From f448dc42380a0188287d838d06c4f2fad9c8e905 Mon Sep 17 00:00:00 2001 From: Liu Liu Date: Wed, 14 Jan 2026 11:57:54 -0800 Subject: [PATCH 1/2] id-token, remove npm token --- .github/workflows/publish.yml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index dd1cd1d..a311c8a 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -2,6 +2,7 @@ name: Publish permissions: contents: read packages: write + id-token: write # Required for OIDC on: release: @@ -12,7 +13,7 @@ jobs: runs-on: ubuntu-22.04 steps: - uses: actions/checkout@v3 - - uses: actions/setup-node@v3 + - uses: actions/setup-node@v4 with: node-version: 20 registry-url: https://registry.npmjs.org/ @@ -22,6 +23,4 @@ jobs: - run: npm version ${TAG_NAME} --git-tag-version=false env: TAG_NAME: ${{ github.event.release.tag_name }} - - run: npm whoami; npm --ignore-scripts publish - env: - NODE_AUTH_TOKEN: ${{secrets.npm_token}} + - run: npm --ignore-scripts publish From 4a7a45ef6aa3fa12c85ce12d7bc1fa45ab747fe1 Mon Sep 17 00:00:00 2001 From: Liu Liu Date: Wed, 14 Jan 2026 14:53:30 -0800 Subject: [PATCH 2/2] add workflow_dispatch trigger --- .github/workflows/publish.yml | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index a311c8a..a2f5879 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -7,6 +7,12 @@ permissions: on: release: types: [created] + workflow_dispatch: + inputs: + version: + description: 'Version to publish (e.g., v1.2.3)' + required: true + type: string jobs: publish-npm: @@ -22,5 +28,5 @@ jobs: - run: npm test - run: npm version ${TAG_NAME} --git-tag-version=false env: - TAG_NAME: ${{ github.event.release.tag_name }} + TAG_NAME: ${{ github.event.release.tag_name || github.event.inputs.version }} - run: npm --ignore-scripts publish