From a863ef958ce4b267cfb518a901ad5d9ad144b6e1 Mon Sep 17 00:00:00 2001 From: Alexander Bjerkan Date: Mon, 17 Nov 2025 14:02:58 +0100 Subject: [PATCH] configure trusted publishing instead of using long-lived npm token --- .github/workflows/release.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 1150bbb..31458e3 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -18,6 +18,8 @@ jobs: # write permission is required for autolabeler # otherwise, read permission is required at least pull-requests: write + # required for OIDC + id-token: write steps: - name: ⬇️ Checkout Repo @@ -45,4 +47,3 @@ jobs: publish: pnpm run changeset:release env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - NPM_TOKEN: ${{ secrets.NPM_TOKEN }}