Skip to content

Commit e5387c2

Browse files
committed
ci: drop NODE_AUTH_TOKEN from npm publish workflow
The previous publish run 404'd because `NPM_TOKEN` no longer has publish permission for `react-native-square-in-app-payments`. Switch the workflow to rely on npm trusted publishing (OIDC) via the `id-token: write` permission already granted to the job, and bump the runner's npm CLI to latest so it supports the current trusted-publisher flow.
1 parent 0eb3dbc commit e5387c2

1 file changed

Lines changed: 2 additions & 3 deletions

File tree

.github/workflows/npm-publish-github-packages.yml

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -34,8 +34,7 @@ jobs:
3434
- name: Build package tarball with Yarn
3535
run: yarn pack --out package.tgz
3636

37+
- run: npm install -g npm@latest
3738
# Still use npm to publish the already-generated tarball
3839
- name: Publish to npm
39-
run: npm publish package.tgz --provenance --access public
40-
env:
41-
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
40+
run: npm publish package.tgz --provenance --access public

0 commit comments

Comments
 (0)