Geoff Seemueller
36dc86ff8c
Added `contents: read` and `pull-requests: read` permissions to the `tests` and `publish` GitHub workflows. This enhances security by explicitly defining the required permissions for these jobs.
26 lines
475 B
YAML
26 lines
475 B
YAML
name: Publish
|
|
|
|
on:
|
|
release:
|
|
types: [created]
|
|
|
|
jobs:
|
|
publish:
|
|
permissions:
|
|
contents: read
|
|
pull-requests: read
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- uses: oven-sh/setup-bun@v2
|
|
with:
|
|
bun-version: latest
|
|
|
|
- name: Install dependencies
|
|
run: bun install --frozen-lockfile
|
|
|
|
- name: Publish
|
|
run: bun publish
|
|
env:
|
|
BUN_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
|