Skip to content

update workflow #113

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
bourgeoa merged 2 commits into from
Jan 25, 2026
Merged

update workflow #113

bourgeoa merged 2 commits into from
Jan 25, 2026

Conversation

@PreciousOritsedere
Copy link
Contributor

@PreciousOritsedere PreciousOritsedere commented Jan 23, 2026

No description provided.

Copilot AI review requested due to automatic review settings January 23, 2026 12:02
Copilot AI reviewed Jan 23, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR updates the CI/CD workflow configuration and corrects the repository URL. The changes modernize the npm publishing process by migrating from token-based authentication to OIDC (OpenID Connect) authentication, which is a more secure approach for publishing packages to npm.

Changes:

  • Updated repository URL from solid/source-pane to SolidOS/source-pane in package.json
  • Migrated npm publishing from JS-DevTools/npm-publish action to native npm publish commands with OIDC authentication
  • Moved permissions configuration from workflow level to job level for better security scoping

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.

File Description
package.json Updated repository URL to reflect the correct GitHub organization
.github/workflows/ci.yml Modernized CI workflow with OIDC-based npm publishing, refined permissions scope, and simplified node version matrix syntax

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

.github/workflows/ci.yml
with:
token: ${{ secrets.NPM_TOKEN }}
tag: ${{ env.GITHUB_REF_SLUG }}
run: npm publish --tag ${{ env.GITHUB_REF_SLUG }}
Copy link

Copilot AI Jan 23, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The npm publish command should use the --provenance flag to generate provenance attestations. This provides transparency about package origin and build process. Add --provenance to the publish command.

Copilot uses AI. Check for mistakes.
.github/workflows/ci.yml
with:
token: ${{ secrets.NPM_TOKEN }}
tag: latest
run: npm publish --tag latest
Copy link

Copilot AI Jan 23, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The npm publish command should use the --provenance flag to generate provenance attestations. This provides transparency about package origin and build process. Add --provenance to the publish command.

Copilot uses AI. Check for mistakes.
@jeswr
Copy link

jeswr commented Jan 23, 2026

@PreciousOritsedere similarly to solid-ui you are going to need to update the branch protections here so that this will merge.

@PreciousOritsedere
Copy link
Contributor Author

PreciousOritsedere commented Jan 23, 2026

@PreciousOritsedere similarly to solid-ui you are going to need to update the branch protections here so that this will merge.

Could you guide me on what exactly needs to be updated in the branch protections for this and solid-ui as well?

@bourgeoa
Copy link
Contributor

bourgeoa commented Jan 25, 2026
edited
Loading

@PreciousOritsedere similarly to solid-ui you are going to need to update the branch protections here so that this will merge.

Could you guide me on what exactly needs to be updated in the branch protections for this and solid-ui as well?

I gave explanation in solid-ui look in Settings/Rules/Rulsets --> General rules
I needed it so I made it

You could try to add a Ruleset to chat-pane which has none. SolidOS/chat-pane#188

@bourgeoa bourgeoa merged commit 262ab8e into main Jan 25, 2026
5 checks passed
@PreciousOritsedere
Copy link
Contributor Author

PreciousOritsedere commented Jan 26, 2026

SolidOS/chat-pane#188

@bourgeoa I have added the ruleset now. Thank you for pointing that out

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@jeswr jeswr jeswr approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@PreciousOritsedere @jeswr @bourgeoa