chore: upgrade semantic-release to v25 for OIDC support#43
chore: upgrade semantic-release to v25 for OIDC support#43ericanderson merged 2 commits intomainfrom
Conversation
- semantic-release v25 bundles @semantic-release/npm v13 which supports OIDC trusted publishing (no NPM_TOKEN needed) - Bump release workflow to Node 22 (npm >= 11.5.1 required for OIDC)
ericanderson
force-pushed
the
chore/upgrade-semantic-release-v25
branch
from
7c68a3a to
d1de40f
Compare
There was a problem hiding this comment.
Pull request overview
This PR upgrades the project’s release tooling to support npm OIDC trusted publishing by moving semantic-release to v25 and aligning the GitHub Actions release workflow to a newer Node.js runtime.
Changes:
- Bump
semantic-releasefrom^24.2.7to^25.0.3. - Update the release workflow to use Node.js 22.
- Regenerate
pnpm-lock.yamlto reflect updatedsemantic-releaseand transitive dependency versions.
Reviewed changes
Copilot reviewed 2 out of 3 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
package.json |
Updates the semantic-release devDependency to v25. |
pnpm-lock.yaml |
Locks updated semantic-release and its new transitive dependency graph (including npm v11+). |
.github/workflows/release.yml |
Bumps the Node version used by the release job to support OIDC publishing. |
Files not reviewed (1)
- pnpm-lock.yaml: Language not supported
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
.github/workflows/release.yml
Outdated
| uses: actions/setup-node@v4 | ||
| with: | ||
| node-version: 20 | ||
| node-version: 22 |
There was a problem hiding this comment.
semantic-release@25 (and @semantic-release/npm/@semantic-release/github) requires Node ^22.14.0 || >=24.10.0 per the lockfile. Using node-version: 22 can resolve to a 22.x version <22.14.0 on some runners/caches, which would break the release job at runtime. Pin the workflow to at least 22.14.0 (or use a semver range that guarantees >=22.14.0) so the release workflow always satisfies the engine requirement.
| node-version: 22 | |
| node-version: 22.14.0 |
- Set CI matrix to Node 24 only (drop 18 and 20) - Update release workflow to Node 24 - Update engines field to >=24.0.0
ericanderson
force-pushed
the
chore/upgrade-semantic-release-v25
branch
from
70c9d36 to
2cfc42e
Compare
|
🎉 This PR is included in version 1.0.0 🎉 The release is available on: Your semantic-release bot 📦🚀 |
Summary
semantic-releasefrom v24 to v25, which bundles@semantic-release/npmv13 with OIDC trusted publishing supportTest plan
pnpm compilesucceeds