From 818ae171f7e1434cd3ed0c2c6140456fbdc6554e Mon Sep 17 00:00:00 2001 From: MK Date: Tue, 9 Sep 2025 00:19:51 +0800 Subject: [PATCH 1/4] chore: add permissions to release --- README.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/README.md b/README.md index 1a6fe92..321dde7 100644 --- a/README.md +++ b/README.md @@ -164,6 +164,13 @@ on: # 手动发布 # workflow_dispatch: {} +permissions: + contents: write + deployments: write + issues: write + pull-requests: write + id-token: write + jobs: release: name: NPM From 5aa8776506cc1f075993c916314564f2e44a282b Mon Sep 17 00:00:00 2001 From: "MK (fengmk2)" Date: Thu, 23 Oct 2025 11:48:47 +0800 Subject: [PATCH 2/4] Make NPM_TOKEN optional in node-release workflow Changed NPM_TOKEN requirement from true to false. --- .github/workflows/node-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/node-release.yml b/.github/workflows/node-release.yml index 82fda97..35f1a49 100644 --- a/.github/workflows/node-release.yml +++ b/.github/workflows/node-release.yml @@ -5,7 +5,7 @@ on: secrets: NPM_TOKEN: description: 'npm token' - required: true + required: false GIT_TOKEN: description: 'github personal token' required: true From 3b7e5e1e1da896f7d596890bcbd8e3a32eb24942 Mon Sep 17 00:00:00 2001 From: "MK (fengmk2)" Date: Thu, 5 Mar 2026 17:08:51 +0800 Subject: [PATCH 3/4] fix: update semantic-release and @semantic-release/npm to stable versions (#17) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ## Problem `@semantic-release/npm@13.0.0-alpha.5` depends on `npm@github:npm/cli#oidc`, but the `oidc` branch has been deleted from the `npm/cli` repo, causing `npm install` to fail: ``` npm error command git --no-replace-objects checkout oidc npm error error: pathspec 'oidc' did not match any file(s) known to git ``` This breaks all downstream release workflows (e.g. [cnpm/unpkg-white-list](https://github.com/cnpm/unpkg-white-list/actions/runs/22700918457/job/65844808852)). ## Fix - `@semantic-release/npm`: `13.0.0-alpha.5` → `^13.1.5` (stable, uses `npm@^11.6.2` from registry) - `semantic-release`: `25.0.0-alpha.4` → `^25.0.3` (stable) ## Summary by CodeRabbit * **Chores** * Updated release automation dependencies to stable versions for enhanced reliability and compatibility. --- scripts/npm-release/package.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/npm-release/package.json b/scripts/npm-release/package.json index 2f2e5eb..3132bc5 100644 --- a/scripts/npm-release/package.json +++ b/scripts/npm-release/package.json @@ -3,7 +3,7 @@ "dependencies": { "@actions/core": "^1.10.0", "@actions/exec": "^1.1.1", - "@semantic-release/npm": "13.0.0-alpha.5", + "@semantic-release/npm": "^13.1.5", "@semantic-release/changelog": "^6.0.3", "@semantic-release/exec": "^7.1.0", "@semantic-release/git": "^10.0.1", @@ -11,7 +11,7 @@ "@semantic-release/release-notes-generator": "^14.0.3", "@semantic-release/github": "^11.0.3", "conventional-changelog-conventionalcommits": "^5.0.0", - "semantic-release": "25.0.0-alpha.4", + "semantic-release": "^25.0.3", "undici": "^5.14.0" }, "devDependencies": { From c0c86f65cc88415bace0fe4cc5bc78a3aade00b1 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 5 Mar 2026 17:09:11 +0800 Subject: [PATCH 4/4] chore: Configure Renovate (#16) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Welcome to [Renovate](https://redirect.github.com/renovatebot/renovate)! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin. 🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged. --- ### Detected Package Files * `.github/workflows/node-release-no-provenance.yml` (github-actions) * `.github/workflows/node-release.yml` (github-actions) * `.github/workflows/node-test-mysql.yml` (github-actions) * `.github/workflows/node-test-parallel.yml` (github-actions) * `.github/workflows/node-test.yml` (github-actions) * `.github/workflows/npm-release.yml` (github-actions) * `scripts/npm-release/package.json` (npm) * `scripts/release/package.json` (npm) ### Configuration Summary Based on the default config's presets, Renovate will: - Start dependency updates only once this onboarding PR is merged - Hopefully safe environment variables to allow users to configure. - Show all Merge Confidence badges for pull requests. - Enable Renovate Dependency Dashboard creation. - Use semantic commit type `fix` for dependencies and `chore` for all others if semantic commits are in use. - Ignore `node_modules`, `bower_components`, `vendor` and various test/tests (except for nuget) directories. - Group known monorepo packages together. - Use curated list of recommended non-monorepo package groupings. - Show only the Age and Confidence Merge Confidence badges for pull requests. - Apply crowd-sourced package replacement rules. - Apply crowd-sourced workarounds for known problems with packages. - Ensure that every dependency pinned by digest and sourced from GitHub.com contains a link to the commit-to-commit diff - Correctly link to the source code for golang.org/x packages - Link to pkg.go.dev/... for golang.org/x packages' title 🔡 Do you want to change how Renovate upgrades your dependencies? Add your custom config to `renovate.json` in this branch. Renovate will update the Pull Request description the next time it runs. --- ### What to Expect With your current configuration, Renovate will create 12 Pull Requests:
fix(deps): update semantic-release monorepo - Schedule: ["at any time"] - Branch name: `renovate/semantic-release-monorepo` - Merge into: `master` - Upgrade [@semantic-release/npm](https://redirect.github.com/semantic-release/npm) to `13.1.3` - Upgrade [semantic-release](https://redirect.github.com/semantic-release/semantic-release) to `25.0.2`
chore(deps): update actions/checkout action to v6 - Schedule: ["at any time"] - Branch name: `renovate/actions-checkout-6.x` - Merge into: `master` - Upgrade [actions/checkout](https://redirect.github.com/actions/checkout) to `v6`
chore(deps): update actions/github-script action to v8 - Schedule: ["at any time"] - Branch name: `renovate/actions-github-script-8.x` - Merge into: `master` - Upgrade [actions/github-script](https://redirect.github.com/actions/github-script) to `v8`
chore(deps): update actions/setup-node action to v6 - Schedule: ["at any time"] - Branch name: `renovate/actions-setup-node-6.x` - Merge into: `master` - Upgrade [actions/setup-node](https://redirect.github.com/actions/setup-node) to `v6`
chore(deps): update codecov/codecov-action action to v5 - Schedule: ["at any time"] - Branch name: `renovate/codecov-codecov-action-5.x` - Merge into: `master` - Upgrade [codecov/codecov-action](https://redirect.github.com/codecov/codecov-action) to `v5`
chore(deps): update dependency @​types/node to v24 - Schedule: ["at any time"] - Branch name: `renovate/node-24.x` - Merge into: `master` - Upgrade [@types/node](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped) to `^24.0.0`
chore(deps): update dependency @​types/semantic-release to v21 - Schedule: ["at any time"] - Branch name: `renovate/semantic-release-21.x` - Merge into: `master` - Upgrade @​types/semantic-release to `^21.0.0`
fix(deps): update dependency @​actions/core to v2 - Schedule: ["at any time"] - Branch name: `renovate/actions-core-2.x` - Merge into: `master` - Upgrade [@actions/core](https://redirect.github.com/actions/toolkit) to `^2.0.0`
fix(deps): update dependency @​actions/exec to v2 - Schedule: ["at any time"] - Branch name: `renovate/actions-exec-2.x` - Merge into: `master` - Upgrade [@actions/exec](https://redirect.github.com/actions/toolkit) to `^2.0.0`
fix(deps): update dependency conventional-changelog-conventionalcommits to v9 - Schedule: ["at any time"] - Branch name: `renovate/conventional-changelog-conventionalcommits-9.x` - Merge into: `master` - Upgrade [conventional-changelog-conventionalcommits](https://redirect.github.com/conventional-changelog/conventional-changelog) to `^9.0.0`
fix(deps): update dependency undici to v7 - Schedule: ["at any time"] - Branch name: `renovate/undici-7.x` - Merge into: `master` - Upgrade [undici](https://redirect.github.com/nodejs/undici) to `^7.0.0`
fix(deps): update semantic-release monorepo (major) - Schedule: ["at any time"] - Branch name: `renovate/major-semantic-release-monorepo` - Merge into: `master` - Upgrade [@semantic-release/exec](https://redirect.github.com/semantic-release/exec) to `^7.0.0` - Upgrade [@semantic-release/github](https://redirect.github.com/semantic-release/github) to `^12.0.0` - Upgrade [semantic-release](https://redirect.github.com/semantic-release/semantic-release) to `^25.0.0`
🚸 Branch creation will be limited to maximum 2 per hour, so it doesn't swamp any CI resources or overwhelm the project. See docs for `prhourlylimit` for details. --- ❓ Got questions? Check out Renovate's [Docs](https://docs.renovatebot.com/), particularly the Getting Started section. If you need any further assistance then you can also [request help here](https://redirect.github.com/renovatebot/renovate/discussions). --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/node-modules/github-actions). Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- renovate.json | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 renovate.json diff --git a/renovate.json b/renovate.json new file mode 100644 index 0000000..5db72dd --- /dev/null +++ b/renovate.json @@ -0,0 +1,6 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "extends": [ + "config:recommended" + ] +}