fix: resolve OIDC publish failure in release CI

[kimyouknow]

Summary

• npm 10 (Node 22 default) does not support OIDC handshake, causing E404 + "Access token expired" error when publishing @react-simplikit/mobile@0.0.1 (npm/cli#8678)
• changesets/action's publish option overwrites .npmrc, destroying setup-node's OIDC auth configuration (changesets/action#515)
• react-simplikit@0.0.47 version bump was lost during project restructuring, leaving a stale CHANGELOG entry

Changes

1. .github/workflows/release.yml — Fix OIDC publish

• Add npm install -g npm@latest step (npm 10 → 11.x for OIDC support)
• Remove publish from changesets/action to prevent .npmrc override
• Add separate "Publish to npm" step with NPM_CONFIG_PROVENANCE: true

2. packages/core/CHANGELOG.md — Remove stale 0.0.47 entry

• Will be regenerated by changeset flow in the Version PR

3. .changeset/deprecate-browser-hooks.md — Add changeset

• Patch changeset for browser-specific hooks deprecation (PR refactor: next step #302)
• On merge, triggers Version PR (0.0.46 → 0.0.47) → merge → OIDC publish

Expected release flow

This PR merge → release.yml triggers
  → npm 11.x installed
  → changesets/action detects changeset → creates Version PR
     (react-simplikit: 0.0.46 → 0.0.47)

Version PR merge → release.yml triggers
  → changesets/action: hasChangesets=false
  → Publish to npm (OIDC auth)
     - react-simplikit@0.0.47
     - @react-simplikit/mobile@0.0.1

Test plan

• yarn changeset status — react-simplikit patch pending confirmed
• YAML syntax validation passed
• yarn build — core + mobile build success
• CI: npm install -g npm@latest installs npm 11.x
• Version PR auto-created after merge
• OIDC publish succeeds after Version PR merge

[github-actions]

Size Change: 0 B 🆕

Total Size: 0 B

_{compressed-size-action}