From 1b51fc15a05583e3c2c5382123e9a446b6241a52 Mon Sep 17 00:00:00 2001 From: Sam Maister Date: Fri, 6 Mar 2026 15:20:53 +0000 Subject: [PATCH 1/4] chore: update release workflow to streamline pnpm setup and publishing process - Reorganized the pnpm setup step to include automatic dependency installation. - Simplified the NPM publishing commands by using pnpm filters for package-specific publishing. - Removed unnecessary configuration steps for the NPM registry, enhancing clarity in the workflow. --- .github/workflows/release-native.yml | 33 ++++++++++------------------ 1 file changed, 11 insertions(+), 22 deletions(-) diff --git a/.github/workflows/release-native.yml b/.github/workflows/release-native.yml index 0d82cbeab..a51d710e0 100644 --- a/.github/workflows/release-native.yml +++ b/.github/workflows/release-native.yml @@ -38,18 +38,16 @@ jobs: fetch-depth: 0 token: ${{ secrets.GITHUB_TOKEN }} - - name: Setup pnpm - uses: pnpm/action-setup@v4 - - name: Setup Node.js uses: actions/setup-node@v6 with: node-version: '20' - cache: 'pnpm' registry-url: 'https://registry.npmjs.org' - - name: Install dependencies - run: pnpm install --frozen-lockfile + - name: Setup pnpm + uses: pnpm/action-setup@v4 + with: + run_install: true - name: Build packages run: pnpm turbo run build --filter='@wdio/native-types...' --filter='@wdio/native-utils...' @@ -144,32 +142,23 @@ jobs: # Note: Commits and tags created locally by package-versioner # Push will happen after successful publish - - name: Configure NPM registry - if: ${{ !inputs.dry_run }} - run: | - pnpm config set registry "https://registry.npmjs.org/" - - name: Publish to NPM env: NPM_CONFIG_PROVENANCE: true run: | if [ "${{ inputs.dry_run }}" = "true" ]; then echo "๐Ÿงช DRY RUN: Testing NPM publish (will not actually publish)" - DRY_RUN_FLAG="--dry-run" + echo "Would publish @wdio/native-types@${{ steps.version.outputs.types_version }}..." + echo "Would publish @wdio/native-utils@${{ steps.version.outputs.utils_version }}..." else echo "๐Ÿš€ LIVE RELEASE: Publishing to NPM" - DRY_RUN_FLAG="" - fi - echo "Publishing @wdio/native-types@${{ steps.version.outputs.types_version }}..." - cd packages/native-types - pnpm publish --access public --no-git-checks $DRY_RUN_FLAG - cd ../.. + echo "Publishing @wdio/native-types@${{ steps.version.outputs.types_version }}..." + pnpm --filter @wdio/native-types publish --access public --no-git-checks --provenance - echo "Publishing @wdio/native-utils@${{ steps.version.outputs.utils_version }}..." - cd packages/native-utils - pnpm publish --access public --no-git-checks $DRY_RUN_FLAG - cd ../.. + echo "Publishing @wdio/native-utils@${{ steps.version.outputs.utils_version }}..." + pnpm --filter @wdio/native-utils publish --access public --no-git-checks --provenance + fi - name: Push Version Commits and Tags if: ${{ !inputs.dry_run }} From 7ab324d90b61a413eaae5e2547a43b6a71bf4e33 Mon Sep 17 00:00:00 2001 From: Sam Maister Date: Fri, 6 Mar 2026 15:30:55 +0000 Subject: [PATCH 2/4] chore: enhance NPM publishing process in release workflow - Added step to read actual package versions from package.json before publishing. - Updated release creation commands to use the newly published versions. - Improved output for package version status in the GitHub step summary, differentiating between dry run and actual publish results. --- .github/workflows/release-native.yml | 30 ++++++++++++++++++++-------- 1 file changed, 22 insertions(+), 8 deletions(-) diff --git a/.github/workflows/release-native.yml b/.github/workflows/release-native.yml index a51d710e0..f768ed1f9 100644 --- a/.github/workflows/release-native.yml +++ b/.github/workflows/release-native.yml @@ -143,6 +143,7 @@ jobs: # Push will happen after successful publish - name: Publish to NPM + id: publish env: NPM_CONFIG_PROVENANCE: true run: | @@ -153,11 +154,19 @@ jobs: else echo "๐Ÿš€ LIVE RELEASE: Publishing to NPM" - echo "Publishing @wdio/native-types@${{ steps.version.outputs.types_version }}..." + # Read actual versions from package.json after bumping + TYPES_VERSION=$(jq -r '.version' packages/native-types/package.json) + UTILS_VERSION=$(jq -r '.version' packages/native-utils/package.json) + + echo "Publishing @wdio/native-types@${TYPES_VERSION}..." pnpm --filter @wdio/native-types publish --access public --no-git-checks --provenance - echo "Publishing @wdio/native-utils@${{ steps.version.outputs.utils_version }}..." + echo "Publishing @wdio/native-utils@${UTILS_VERSION}..." pnpm --filter @wdio/native-utils publish --access public --no-git-checks --provenance + + # Output actual published versions for later steps + echo "types_version=${TYPES_VERSION}" >> $GITHUB_OUTPUT + echo "utils_version=${UTILS_VERSION}" >> $GITHUB_OUTPUT fi - name: Push Version Commits and Tags @@ -174,14 +183,14 @@ jobs: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | # Create release for native-types - gh release create "@wdio/native-types@v${{ steps.version.outputs.types_version }}" \ - --title "@wdio/native-types v${{ steps.version.outputs.types_version }}" \ + gh release create "@wdio/native-types@v${{ steps.publish.outputs.types_version }}" \ + --title "@wdio/native-types v${{ steps.publish.outputs.types_version }}" \ --notes-file packages/native-types/CHANGELOG.md \ --latest=false # Create release for native-utils - gh release create "@wdio/native-utils@v${{ steps.version.outputs.utils_version }}" \ - --title "@wdio/native-utils v${{ steps.version.outputs.utils_version }}" \ + gh release create "@wdio/native-utils@v${{ steps.publish.outputs.utils_version }}" \ + --title "@wdio/native-utils v${{ steps.publish.outputs.utils_version }}" \ --notes-file packages/native-utils/CHANGELOG.md \ --latest=false @@ -196,8 +205,13 @@ jobs: echo "### ๐Ÿ“‹ Package Versions" >> $GITHUB_STEP_SUMMARY echo "| Package | Target Version | Status |" >> $GITHUB_STEP_SUMMARY echo "|---------|----------------|--------|" >> $GITHUB_STEP_SUMMARY - echo "| @wdio/native-types | ${{ steps.version.outputs.types_version }} | ${{ inputs.dry_run && '๐Ÿงช Dry run tested' || 'โœ… Published' }} |" >> $GITHUB_STEP_SUMMARY - echo "| @wdio/native-utils | ${{ steps.version.outputs.utils_version }} | ${{ inputs.dry_run && '๐Ÿงช Dry run tested' || 'โœ… Published' }} |" >> $GITHUB_STEP_SUMMARY + if [ "${{ inputs.dry_run }}" = "true" ]; then + echo "| @wdio/native-types | ${{ steps.version.outputs.types_version }} | ๐Ÿงช Dry run tested |" >> $GITHUB_STEP_SUMMARY + echo "| @wdio/native-utils | ${{ steps.version.outputs.utils_version }} | ๐Ÿงช Dry run tested |" >> $GITHUB_STEP_SUMMARY + else + echo "| @wdio/native-types | ${{ steps.publish.outputs.types_version }} | โœ… Published |" >> $GITHUB_STEP_SUMMARY + echo "| @wdio/native-utils | ${{ steps.publish.outputs.utils_version }} | โœ… Published |" >> $GITHUB_STEP_SUMMARY + fi echo "" >> $GITHUB_STEP_SUMMARY if [ "${{ inputs.dry_run }}" = "true" ]; then From 7c6a37bb54d73fb80284c738509a994ab579c602 Mon Sep 17 00:00:00 2001 From: Sam Maister Date: Sat, 7 Mar 2026 19:01:55 +0000 Subject: [PATCH 3/4] chore: update Node.js version in CI workflows to 24 - Changed the Node.js version from 20 to 24 across multiple CI workflows to ensure compatibility with the latest features and improvements. --- ...i-build-electron-package-apps.reusable.yml | 2 +- .../_ci-build-tauri-apps.reusable.yml | 2 +- .../_ci-build-tauri-e2e-app.reusable.yml | 2 +- .../_ci-build-tauri-package-app.reusable.yml | 2 +- .github/workflows/_ci-build.reusable.yml | 2 +- .github/workflows/_ci-lint.reusable.yml | 2 +- .github/workflows/_ci-package.reusable.yml | 2 +- .github/workflows/_ci-unit.reusable.yml | 2 +- .../workflows/_release-publish.reusable.yml | 12 ++++++++ .../actions/setup-workspace/action.yml | 5 ++-- .github/workflows/ci.yml | 28 +++++++++---------- .github/workflows/release-native.yml | 2 +- 12 files changed, 38 insertions(+), 25 deletions(-) diff --git a/.github/workflows/_ci-build-electron-package-apps.reusable.yml b/.github/workflows/_ci-build-electron-package-apps.reusable.yml index b8ab731c0..b99ed2768 100644 --- a/.github/workflows/_ci-build-electron-package-apps.reusable.yml +++ b/.github/workflows/_ci-build-electron-package-apps.reusable.yml @@ -49,7 +49,7 @@ jobs: - name: ๐Ÿ› ๏ธ Setup Development Environment uses: ./.github/workflows/actions/setup-workspace with: - node-version: '20' + node-version: '24' - name: ๐Ÿ“Š Generate Build Information id: build-info diff --git a/.github/workflows/_ci-build-tauri-apps.reusable.yml b/.github/workflows/_ci-build-tauri-apps.reusable.yml index 0c7d6a5d2..7b4d37bef 100644 --- a/.github/workflows/_ci-build-tauri-apps.reusable.yml +++ b/.github/workflows/_ci-build-tauri-apps.reusable.yml @@ -59,7 +59,7 @@ jobs: - name: ๐Ÿ› ๏ธ Setup Development Environment uses: ./.github/workflows/actions/setup-workspace with: - node-version: '20' + node-version: '24' # Install Rust toolchain for Tauri compilation - name: ๐Ÿฆ€ Install Rust Toolchain diff --git a/.github/workflows/_ci-build-tauri-e2e-app.reusable.yml b/.github/workflows/_ci-build-tauri-e2e-app.reusable.yml index b03cfaaaa..0bb26a219 100644 --- a/.github/workflows/_ci-build-tauri-e2e-app.reusable.yml +++ b/.github/workflows/_ci-build-tauri-e2e-app.reusable.yml @@ -65,7 +65,7 @@ jobs: - name: ๐Ÿ› ๏ธ Setup Development Environment uses: ./.github/workflows/actions/setup-workspace with: - node-version: '20' + node-version: '24' - name: ๐Ÿฆ€ Install Rust Toolchain uses: dtolnay/rust-toolchain@stable diff --git a/.github/workflows/_ci-build-tauri-package-app.reusable.yml b/.github/workflows/_ci-build-tauri-package-app.reusable.yml index 955b3afbf..cdc38e4c6 100644 --- a/.github/workflows/_ci-build-tauri-package-app.reusable.yml +++ b/.github/workflows/_ci-build-tauri-package-app.reusable.yml @@ -61,7 +61,7 @@ jobs: - name: ๐Ÿ› ๏ธ Setup Development Environment uses: ./.github/workflows/actions/setup-workspace with: - node-version: '20' + node-version: '24' # Download the pre-built packages from the main build job # This ensures workspace dependencies (e.g. @wdio/native-spy dist/) are available diff --git a/.github/workflows/_ci-build.reusable.yml b/.github/workflows/_ci-build.reusable.yml index dd5b6c6e2..af7542e28 100644 --- a/.github/workflows/_ci-build.reusable.yml +++ b/.github/workflows/_ci-build.reusable.yml @@ -56,7 +56,7 @@ jobs: - name: ๐Ÿ› ๏ธ Setup Development Environment uses: ./.github/workflows/actions/setup-workspace with: - node-version: '20' + node-version: '24' # Generate build information for tracking - name: ๐Ÿ“Š Generate Build Information diff --git a/.github/workflows/_ci-lint.reusable.yml b/.github/workflows/_ci-lint.reusable.yml index c31f25a20..f9176cf7d 100644 --- a/.github/workflows/_ci-lint.reusable.yml +++ b/.github/workflows/_ci-lint.reusable.yml @@ -37,7 +37,7 @@ jobs: - name: ๐Ÿ› ๏ธ Setup Development Environment uses: ./.github/workflows/actions/setup-workspace with: - node-version: '20' + node-version: '24' # Cache ESLint and Prettier results - name: ๐Ÿ“ฆ Cache Linting Results diff --git a/.github/workflows/_ci-package.reusable.yml b/.github/workflows/_ci-package.reusable.yml index f72912f42..c9170cb09 100644 --- a/.github/workflows/_ci-package.reusable.yml +++ b/.github/workflows/_ci-package.reusable.yml @@ -61,7 +61,7 @@ jobs: - name: ๐Ÿ› ๏ธ Setup Development Environment uses: ./.github/workflows/actions/setup-workspace with: - node-version: '20' + node-version: '24' # Install Rust toolchain for auto-installing tauri-driver if testing Tauri service # The @wdio/tauri-service will automatically install tauri-driver via cargo if not found diff --git a/.github/workflows/_ci-unit.reusable.yml b/.github/workflows/_ci-unit.reusable.yml index 46f72255b..34b5f69d3 100644 --- a/.github/workflows/_ci-unit.reusable.yml +++ b/.github/workflows/_ci-unit.reusable.yml @@ -47,7 +47,7 @@ jobs: - name: ๐Ÿ› ๏ธ Setup Development Environment uses: ./.github/workflows/actions/setup-workspace with: - node-version: '20' + node-version: '24' # Download the pre-built packages from the build job # This ensures all tests use the same build artifacts diff --git a/.github/workflows/_release-publish.reusable.yml b/.github/workflows/_release-publish.reusable.yml index d461771da..3c70965b4 100644 --- a/.github/workflows/_release-publish.reusable.yml +++ b/.github/workflows/_release-publish.reusable.yml @@ -176,6 +176,18 @@ jobs: fi + # Request OIDC token for NPM + - name: Request OIDC token for NPM + if: ${{ !inputs.dry_run }} + run: | + # Request OIDC token from GitHub Actions + TOKEN=$(curl -s -H "Authorization: Bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" \ + "$ACTIONS_ID_TOKEN_REQUEST_URL&audience=npm:registry.npmjs.org" | jq -r '.value') + echo "NPM_ID_TOKEN=$TOKEN" >> $GITHUB_ENV + # Configure both npm and pnpm to use the OIDC token + npm config set //registry.npmjs.org/:_authToken "$TOKEN" + pnpm config set //registry.npmjs.org/:_authToken "$TOKEN" + # Publish all versioned packages to NPM - name: Publish to NPM env: diff --git a/.github/workflows/actions/setup-workspace/action.yml b/.github/workflows/actions/setup-workspace/action.yml index f50969884..16fb6122c 100644 --- a/.github/workflows/actions/setup-workspace/action.yml +++ b/.github/workflows/actions/setup-workspace/action.yml @@ -2,8 +2,9 @@ name: 'Setup Development Environment' description: 'Sets up Node.js environment with PNPM for CI/CD workflows' inputs: node-version: - description: 'Node.js version to use for the environment (e.g., "20")' - required: true + description: 'Node.js version to use for the environment (e.g., "24")' + required: false + default: '24' runs: using: composite diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b739314fb..4ec35de5e 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -354,7 +354,7 @@ jobs: secrets: inherit with: os: ${{ matrix.os }} - node-version: '20' + node-version: '24' scenario: ${{ matrix.scenario }} build_id: ${{ needs.build.outputs.build_id }} artifact_size: ${{ needs.build.outputs.artifact_size }} @@ -382,7 +382,7 @@ jobs: secrets: inherit with: os: ${{ matrix.os }} - node-version: '20' + node-version: '24' scenario: ${{ matrix.scenario }} variant: window build_id: ${{ needs.build.outputs.build_id }} @@ -403,7 +403,7 @@ jobs: secrets: inherit with: os: 'ubuntu-latest' - node-version: '20' + node-version: '24' scenario: ${{ matrix.scenario }} test-type: ${{ matrix.test-type }} build_id: ${{ needs.build.outputs.build_id }} @@ -425,7 +425,7 @@ jobs: secrets: inherit with: os: 'windows-latest' - node-version: '20' + node-version: '24' scenario: ${{ matrix.scenario }} test-type: ${{ matrix.test-type }} build_id: ${{ needs.build.outputs.build_id }} @@ -472,7 +472,7 @@ jobs: secrets: inherit with: os: ${{ matrix.os }} - node-version: '20' + node-version: '24' scenario: ${{ matrix.scenario }} test-type: ${{ matrix.test-type }} build_id: ${{ needs.build.outputs.build_id }} @@ -494,7 +494,7 @@ jobs: secrets: inherit with: os: 'ubuntu-latest' - node-version: '20' + node-version: '24' scenario: 'tauri-basic-embedded' test-type: ${{ matrix.test-type }} build_id: ${{ needs.build.outputs.build_id }} @@ -514,7 +514,7 @@ jobs: secrets: inherit with: os: 'windows-latest' - node-version: '20' + node-version: '24' scenario: 'tauri-basic-embedded' test-type: ${{ matrix.test-type }} build_id: ${{ needs.build.outputs.build_id }} @@ -535,7 +535,7 @@ jobs: secrets: inherit with: os: 'macos-latest' - node-version: '20' + node-version: '24' scenario: 'tauri-basic-embedded' test-type: ${{ matrix.test-type }} build_id: ${{ needs.build.outputs.build_id }} @@ -555,7 +555,7 @@ jobs: secrets: inherit with: os: 'macos-15-intel' - node-version: '20' + node-version: '24' scenario: 'tauri-basic-embedded' test-type: ${{ matrix.test-type }} build_id: ${{ needs.build.outputs.build_id }} @@ -577,7 +577,7 @@ jobs: secrets: inherit with: os: 'ubuntu-latest' - node-version: '20' + node-version: '24' scenario: 'tauri-basic-crabnebula' test-type: ${{ matrix.test-type }} build_id: ${{ needs.build.outputs.build_id }} @@ -597,7 +597,7 @@ jobs: secrets: inherit with: os: 'windows-latest' - node-version: '20' + node-version: '24' scenario: 'tauri-basic-crabnebula' test-type: ${{ matrix.test-type }} build_id: ${{ needs.build.outputs.build_id }} @@ -617,7 +617,7 @@ jobs: secrets: inherit with: os: 'macos-latest' - node-version: '20' + node-version: '24' scenario: 'tauri-basic-crabnebula' test-type: ${{ matrix.test-type }} build_id: ${{ needs.build.outputs.build_id }} @@ -637,7 +637,7 @@ jobs: secrets: inherit with: os: 'macos-15-intel' - node-version: '20' + node-version: '24' scenario: 'tauri-basic-crabnebula' test-type: ${{ matrix.test-type }} build_id: ${{ needs.build.outputs.build_id }} @@ -658,7 +658,7 @@ jobs: - name: ๐Ÿ› ๏ธ Setup Development Environment uses: ./.github/workflows/actions/setup-workspace with: - node-version: '20' + node-version: '24' - name: ๐Ÿ“ฆ Download Build Artifacts uses: ./.github/workflows/actions/download-archive diff --git a/.github/workflows/release-native.yml b/.github/workflows/release-native.yml index f768ed1f9..bcfa8db6e 100644 --- a/.github/workflows/release-native.yml +++ b/.github/workflows/release-native.yml @@ -41,7 +41,7 @@ jobs: - name: Setup Node.js uses: actions/setup-node@v6 with: - node-version: '20' + node-version: '24' registry-url: 'https://registry.npmjs.org' - name: Setup pnpm From 1e824694ce4d61e81e1c2c8591e56bf185ca859d Mon Sep 17 00:00:00 2001 From: Sam Maister Date: Sat, 7 Mar 2026 19:02:11 +0000 Subject: [PATCH 4/4] chore: improve logging consistency in NPM publishing script - Updated console log statements in the publish-npm script to use single quotes for consistency. - Enhanced comments to clarify the use of pnpm publish command with OIDC support. --- .github/workflows/scripts/publish-npm.ts | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/scripts/publish-npm.ts b/.github/workflows/scripts/publish-npm.ts index 1bb5861b2..7e648b991 100644 --- a/.github/workflows/scripts/publish-npm.ts +++ b/.github/workflows/scripts/publish-npm.ts @@ -101,7 +101,7 @@ async function main() { // Skip private packages if (pkgJson.private) { - console.log(` โญ๏ธ Skipping private package`); + console.log(' โญ๏ธ Skipping private package'); skipped.push(scopedName); continue; } @@ -116,7 +116,7 @@ async function main() { if (fs.existsSync(licensePath)) { try { fs.copyFileSync(licensePath, targetLicensePath); - console.log(` ๐Ÿ“„ Copied LICENSE file`); + console.log(' ๐Ÿ“„ Copied LICENSE file'); } catch (error) { console.warn(` โš ๏ธ Warning: Could not copy LICENSE file: ${(error as Error).message}`); } @@ -129,11 +129,11 @@ async function main() { console.log(` ๐Ÿ” Dry run - would publish to NPM with tag "${npmTag}"`); published.push(scopedName); } else { - // Use pnpm publish with the specific package filter + // Use pnpm publish - it auto-detects NPM_ID_TOKEN for OIDC when available // --provenance flag enables OIDC trusted publishing const publishCmd = `pnpm --filter ${scopedName} publish --tag ${npmTag} --access public --no-git-checks --provenance`; runCommand(publishCmd); - console.log(` โœ… Published successfully`); + console.log(' โœ… Published successfully'); published.push(scopedName); } } catch (error) {