ci: configure Dependabot to bump GitHub Actions #750

	name: Release to npm

	on:
	push:
	branches:
	- main

	concurrency: ${{ github.workflow }}-${{ github.ref }}

	jobs:
	release:
	name: Release
	if: github.repository == 'polarsource/polar'
	runs-on: ubuntu-latest

	permissions:
	contents: write
	pull-requests: write
	actions: write

	env:
	TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }}
	TURBO_TEAM: ${{ vars.TURBO_TEAM }}
	POLAR_OPENAPI_SCHEMA_URL: ${{ secrets.POLAR_OPENAPI_SCHEMA_URL }}
	VERCEL_ENV: 'testing'

	steps:
	- name: Check out code
	uses: actions/checkout@v4

	- uses: pnpm/action-setup@v4
	with:
	version: 9.2.0

	- name: Setup Node.js environment
	uses: actions/setup-node@v4
	with:
	node-version-file: clients/.node-version
	cache: "pnpm"
	cache-dependency-path: "clients/pnpm-lock.yaml"
	registry-url: "https://registry.npmjs.org"

	- name: Install dependencies
	working-directory: ./clients
	run: pnpm install

	- name: Create Release Pull Request or Publish to npm
	# https://github.com/changesets/action
	uses: changesets/action@v1
	with:
	publish: "pnpm publish-packages"
	version: "pnpm version-packages"
	cwd: "./clients"
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
	NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

Provide feedback