diff --git a/.github/workflows/canary.yaml b/.github/workflows/canary.yaml index 668c0ec1dc..d373598096 100644 --- a/.github/workflows/canary.yaml +++ b/.github/workflows/canary.yaml @@ -54,6 +54,9 @@ jobs: packageJSON.version += packageJSON.version.includes('-') ? '.' : '-'; packageJSON.version += `canary.pr.${pull_request.number}.${pull_request.head.sha}`; + packageJSON.deprecated = + `You are using canary version build from ${pull_request.url}, no gurantees provided so please use your own discretion.`; + assert( packageJSON.scripts == null, 'No scripts allowed for security reasons!', @@ -65,20 +68,12 @@ jobs: 'utf-8', ); - core.exportVariable('PR_URL', pull_request.url); core.exportVariable('PR_NUMBER', pull_request.number); core.exportVariable('NPM_TAG', packageJSON.publishConfig.tag); core.exportVariable('NPM_VERSION', packageJSON.version); - name: Publish NPM package - run: npm publish ./npmDist - env: - NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} - - - name: Add deprecate message on NPM package - run: | - npm deprecate "graphql@$NPM_VERSION" \ - "You are using canary version build from $PR_URL, no gurantees provided so please use your own discretion." + run: npm publish --ignore-scripts ./npmDist env: NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index a08cca8d95..93ec36b91b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -83,7 +83,7 @@ jobs: # run: npm ls --depth 999 - name: Run npm install - run: npm install --force --package-lock-only --ignore-scripts --engine-strict --strict-peer-deps + run: npm install --ignore-scripts --force --package-lock-only --engine-strict --strict-peer-deps - name: Check that package-lock.json is in sync with package.json run: git diff --exit-code package-lock.json