ci: rename release-account-manual.yml to release-account.yml#289
Merged
stephancill merged 1 commit intomasterfrom Apr 28, 2026
Merged
ci: rename release-account-manual.yml to release-account.yml#289stephancill merged 1 commit intomasterfrom
stephancill merged 1 commit intomasterfrom
Conversation
Aligns the workflow filename with the npm Trusted Publisher entry for @base-org/account so OIDC-authenticated publishes succeed. The npm Trusted Publisher for @base-org/account expects workflow filename 'release-account.yml' with environment 'publish'. The previous filename 'release-account-manual.yml' caused npm to reject publishes with a misleading 404 (npm returns 404 instead of 403 for unauthorized scope writes). Removes the [DEPRECATED] markers since this workflow is now the canonical publish path until release-please.yml is wired up to its own trusted publisher entry.
Collaborator
✅ Heimdall Review Status
|
Contributor
|
Review: no issues found. This is a CI-only change — renaming The PR title |
spencerstock
approved these changes
Apr 28, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Aligns the manual publish workflow filename with the npm Trusted Publisher entry for
@base-org/account.The npm Trusted Publisher for
@base-org/accountis configured for workflow filenamerelease-account.ymlwith environmentpublish. The previous filenamerelease-account-manual.ymlcaused npm to reject OIDC-authenticated publishes with a misleading 404 (npm returns 404 instead of 403 for unauthorized scope writes). This is what blocked the manual republish attempt of@base-org/account@2.5.5(run 25020384976).After this change, the workflow can be dispatched manually to publish a version that release-please has tagged on master but not yet pushed to npm.
The
[DEPRECATED]markers are removed since this workflow is now the canonical publish path.release-please.ymlcannot publish until its filename is also added as a trusted publisher entry on npm — that's tracked separately.How did you test your changes?
@base-org/account.name:field were updated to remove the DEPRECATED markers).packageVersion=2.5.5should successfully publish the missing2.5.5version to npm.