File tree Expand file tree Collapse file tree 1 file changed +10
-2
lines changed
Expand file tree Collapse file tree 1 file changed +10
-2
lines changed Original file line number Diff line number Diff line change 55 branches :
66 - main
77
8+ permissions :
9+ id-token : write # Required for OIDC
10+ contents : read
11+
812concurrency :
913 group : ${{ github.workflow }}-${{ github.ref }}
1014 cancel-in-progress : true
@@ -144,6 +148,7 @@ jobs:
144148 runs-on : ubuntu-latest
145149 timeout-minutes : 30
146150 permissions :
151+ id-token : write # Required for trusted publishing
147152 contents : write
148153 pull-requests : write
149154
@@ -155,12 +160,16 @@ jobs:
155160 - uses : actions/setup-node@v4
156161 with :
157162 node-version : 24
163+ registry-url : ' https://registry.npmjs.org'
158164 cache : ' npm'
159165
160166 - uses : oven-sh/setup-bun@v2
161167 with :
162168 bun-version : latest
163169
170+ - name : Upgrade npm for OIDC trusted publishing
171+ run : npm install -g npm@latest
172+
164173 - name : Install dependencies
165174 run : npm ci
166175
@@ -211,5 +220,4 @@ jobs:
211220 publish : npx tsx .github/changeset-publish.ts
212221 env :
213222 GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
214- NPM_TOKEN : ${{ secrets.NPM_PUBLISH_TOKEN }}
215- NPM_PUBLISH_TOKEN : ${{ secrets.NPM_PUBLISH_TOKEN }}
223+ NPM_CONFIG_PROVENANCE : true
You can’t perform that action at this time.
0 commit comments