Publish to npm on merge

.github/workflows/lint-workflows.yml

@@ -0,0 +1,21 @@
+name: actionlint
+
+on:
+  # run only when workflow files change
+  pull_request:
+    paths: ['.github/workflows/**']
+  push:
+    branches: [main]
+    paths:   ['.github/workflows/**']
+
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      # installs the actionlint binary and scans .github/workflows
+      - name: Lint GitHub Actions
+        uses: eifinger/actionlint-action@v1
+        # with:
+        #   version: "v1.7.7"   # ⇐ uncomment to pin an exact linter version

.github/workflows/onPushToMain.yml

@@ -4,6 +4,7 @@ name: version, tag and github release
 on:
   push:
     branches: [main]
+  workflow_dispatch:
 
 jobs:
   release:
@@ -13,21 +14,27 @@ jobs:
     steps:
       - uses: actions/checkout@v4
       - uses: actions/setup-node@v4
+        with:
+          node-version: latest
       - name: Check if version already exists
         id: version-check
+        shell: bash
         run: |
-          package_version=$(node -p "require('./package.json').version")
-          exists=$(gh api repos/${{ github.repository }}/releases/tags/v$package_version >/dev/null 2>&1 && echo "true" || echo "")
+          package_name="$(node -p "require('./package.json').name")"
+          package_version="$(node -p "require('./package.json').version")"
+
+          gh_exists="$(gh api \
+              "repos/${{ github.repository }}/releases/tags/v${package_version}" \
+              >/dev/null 2>&1 && echo 'true' || echo '')"
+
+          npm_exists="$(npm view "${package_name}@${package_version}" --json \
+              >/dev/null 2>&1 && echo 'true' || echo '')"
 
-          if [ -n "$exists" ];
-          then
-            echo "Version v$package_version already exists"
-            echo "::warning file=package.json,line=1::Version v$package_version already exists - no release will be created. If you want to create a new release, please update the version in package.json and push again."
-            echo "skipped=true" >> $GITHUB_OUTPUT
+          if [[ -n "$gh_exists" || -n "$npm_exists" ]]; then
+            echo "::warning file=package.json,line=1::Version v${package_version} already exists—skipping release."
+            echo "skipped=true"  >>"${GITHUB_OUTPUT}"
           else
-            echo "Version v$package_version does not exist. Creating release..."
-            echo "skipped=false" >> $GITHUB_OUTPUT
-            echo "tag=v$package_version" >> $GITHUB_OUTPUT
+            echo "skipped=false" >>"${GITHUB_OUTPUT}"
           fi
         env:
           GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -56,3 +63,20 @@ jobs:
           commit: ${{ github.ref_name }}
           token: ${{ secrets.GITHUB_TOKEN }}
           skipIfReleaseExists: true
+      - name: Install dependencies
+        if: ${{ steps.version-check.outputs.skipped == 'false' }}
+        run: npm install
+      - name: Build
+        if: ${{ steps.version-check.outputs.skipped == 'false' }}
+        run: npm run build
+      - name: Prepare package
+        if: ${{ steps.version-check.outputs.skipped == 'false' }}
+        run: npm run prepack
+      - name: Publish to npm
+        uses: JS-DevTools/npm-publish@19c28f1ef146469e409470805ea4279d47c3d35c
+        if: ${{ steps.version-check.outputs.skipped == 'false' }}
+        with:
+          token: ${{ secrets.NPM_TOKEN }}
+      - name: Cleanup package
+        if: ${{ steps.version-check.outputs.skipped == 'false' }}
+        run: npm run postpack

.github/workflows/onRelease.yml

@@ -1,6 +1,8 @@
 name: publish
 
 on:
+  workflow_dispatch:
+
   release:
     types: [published]
   push:

README.md

@@ -145,6 +145,25 @@ Run the CLI in development mode:
 ./bin/dev
 ```
 
+## Publishing
+
+Automatic publishing is handled by the `version, tag and github release` workflow. A new npm version is published whenever a version bump is merged into the `main` branch. The workflow can also be triggered manually from the **Actions** tab.
+
+To enable publishing, set the following repository secrets:
+
+- `NPM_TOKEN` – authentication token for npm.
+- `GH_EMAIL` and `GH_USERNAME` – used by the README update step.
+
+Once the secrets are configured, pushing a new version or running the workflow manually will build the project, create a GitHub release and publish the package to npm.
+
+### Linting workflows
+
+Before committing changes to workflows, you can lint them locally:
+
+```sh
+npm run lint:workflows
+```
+
 ## Contributing
 
 Contributions are always welcome! To contribute:

package.json

@@ -30,7 +30,8 @@
     "oclif": "^4",
     "shx": "^0.3.3",
     "ts-node": "^10",
-    "typescript": "^5"
+    "typescript": "^5",
+    "node-actionlint": "^1.2.2"
   },
   "engines": {
     "node": ">=18.0.0"
@@ -62,7 +63,8 @@
     "prepack": "oclif manifest && oclif readme",
     "test": "mocha --forbid-only \"test/**/*.test.ts\"",
     "coverage": "c8 --reporter=lcov --reporter=text npm test",
-    "version": "oclif readme && git add README.md"
+    "version": "oclif readme && git add README.md",
+    "lint:workflows": "node-actionlint '.github/workflows/**/*.yml'"
   },
   "types": "dist/index.d.ts"
 }