Commit e6aa2cf
ci(release): upgrade npm to >=11.5.1 for OIDC Trusted Publishing
The tag-triggered publish of v3.0.0-alpha.2 failed with E404: Node 20 ships
npm 10.8.2, which can sign provenance via OIDC but cannot AUTHENTICATE the
publish through a Trusted Publisher (that landed in npm 11.5.1). The npm
package's trusted-publisher config was correct; the CI npm was just too old.
Add an `npm install -g npm@latest` step after setup-node so `npm publish`
can use the OIDC token for registry auth.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>1 parent 91b0676 commit e6aa2cf
1 file changed
Lines changed: 6 additions & 0 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
32 | 32 | | |
33 | 33 | | |
34 | 34 | | |
| 35 | + | |
| 36 | + | |
| 37 | + | |
| 38 | + | |
| 39 | + | |
| 40 | + | |
35 | 41 | | |
36 | 42 | | |
37 | 43 | | |
| |||
0 commit comments