The launch of the Javascript/Typescript package is a reusable use and the closed source of internal use via the front and rear interface is a common challenge, especially when you want to automate it, keep things normative, and avoid the leakage of unnecessary code. Here’s how to do that, step -by -step, using what is required only for a stable and repetitive work.
Why GitHub packages (not NPMJS.org)?
Most teams reach NPMJS.ORG by default, but if your inner tools are strict – or you have some logic for special contract processing, you are not ready for open sources – GitHub is more than enough:
- Integrated with your warehouse: There are no additional accounts or keys to manage them.
- Access to the domain: Control exactly who gets your code.
- Fashionable workflow: Your team is already on Gaytap. Why jump away?
I used this for the SDKS smart nodes referred to by both Frontnd and Nestjs API.
The structure of the guide
I only keep my distribution code in /packageSeparate from the textual/internal documents, to avoid the leakage of DeV files by accidentally.
|-- .github/
|-- src/
|-- package/ # <--- Only your published files live here
|-- package.json
|-- dist/
|-- index.js
|-- ...
Professional advice: npm publish It only works in /packageAnd not in the root of the ribo.
Hand versions resulting from Gaytap versions
Each update is explicitly marked as a version of the user interface in GitHub, which helps prevent accidental versions of incomplete work.
Work file
Below is the full work progress that accomplishes the task.
name: Publish package on GitHub Packages
on:
release:
types: [created]
jobs:
publish:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: 18
registry-url: "https://npm.pkg.github.com"
scope: "@your-user-name"
always-auth: true
- name: Install dependencies
run: npm ci
- name: Build package
run: npm run package
- name: Install package dependencies
working-directory: ./package
run: npm ci
- name: Publish package
working-directory: ./package
run: npm publish
env:
NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
Put it in github/workflows/publish.yml
Main parts
- Domains, not monorepos: There are no work spaces, not publishing the entire Reibo.
- There are no leakage sources: Files only in
/packageConsumers are seen – there are no cross batches of TS, Docs or GIT date. - Handyon: The process is only launched when creating a Gabbab version, not on every batch or public relationship.
An example in the real world
Suppose you are updating ABI smart contracts in /srcThen run your inner structure (perhaps a simple via "package" Text program for directing to /package/dist.
only Which – which The release of subordination.
Your API team can safely pull it through:
npm install @user/package-name --registry=https://npm.pkg.github.com
From both the background and the front end, with NPMJs.
