for native-types - gh release create "@wdio/native-types@v${{ steps.version.outputs.types_version }}" \ - --title "@wdio/native-types v${{ steps.version.outputs.types_version }}" \ + gh release create "@wdio/native-types@v${{ steps.publish.outputs.types_version }}" \ + --title "@wdio/native-types v${{ steps.publish.outputs.types_version }}" \ --notes-file packages/native-types/CHANGELOG.md \ --latest=false # Create release for native-utils - gh release create "@wdio/native-utils@v${{ steps.version.outputs.utils_version }}" \ - --title "@wdio/native-utils v${{ steps.version.outputs.utils_version }}" \ + gh release create "@wdio/native-utils@v${{ steps.publish.outputs.utils_version }}" \ + --title "@wdio/native-utils v${{ steps.publish.outputs.utils_version }}" \ --notes-file packages/native-utils/CHANGELOG.md \ --latest=false @@ -207,8 +205,13 @@ jobs: echo "### ๐Ÿ“‹ Package Versions" >> $GITHUB_STEP_SUMMARY echo "| Package | Target Version | Status |" >> $GITHUB_STEP_SUMMARY echo "|---------|----------------|--------|" >> $GITHUB_STEP_SUMMARY - echo "| @wdio/native-types | ${{ steps.version.outputs.types_version }} | ${{ inputs.dry_run && '๐Ÿงช Dry run tested' || 'โœ… Published' }} |" >> $GITHUB_STEP_SUMMARY - echo "| @wdio/native-utils | ${{ steps.version.outputs.utils_version }} | ${{ inputs.dry_run && '๐Ÿงช Dry run tested' || 'โœ… Published' }} |" >> $GITHUB_STEP_SUMMARY + if [ "${{ inputs.dry_run }}" = "true" ]; then + echo "| @wdio/native-types | ${{ steps.version.outputs.types_version }} | ๐Ÿงช Dry run tested |" >> $GITHUB_STEP_SUMMARY + echo "| @wdio/native-utils | ${{ steps.version.outputs.utils_version }} | ๐Ÿงช Dry run tested |" >> $GITHUB_STEP_SUMMARY + else + echo "| @wdio/native-types | ${{ steps.publish.outputs.types_version }} | โœ… Published |" >> $GITHUB_STEP_SUMMARY + echo "| @wdio/native-utils | ${{ steps.publish.outputs.utils_version }} | โœ… Published |" >> $GITHUB_STEP_SUMMARY + fi echo "" >> $GITHUB_STEP_SUMMARY if [ "${{ inputs.dry_run }}" = "true" ]; then diff --git a/.github/workflows/scripts/publish-npm.ts b/.github/workflows/scripts/publish-npm.ts index 1bb5861b2..7e648b991 100644 --- a/.github/workflows/scripts/publish-npm.ts +++ b/.github/workflows/scripts/publish-npm.ts @@ -101,7 +101,7 @@ async function main() { // Skip private packages if (pkgJson.private) { - console.log(` โญ๏ธ Skipping private package`); + console.log(' โญ๏ธ Skipping private package'); skipped.push(scopedName); continue; } @@ -116,7 +116,7 @@ async function main() { if (fs.existsSync(licensePath)) { try { fs.copyFileSync(licensePath, targetLicensePath); - console.log(` ๐Ÿ“„ Copied LICENSE file`); + console.log(' ๐Ÿ“„ Copied LICENSE file'); } catch (error) { console.warn(` โš ๏ธ Warning: Could not copy LICENSE file: ${(error as Error).message}`); } @@ -129,11 +129,11 @@ async function main() { console.log(` ๐Ÿ” Dry run - would publish to NPM with tag "${npmTag}"`); published.push(scopedName); } else { - // Use pnpm publish with the specific package filter + // Use pnpm publish - it auto-detects NPM_ID_TOKEN for OIDC when available // --provenance flag enables OIDC trusted publishing const publishCmd = `pnpm --filter ${scopedName} publish --tag ${npmTag} --access public --no-git-checks --provenance`; runCommand(publishCmd); - console.log(` โœ… Published successfully`); + console.log(' โœ… Published successfully'); published.push(scopedName); } } catch (error) {