on:
  push:
    tags:
      - "v*"

jobs:
  build:
    runs-on: ubuntu-latest
    permissions:
      contents: read
      id-token: write
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-node@v4
        with:
          node-version: "20.x"
          registry-url: "https://registry.npmjs.org"
      - name: Build
        run: |
          npm install
          npm run build:docs & npm run build:lib
      - name: Publish package (stable)
        if: ${{ ! contains(github.ref, '-next') }}
        env:
          NODE_AUTH_TOKEN: ${{ secrets.NPM_AUTH_TOKEN }}

        # Currently, only npm supports publishing packages with provenance
        # https://docs.npmjs.com/generating-provenance-statements
        run: |
          npm publish --provenance --access public
      - name: Publish package (next)
        if: ${{ contains(github.ref, '-next') }}
        env:
          NODE_AUTH_TOKEN: ${{ secrets.NPM_AUTH_TOKEN }}
        run: |
          npm publish --provenance --access public --tag next