Skip to content
Latchkey

Release workflow (js-cookie/js-cookie)

The Release workflow from js-cookie/js-cookie, explained and optimized by Latchkey.

C

CI health: C - fair

Point runs-on at Latchkey and get caching, job timeouts, self-healing for flaky steps, and up to 58% lower cost, applied automatically.

Grade your own workflow free or run it on Latchkey →
Source: js-cookie/js-cookie.github/workflows/release.ymlLicense MITView source

What it does

This is the Release workflow from the js-cookie/js-cookie repository, a real project running GitHub Actions. It is shown here with attribution under its MIT license.

Below, Latchkey shows a faster, safer version produced by its optimization engine.

The workflow

workflow (.yml)
name: Release

on:
  workflow_dispatch:
    inputs:
      bump:
        type: choice
        description: Semver version to bump
        options:
          - patch
          - minor
          - major
        default: patch
      dry-run:
        type: boolean
        description: Perform dry-run
        default: true

defaults:
  run:
    shell: bash

permissions: {}

env:
  PUPPETEER_EXECUTABLE_PATH: /usr/bin/google-chrome
  PUPPETEER_SKIP_DOWNLOAD: 'true'

jobs:
  release:
    runs-on: ubuntu-latest
    permissions:
      contents: write
      id-token: write
    steps:
      - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
        with:
          fetch-depth: 0
          persist-credentials: true # Required so we can push commit + tag for release..
      - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
        with:
          node-version: 24.x
          registry-url: https://registry.npmjs.org
      - run: |
          npm i -g npm@11.8.0
          npm ci
      - uses: chainguard-dev/actions/setup-gitsign@081e79ee578199ef583d4ca74edc376b50b9409c
      - run: npm run release ${GITHUB_EVENT_INPUTS_BUMP}${{ github.event.inputs.dry-run == 'true' && ' -- --dry-run' || '' }}
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          GITHUB_EVENT_INPUTS_BUMP: ${{ github.event.inputs.bump }}

The same workflow, on Latchkey

Estimated ~20% faster on cache hits, plus fewer wasted runs and a safer supply chain. Added and changed lines are highlighted.

name: Release
 
on:
  workflow_dispatch:
    inputs:
      bump:
        type: choice
        description: Semver version to bump
        options:
          - patch
          - minor
          - major
        default: patch
      dry-run:
        type: boolean
        description: Perform dry-run
        default: true
 
defaults:
  run:
    shell: bash
 
permissions: {}
 
env:
  PUPPETEER_EXECUTABLE_PATH: /usr/bin/google-chrome
  PUPPETEER_SKIP_DOWNLOAD: 'true'
 
jobs:
  release:
    timeout-minutes: 30
    runs-on: latchkey-small
    permissions:
      contents: write
      id-token: write
    steps:
      - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
        with:
          fetch-depth: 0
          persist-credentials: true # Required so we can push commit + tag for release..
      - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
        with:
          cache: 'npm'
          node-version: 24.x
          registry-url: https://registry.npmjs.org
      - run: |
          npm i -g npm@11.8.0
          npm ci
      - uses: chainguard-dev/actions/setup-gitsign@081e79ee578199ef583d4ca74edc376b50b9409c
      - run: npm run release ${GITHUB_EVENT_INPUTS_BUMP}${{ github.event.inputs.dry-run == 'true' && ' -- --dry-run' || '' }}
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          GITHUB_EVENT_INPUTS_BUMP: ${{ github.event.inputs.bump }}
 

What changed

What Latchkey heals here

This workflow has steps that commonly fail on transient issues (network, registries, flaky browsers). On Latchkey managed runners they are detected, retried, and self-healed instead of failing your build:

This workflow runs 1 job per trigger. On Latchkey the same minutes cost up to 58% less than GitHub-hosted, with zero queue time.

Actions used in this workflow