johno/beads
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: Update npm publish to use OIDC trusted publishing

Browse Source 
npm deprecated classic tokens and now requires either granular tokens
with 2FA or OIDC trusted publishing. This updates the workflow to use
the latter, which is npm recommended approach for CI/CD.

Requires configuring trusted publisher on npmjs.com:
- Organization: steveyegge
- Repository: beads
- Workflow: release.yml

Generated with Claude Code

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Steve Yegge
2025-12-17 19:51:10 -08:00
parent ad83d45f7e
commit b10d800e40
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
.github/workflows/release.yml vendored
View File

@@ -85,13 +85,15 @@ jobs:
node-version: '22'
registry-url: 'https://registry.npmjs.org'
- name: Update npm for OIDC support
run: npm install -g npm@latest
- name: Update npm for OIDC trusted publishing
run: npm install -g npm@latest # Requires npm >= 11.5.1 for trusted publishing
- name: Publish to npm
run: |
cd npm-package
npm publish --access public
# Uses OIDC trusted publishing - no token needed
# Provenance attestations are automatic with trusted publishing
update-homebrew:
runs-on: ubuntu-latest