ci: fix deprecation of canary package (#3496)

Author: IvanGoncharov

.github/workflows/canary.yaml

@@ -54,6 +54,9 @@ jobs:
             packageJSON.version += packageJSON.version.includes('-') ? '.' : '-';
             packageJSON.version += `canary.pr.${pull_request.number}.${pull_request.head.sha}`;
 
+            packageJSON.deprecated =
+              `You are using canary version build from ${pull_request.url}, no gurantees provided so please use your own discretion.`;
+
             assert(
               packageJSON.scripts == null,
               'No scripts allowed for security reasons!',
@@ -65,20 +68,12 @@ jobs:
               'utf-8',
             );
 
-            core.exportVariable('PR_URL', pull_request.url);
             core.exportVariable('PR_NUMBER', pull_request.number);
             core.exportVariable('NPM_TAG', packageJSON.publishConfig.tag);
             core.exportVariable('NPM_VERSION', packageJSON.version);
 
       - name: Publish NPM package
-        run: npm publish ./npmDist
-        env:
-          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
-
-      - name: Add deprecate message on NPM package
-        run: |
-          npm deprecate "graphql@$NPM_VERSION" \
-            "You are using canary version build from $PR_URL, no gurantees provided so please use your own discretion."
+        run: npm publish --ignore-scripts ./npmDist
         env:
           NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
 

.github/workflows/ci.yml

@@ -83,7 +83,7 @@ jobs:
       #  run: npm ls --depth 999
 
       - name: Run npm install
-        run: npm install --force --package-lock-only --ignore-scripts --engine-strict --strict-peer-deps
+        run: npm install --ignore-scripts --force --package-lock-only --engine-strict --strict-peer-deps
 
       - name: Check that package-lock.json is in sync with package.json
         run: git diff --exit-code package-lock.json