Skip to content

Commit 337fe11

Browse files
committed
chore(provenance): add dry-run input + cascade to fbfeadaa
Wire the new dry-run input from the central reusable workflow into this thin wrapper. Default true: opting into a real publish requires unchecking the box on workflow_dispatch, so an accidental dispatch never publishes. Cascades the pinned SHA to fbfeadaae4087e9dcf35c0d4bd56a96597e492b2, which adds the dry-run input + threads it to both the custom-publish-script branch (appends --dry-run to FLAGS) and the direct-npm-publish branch (appends --dry-run to npm publish).
1 parent cde6120 commit 337fe11

1 file changed

Lines changed: 7 additions & 1 deletion

File tree

.github/workflows/provenance.yml

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,11 @@ name: 📦 Publish
66
on:
77
workflow_dispatch:
88
inputs:
9+
dry-run:
10+
description: 'Stage everything but pass --dry-run to npm publish; nothing reaches the registry. Default: true — uncheck to opt into a real publish.'
11+
required: false
12+
default: true
13+
type: boolean
914
debug:
1015
description: 'Enable debug output'
1116
required: false
@@ -21,9 +26,10 @@ permissions:
2126

2227
jobs:
2328
publish:
24-
uses: SocketDev/socket-registry/.github/workflows/provenance.yml@b74ae5083d662df0045731bcf35b4e54b1e03d37 # main
29+
uses: SocketDev/socket-registry/.github/workflows/provenance.yml@fbfeadaae4087e9dcf35c0d4bd56a96597e492b2 # main
2530
with:
2631
debug: ${{ inputs.debug }}
32+
dry-run: ${{ inputs.dry-run }}
2733
package-name: '@socketsecurity/lib'
2834
setup-script: 'pnpm run build'
2935
use-trusted-publishing: true

0 commit comments

Comments
 (0)