From 388449ce94ddbaabf6311b7c1e974f230f93c474 Mon Sep 17 00:00:00 2001
From: Aurimas Butkus <aurimas.butkus3@gmail.com>
Date: Fri, 17 Oct 2025 13:08:50 +0300
Subject: [PATCH] chore: Use trusted publishers in build-release

Added a step to update NPM to the latest version before installing dependencies.
---
 .github/workflows/build-release.yaml | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/build-release.yaml b/.github/workflows/build-release.yaml
index c492a24..c5a7274 100644
--- a/.github/workflows/build-release.yaml
+++ b/.github/workflows/build-release.yaml
@@ -39,13 +39,14 @@ jobs:
           node-version: '20.x'
           registry-url: 'https://registry.npmjs.org'
 
+      - name: Update NPM
+        run: npm install -g npm@latest
+
       - name: Install dependencies
         run: npm install
 
       - name: Publish package
         run: npm publish --provenance --access public
-        env:
-          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
 
   publish-github:
     runs-on: ubuntu-latest
@@ -71,4 +72,4 @@ jobs:
           sed -i 's+"name": ".*+"name": "@${{ github.repository }}",+gI' ./package.json
           npm publish --provenance --access public
         env:
-          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
\ No newline at end of file
+          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}