You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.
This PR includes no changesets
When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types
PR Review: fix(publish.yml): add registry-url to old publish workflow
Gather context
Read changed files
Provide review feedback
Good fix! The registry-url addition is the right call — actions/setup-node only writes NODE_AUTH_TOKEN into .npmrc when registry-url is set, so without it OIDC-backed npm publish silently fails with ENEEDAUTH.
One thing worth flagging for clarity:
💡 Suggestion (non-blocking)
This PR's diff against main includes 6 lines total, but the title only mentions registry-url. It also re-adds the "Upgrade npm for OIDC support" step (npm install -g npm@latest) that was explicitly removed in #1007 ("chore(publish.yml): remove upgrading npm step"). If that re-addition is intentional, it's fine — but it's worth calling out since main already has the comment "Node 22 includes npm >= 11.5.1 with OIDC support" suggesting the upgrade step shouldn't be necessary. If Node 22's bundled npm is sufficient, the upgrade step adds ~30s of install time and a floating-version footgun (@latest). Either way, a sentence in the PR description clarifying the intent would help future readers.
Technically the approach is sound — registry-url is set before the npm upgrade so .npmrc is already in place, and NODE_AUTH_TOKEN is env-based so the upgraded npm will still pick it up. No correctness issues.
✅ registry-url fix is correct and should resolve the auth problem.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Trying to revive the old publish workflow