Commit d508336
docs(release-secrets): document sqlrite-notes trusted publisher + Repository-field gotcha (SQLR-13) (#157)
The sqlrite-notes npm trusted publisher had its Repository field set to
the package's npmjs access-page URL instead of the bare repo name, so the
OIDC subject claim (repo:joaoh82/rust_sqlite:environment:release) never
matched the record and every publish-notes-example run failed with "OIDC
token exchange error - package not found". It only surfaced once #156
made the release idempotent and a re-dispatch finally attempted the
first-ever sqlrite-notes publish.
- §3c: mark the trusted publisher resolved (first shipped at 0.11.0) and
add a gotcha callout — set Repository to exactly `rust_sqlite`, no
owner prefix, no URL.
- §3b: strengthen the canonical Repository-field note to warn against
pasting a URL (not just the owner-prefixed form), pointing at §3c.
Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>1 parent f3d80eb commit d508336
1 file changed
Lines changed: 24 additions & 2 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
163 | 163 | | |
164 | 164 | | |
165 | 165 | | |
166 | | - | |
167 | | - | |
| 166 | + | |
| 167 | + | |
| 168 | + | |
| 169 | + | |
| 170 | + | |
| 171 | + | |
168 | 172 | | |
169 | 173 | | |
170 | 174 | | |
| |||
233 | 237 | | |
234 | 238 | | |
235 | 239 | | |
| 240 | + | |
| 241 | + | |
| 242 | + | |
| 243 | + | |
| 244 | + | |
| 245 | + | |
| 246 | + | |
| 247 | + | |
| 248 | + | |
| 249 | + | |
| 250 | + | |
| 251 | + | |
| 252 | + | |
| 253 | + | |
| 254 | + | |
| 255 | + | |
| 256 | + | |
| 257 | + | |
236 | 258 | | |
237 | 259 | | |
238 | 260 | | |
| |||
0 commit comments