From e09c743bdc1c134822ce55f938dc54f20223a00d Mon Sep 17 00:00:00 2001 From: Aviad Hahami Date: Thu, 9 Oct 2025 14:30:00 +0300 Subject: [PATCH 1/2] Update publish.yaml for release job permissions Added id-token permission for the release job and removed NODE_AUTH_TOKEN from the publish step. --- .github/workflows/publish.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index f025dc3..33f3840 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -26,6 +26,7 @@ jobs: release: permissions: contents: write + id-token: write # Use the semver as the job name name: "Release ${{ github.event.inputs.semver }}" @@ -47,8 +48,6 @@ jobs: - name: Publish run: npm publish - env: - NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}} - name: Set version as env var run: | From 9bcd28e5c11c624a82760447a8c123af34030438 Mon Sep 17 00:00:00 2001 From: Aviad Hahami Date: Thu, 9 Oct 2025 14:38:06 +0300 Subject: [PATCH 2/2] Update GitHub Actions to use softprops/action-gh-release --- .github/workflows/publish.yaml | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index 33f3840..a4b6c31 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -53,12 +53,7 @@ jobs: run: | echo "VERSION=$(node -p "require('./package.json').version")" >> $GITHUB_ENV - - uses: actions/create-release@0cb9c9b65d5d1901c1f53e5e66eaf4afd303e70e + - uses: softprops/action-gh-release@aec2ec56f94eb8180ceec724245f64ef008b89f5 name: Release - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: - tag_name: ${{ env.VERSION }} - release_name: Release ${{ env.VERSION }} - draft: false - prerelease: false + name: Release ${{ env.VERSION }}