Skip to content

Commit cb614d8

Browse files
committed
Clear NODE_AUTH_TOKEN for npm publish steps
Explicitly set the `NODE_AUTH_TOKEN` environment variable to an empty string during `npm publish` in both production and RC release workflows. This prevents `npm` from attempting to use any inherited or implicitly available authentication tokens, ensuring consistent and predictable publishing of public packages.
1 parent 169be50 commit cb614d8

2 files changed

Lines changed: 3 additions & 0 deletions

File tree

.github/workflows/production-release.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -175,6 +175,7 @@ jobs:
175175
if: needs.validate-release.outputs.is_dry_run != 'true'
176176
env:
177177
VERSION: ${{ needs.validate-release.outputs.version }}
178+
NODE_AUTH_TOKEN: ''
178179
run: |
179180
echo "Publishing version $VERSION to npm..."
180181
npm publish

.github/workflows/rc-release.yml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -482,6 +482,8 @@ jobs:
482482
483483
- name: Publish RC to npm
484484
if: ${{ needs.validate-release.outputs.is_dry_run != 'true' }}
485+
env:
486+
NODE_AUTH_TOKEN: ''
485487
run: npm publish --tag rc
486488

487489
# ===========================================================================

0 commit comments

Comments
 (0)