Add workflow to release packages to npm

[vraja-pro]

Context

• This workflow will extract the packages to be released to npm from the content of a PR with a title starting with "Version increase" and npm-release label. The list of packages to release should be included in the PR body before the ## Context heading, in the format - @yoast/package-name: version.
• A pre publish workflow check is added and will be triggered with the npm-release label.

Summary

This PR can be summarized in the following changelog entry:

• Adds a workflows to release packages to npm when merging a Version increase PR with npm-release label to trunk. If Workflow fails it can be triggered manually with PR number.
• Adds a pre publish workflow that will do pre-publish checks when creating a PR with npm-release label.

Relevant technical choices:

Test instructions

Test instructions for the acceptance test before the PR gets merged

This PR can be acceptance tested by following these steps:

• Nothing to test here. The pre publish workflow is a type to test.

Relevant test scenarios

• Changes should be tested with the browser console open
• Changes should be tested on different posts/pages/taxonomies/custom post types/custom taxonomies
• Changes should be tested on different editors (Default Block/Gutenberg/Classic/Elementor/other)
• Changes should be tested on different browsers
• Changes should be tested on multisite

Test instructions for QA when the code is in the RC

• QA should use the same steps as above.

QA can test this PR by following these steps:

Impact check

This PR affects the following parts of the plugin, which may require extra testing:

Other environments

• This PR also affects Shopify. I have added a changelog entry starting with [shopify-seo], added test instructions for Shopify and attached the Shopify label to this PR.
• This PR also affects Yoast SEO for Google Docs. I have added a changelog entry starting with [yoast-doc-extension], added test instructions for Yoast SEO for Google Docs and attached the Google Docs Add-on label to this PR.

Documentation

• I have written documentation for this change. For example, comments in the Relevant technical choices, comments in the code, documentation on Confluence / shared Google Drive / Yoast developer portal, or other.

Quality assurance

• I have tested this code to the best of my abilities.
• During testing, I had activated all plugins that Yoast SEO provides integrations for.
• I have added unit tests to verify the code works as intended.
• If any part of the code is behind a feature flag, my test instructions also cover cases where the feature flag is switched off.
• I have written this PR in accordance with my team's definition of done.
• I have checked that the base branch is correctly set.
• I have run grunt build:images and commited the results, if my PR introduces new images or SVGs.

Innovation

• No innovation project is applicable for this PR.
• This PR falls under an innovation project. I have attached the innovation label.
• I have added my hours to the WBSO document.

Fixes #

[JorPV]

as @Dieterrr said the optional environment key

allows you to scope secrets to workflows per env.

So I'd say that for this dry-run workflow we don’t need any publish secrets or extra approvals involved. 🤔

[vraja-pro]

I actually think we need that to flag to the user that this is required for the published workflow.

[JorPV]

Then if we are going to add secrets to the npm-publish I think we should use a different key for the dry-run than for the real workflow to avoid granting access to those publish secrets e.g. npm-publish-dry-run? 🤔

[vraja-pro]

The dry-run only runs npm pack and uploads a tarball artifact — it can't publish anything, so there actually no need for environment in the pre publish workflow. My mistake.
It won't validate whether trusted publishing is configured correctly on npmjs.com.

[JorPV]

I left some comments

[Copilot]

Pull request overview

Adds GitHub Actions automation to publish selected workspace packages to npm when a “Version increase” PR with the npm-release label is merged into trunk, plus a PR-time dry-run (npm pack) check.

Changes:

• Adds a publish-npm-packages.yml workflow that publishes packages based on a list extracted from the PR content.
• Adds a pre-publish-npm-packages.yml workflow that runs a dry-run pack and uploads resulting tarballs as an artifact.
• Implements basic strategy selection per package (prepublishOnly / build / direct) before publishing/packing.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 8 comments.

File	Description
.github/workflows/publish-npm-packages.yml	Publishes selected packages to npm on merge of a labeled “Version increase” PR.
.github/workflows/pre-publish-npm-packages.yml	Runs a dry-run npm pack for selected packages on PR label/sync and uploads artifacts.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[JorPV]

I added more small suggestions 😄