fix(ci): remove NODE_AUTH_TOKEN for trusted publishing

jheddings · claude · jheddings · commit 2aba99667031 · 2026-04-17T15:23:19.000-06:00
OIDC-based trusted publishing handles auth via id-token permission;
the empty NODE_AUTH_TOKEN env var was overriding it and causing ENEEDAUTH.

Co-Authored-By: Claude Opus 4.6 (1M context) &lt;noreply@anthropic.com&gt;
diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml
@@ -36,5 +36,3 @@ jobs:
 
       - name: Publish to npm
         run: npm publish --provenance --access public
-        env:
-          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
