ci: fix publish verification

[anand-testcompare]

Fix Publish Package workflow flake:

• Parse npm _npmUser whether it is an object or a string (GitHub Actions OIDC publishes return a string).
• Make CI publish reruns idempotent by skipping npm publish if the computed version already exists.

This unblocks the Verify published version step that was failing with _npmUser.*=''.

Summary by CodeRabbit

• Improvements
  • Strengthened npm publisher identity verification and validation during the package publishing workflow to ensure more secure and reliable deployments.
  • Implemented pre-publication checks that prevent publishing if a package version already exists on npm, reducing the risk of accidental republishing and improving overall publishing reliability.

[coderabbitai]

Walkthrough

These changes enhance the npm publishing workflow by: (1) robustly parsing npm registry JSON data to handle flexible _npmUser field formats for OIDC provenance verification, and (2) implementing a pre-publish existence check to prevent republishing already-published package versions.

Changes

Cohort / File(s)	Summary
Publishing Workflow Enhancement .github/workflows/publish.yml, .mise/tasks/publish	Added pre-publish existence check via npm view to prevent republishing. Enhanced JSON parsing for _npmUser field to handle both object and string formats, including "Name " patterns. Extended email and name extraction logic. Improved error messaging with raw npm user data output when OIDC verification fails.

Possibly related PRs

• chore: verify OIDC/provenance after publish #10 — Both PRs modify npm view verification and OIDC provenance logic in the publish workflow.

Poem

🐰 With whiskers twitching, checks run deep,
Before the package takes its leap!
OIDC verified, strings all parsed,
No doubles published—mission starred! ✨

🚥 Pre-merge checks | ✅ 2

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'ci: fix publish verification' is directly related to the PR's main objective of fixing the publish verification step in the CI workflow.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix/publish-oidc-verification

---

No actionable comments were generated in the recent review. 🎉

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}