name: "Release"

on:
  push:
    branches: [master]

jobs:
  release:
    runs-on: "ubuntu-latest"
    permissions:
      contents: "write"
      issues: "write"
      pull-requests: "write"
      id-token: "write"
    steps:
      - uses: "actions/checkout@v4.1.1"
        with:
          fetch-depth: 0
          persist-credentials: false

      - name: "Setup Node.js"
        uses: "actions/setup-node@v4.0.1"
        with:
          node-version: "lts/*"
          cache: "npm"

      - name: "Install dependencies"
        run: "npm clean-install"

      - name: "Build"
        run: "npm run build"

      - run: "npm run build:typescript"

      - name: "Verify the integrity of provenance attestations and registry signatures for installed dependencies"
        run: "npm audit signatures"

      - name: "Release"
        run: "npm run release"
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}