chore(provenance): drop publish-without-sfw + bump socket-registry to d638c11f

Upstream socket-registry removed the publish-without-sfw escape hatch
(the shim disable/restore dance is no longer needed post-bypass).

Author: jdalton

.github/workflows/provenance.yml

@@ -16,11 +16,6 @@ on:
         options:
           - '0'
           - '1'
-      publish-without-sfw:
-        description: 'Publish directly to npm, bypassing Socket firewall shims'
-        required: false
-        default: false
-        type: boolean
 
 permissions: {}
 
@@ -30,13 +25,12 @@ jobs:
     permissions:
       contents: write # To create GitHub releases
       id-token: write # For npm trusted publishing via OIDC
-    uses: SocketDev/socket-registry/.github/workflows/provenance.yml@a5923566cd8bcf70aefa1eefacf21f96e328be45 # main
+    uses: SocketDev/socket-registry/.github/workflows/provenance.yml@d638c11f4bc7ac637e0f61f05729a54d68af40e0 # main
     with:
       debug: ${{ inputs.debug }}
       dist-tag: ${{ inputs.dist-tag }}
       package-name: '@socketsecurity/sdk'
       publish-script: 'publish:ci'
-      publish-without-sfw: ${{ inputs.publish-without-sfw }}
       setup-script: 'ci:validate'
       use-trusted-publishing: true
     secrets: