Add GitHub Packages publishing to release workflow#13
Conversation
Co-authored-by: yuki-js <20838151+yuki-js@users.noreply.github.com>
Co-authored-by: yuki-js <20838151+yuki-js@users.noreply.github.com>
…on note Co-authored-by: yuki-js <20838151+yuki-js@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
This PR enables dual-publishing of the @aokiapp/tlv package to both npm and GitHub Packages registries through GitHub Actions when releases are created.
- Added GitHub Packages publishing step in the release workflow that triggers after successful npm publish
- Created registry configuration file (
.npmrc) for the@aokiappscope - Updated documentation with installation instructions for both registries
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 3 comments.
| File | Description |
|---|---|
.npmrc |
Adds registry configuration pointing @aokiapp scope to GitHub Packages with token authentication |
.github/workflows/release.yml |
Extends release workflow to publish to GitHub Packages after npm publish, with separate Node.js setup steps for each registry |
README.md |
Documents installation instructions for both npm and GitHub Packages, including authentication requirements and automatic publishing behavior |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
.npmrc
Outdated
| @aokiapp:registry=https://npm.pkg.github.com | ||
| //npm.pkg.github.com/:_authToken=${NODE_AUTH_TOKEN} |
There was a problem hiding this comment.
This .npmrc configuration will interfere with npm registry publishing. By setting the registry for the @aokiapp scope globally, all npm operations for @aokiapp/tlv (including the initial npm publish in the workflow) will attempt to use GitHub Packages registry instead of the npm registry.
This configuration should either be:
- Removed entirely and rely on the
registry-urlparameter inactions/setup-nodeto configure the registry per step, or - Only applied conditionally during the GitHub Packages publish step (e.g., by creating the file dynamically in the workflow)
The workflow's registry-url parameter in actions/setup-node should be sufficient to configure the appropriate registry for each publish step without needing this file.
| @aokiapp:registry=https://npm.pkg.github.com | |
| //npm.pkg.github.com/:_authToken=${NODE_AUTH_TOKEN} |
There was a problem hiding this comment.
Fixed in bd8307f - removed .npmrc file entirely. The workflow now relies solely on registry-url parameter in actions/setup-node to configure registries per step.
.github/workflows/release.yml
Outdated
|
|
||
| - name: Publish to GitHub Packages | ||
| if: steps.changesets.outputs.published == 'true' | ||
| run: npm publish |
There was a problem hiding this comment.
The GitHub Packages publish step should rebuild the package before publishing. When npm run release executes (which runs npm run build && changeset publish), it builds the package for npm. However, when publishing to GitHub Packages, you're reusing the same built artifacts without rebuilding. This could be problematic if:
- The build process embeds registry URLs or configuration
- You want to ensure a clean build for each registry
- There are any registry-specific modifications needed
Consider adding npm run build before the npm publish command, or ensuring that the build artifacts are registry-agnostic. For example:
run: npm run build && npm publish| run: npm publish | |
| run: npm run build && npm publish |
There was a problem hiding this comment.
Fixed in bd8307f - added npm run build before npm publish in the GitHub Packages publish step to ensure a clean build.
README.md
Outdated
| npm run changelog # Create changeset | ||
| npm run version # Update version | ||
| npm run publish # Publish to npm | ||
| npm run publish # Publish to npm (manual, or use GitHub Actions) |
There was a problem hiding this comment.
The comment is misleading - it suggests npm publish is "manual, or use GitHub Actions", but based on the workflow, npm publish is automated via the changesets action. The manual commands shown are for local development/testing, not the primary release method.
Consider clarifying this to make it clear that GitHub Actions is the primary/recommended method for releases, and manual publishing is only for special cases or local testing. For example: "Publish manually (for testing, otherwise use GitHub Actions)"
| npm run publish # Publish to npm (manual, or use GitHub Actions) | |
| npm run publish # Publish manually (for testing, otherwise use GitHub Actions) |
There was a problem hiding this comment.
Fixed in bd8307f - updated comment to clarify: "Publish manually (for testing, otherwise use GitHub Actions)"
…h prettier Co-authored-by: yuki-js <20838151+yuki-js@users.noreply.github.com>
Fixed in bd8307f - the CI failure was due to Prettier formatting issues in README.md and vitest.config.js. Both files have been formatted and should now pass the checks. |
Plan: Add GitHub Packages Publishing Support
This task adds support for publishing the library to GitHub Packages in addition to npm, using GitHub Actions.
Checklist:
Create .npmrc file for GitHub Packages authentication(Removed - not needed).npmrcfile (was interfering with npm publish)Summary of Changes:
Files Modified:
.github/workflows/release.yml- Enhanced to publish to both npm and GitHub Packages with rebuild.npmrcREADME.md- Updated with installation and release documentationvitest.config.js- Prettier formatting fixKey Implementation Details:
✅ Token Permissions: Workflow already has
packages: writepermission✅ Dual Publishing: Publishes to npm first, then rebuilds and publishes to GitHub Packages
✅ Conditional Logic: Only publishes to GitHub Packages when changesets actually publishes
✅ Authentication: Uses NPM_TOKEN for npm, GITHUB_TOKEN for GitHub Packages via registry-url
✅ No .npmrc needed: Registry configuration handled by actions/setup-node
✅ Rebuild before GitHub Packages: Ensures clean build for GitHub Packages
✅ Documentation: Clear instructions for users on both installation methods
✅ Security: No vulnerabilities detected by CodeQL scanner
✅ Formatting: All files pass Prettier checks
Original prompt
✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.