Add security review summary #10
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish | |
| on: | |
| push: | |
| branches: [main] | |
| release: | |
| types: [created] | |
| jobs: | |
| publish: | |
| # Values from config in package.json > "build" are used here. | |
| # Can only build all artifacts (win, mac, linux) on macos-latest. | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| matrix: | |
| os: [macos-latest] | |
| steps: | |
| - name: Checkout git repo | |
| uses: actions/checkout@v3 | |
| - name: Install Node and NPM | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: 22 | |
| cache: npm | |
| - name: Install and build | |
| run: | | |
| npm install | |
| npm run postinstall | |
| npm run build | |
| - name: Publish releases | |
| env: | |
| # This token is used for uploading release assets to github. | |
| # It has very strict permissions. | |
| GH_TOKEN: ${{ secrets.GH_TOKEN }} | |
| run: | | |
| npm exec electron-builder -- --publish onTagOrDraft --win --mac --linux |