Skip to content

Merge branch 'main' of https://github.com/ByteBardOrg/obfuscan #3

Merge branch 'main' of https://github.com/ByteBardOrg/obfuscan

Merge branch 'main' of https://github.com/ByteBardOrg/obfuscan #3

Workflow file for this run

name: Publish Core
on:
push:
tags:
- "core-v*"
workflow_dispatch:
inputs:
version:
description: "SemVer version to publish (must match packages/core/package.json)"
required: true
type: string
permissions:
contents: read
id-token: write
jobs:
publish-core:
name: Publish @obfuscan/core
runs-on: ubuntu-latest
defaults:
run:
working-directory: packages/core
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version: 24
registry-url: https://registry.npmjs.org
- name: Resolve and validate version
id: version
env:
INPUT_VERSION: ${{ inputs.version }}
run: |
if [[ "${GITHUB_EVENT_NAME}" == "push" ]]; then
EXPECTED_VERSION="${GITHUB_REF_NAME#core-v}"
else
EXPECTED_VERSION="${INPUT_VERSION}"
fi
PKG_VERSION="$(node -p "require('./package.json').version")"
node -e "
const semver = /^(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:-[0-9A-Za-z.-]+)?(?:\\+[0-9A-Za-z.-]+)?$/;
const [expected, pkg] = process.argv.slice(1);
if (!semver.test(expected)) {
console.error('Expected version is not valid SemVer:', expected);
process.exit(1);
}
if (!semver.test(pkg)) {
console.error('package.json version is not valid SemVer:', pkg);
process.exit(1);
}
if (expected !== pkg) {
console.error('Version mismatch: expected ' + expected + ', package.json has ' + pkg);
process.exit(1);
}
" "${EXPECTED_VERSION}" "${PKG_VERSION}"
echo "version=${PKG_VERSION}" >> "${GITHUB_OUTPUT}"
- name: Install dependencies
run: npm ci --legacy-peer-deps
- name: Build
run: npm run build
- name: Smoke test published entrypoint
run: |
node --input-type=module <<'NODE'
import { scan } from './dist/index.js';
const result = await scan(
{ paths: ['a.js'] },
{
fileResolver: async () => 'eval(atob("YQ=="));\n',
logger: { debug() {}, info() {}, warn() {}, error() {} },
},
);
if (!result.findings.some(f => f.ruleId === 'obf.decode-then-exec.javascript')) {
throw new Error('built package did not load rules and scan successfully');
}
NODE
- name: Test
run: npm run test:all
- name: Publish
run: npm publish --access public --provenance
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}