Update npm publishing to use OIDC authentication (#164)

Signed-off-by: Fern Support <[email protected]>

Author: fern-support

.github/workflows/npm-publish-cloud.yml

@@ -1,21 +1,22 @@
-# This workflow will run tests using node and then publish a package to GitHub Packages when a release is created
+# This workflow will run tests using node and then publish a package to npm when a release is created
 # For more information see: https://docs.github.com/en/actions/publishing-packages/publishing-nodejs-packages
-
 name: publish-cloud-to-npm
-
 on:
   release:
     types: [published]
 jobs:
   build:
     if: github.event.release.target_commitish == 'main'
     runs-on: ubuntu-latest
+    permissions:
+      id-token: write
     steps:
       - uses: actions/checkout@v4
       - uses: actions/setup-node@v4
         with:
-          node-version: '18.x'
-          registry-url: 'https://registry.npmjs.org'
+          node-version: '18.18.0'
+      - name: Setup yarn
+        run: npm install -g yarn
       - name: Compare package.json version with tag
         run: |
           TAG_VERSION=${GITHUB_REF#refs/tags/}
@@ -39,10 +40,11 @@ jobs:
         run: yarn install --frozen-lockfile
       - name: Publish package
         run: |
+          publish() {
+            npx -y npm@latest publish "$@"
+          }
           if [ "$is_next" = "true" ]; then
-            yarn publish --tag preview
+            publish --tag preview
           else
-            yarn publish
+            publish
           fi
-        env:
-          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}