Skip to content

Commit 02a4f5b

Browse files
ci: use tokenless npm trusted publishing
1 parent f6f725b commit 02a4f5b

1 file changed

Lines changed: 12 additions & 1 deletion

File tree

.github/workflows/release.yml

Lines changed: 12 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,9 @@ jobs:
2626
uses: actions/setup-node@v4
2727
with:
2828
node-version: 22.x
29-
registry-url: https://registry.npmjs.org
29+
30+
- name: Use current npm for trusted publishing
31+
run: npm install -g npm@latest
3032

3133
- name: Enable Corepack
3234
run: corepack enable
@@ -71,5 +73,14 @@ jobs:
7173
- name: Audit production dependencies
7274
run: pnpm security:audit
7375

76+
- name: Ensure tokenless publishing
77+
run: |
78+
set -euo pipefail
79+
if [ -n "${NODE_AUTH_TOKEN:-}" ]; then
80+
echo "NODE_AUTH_TOKEN must not be set for npm trusted publishing."
81+
exit 1
82+
fi
83+
npm --version
84+
7485
- name: Publish to npm
7586
run: npm publish ./dist/ngbootstrap --access public --provenance

0 commit comments

Comments
 (0)