UNPKG

token-guardian

Version:

A comprehensive solution for protecting and managing API tokens and secrets

104 lines (75 loc) 2.53 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
# Publishing to npm This document describes how to publish the TokenGuardian package to the npm registry using GitHub Actions. ## Prerequisites 1. You need to have an npm account with publishing rights for this package. 2. Generate an npm access token with publishing permissions. 3. Set up GitHub secrets with your npm token. ## Generating an npm token 1. Log in to your npm account on https://www.npmjs.com/ 2. Go to your profile settings 3. Select "Access Tokens" 4. Click "Generate New Token" 5. Select "Automation" token type 6. Set the appropriate permissions (needs "Read and write" access) 7. Generate and copy the token ## Setting up GitHub Secrets 1. Navigate to your GitHub repository 2. Go to "Settings" > "Secrets and variables" > "Actions" 3. Click "New repository secret" 4. Create a secret named `NPM_TOKEN` with the value of your npm token 5. Click "Add secret" ## Using GitHub Workflows ### Manual workflow setup Since GitHub Actions workflows need to be in the `.github/workflows` directory, you'll need to: 1. Create a `.github/workflows` directory in your repository 2. Copy the workflow files to that directory: ```bash mkdir -p .github/workflows cp ci-workflow.yml .github/workflows/ci.yml cp release-workflow.yml .github/workflows/release.yml ``` ### Automatic publishing via GitHub Release To publish a new version of the package: 1. Update the version in `package.json` 2. Create and push a new tag: ```bash git tag v0.1.0 git push origin v0.1.0 ``` 3. Or create a new release through the GitHub UI: - Go to "Releases" in your repository - Click "Draft a new release" - Enter the tag version (e.g., `v0.1.0`) - Fill in the release title and description - Click "Publish release" The release workflow will automatically: - Check out the tagged code - Install dependencies - Run tests - Build the package - Publish to npm ## Manual Publishing If you prefer to publish manually: ```bash # Login to npm npm login # Build the package npm run build # Publish npm publish ``` ## Versioning Follow Semantic Versioning (SemVer) for version numbers: - MAJOR version for incompatible API changes - MINOR version for backwards-compatible functionality - PATCH version for backwards-compatible bug fixes Use npm version to update the package version: ```bash # For a patch release npm version patch # For a minor release npm version minor # For a major release npm version major ``` This will update `package.json`, create a new commit, and create a new tag.