diff --git a/.github/actions/npm-publish/action.yml b/.github/actions/npm-publish/action.yml index 45c87d19..fb1568df 100644 --- a/.github/actions/npm-publish/action.yml +++ b/.github/actions/npm-publish/action.yml @@ -3,8 +3,6 @@ name: Publish release to npm inputs: node-version: required: true - npm-token: - required: true version: required: true require-build: @@ -26,6 +24,10 @@ runs: cache: 'npm' registry-url: 'https://registry.npmjs.org' + - name: Update npm + shell: bash + run: npm install -g npm@11 + - name: Install dependencies shell: bash run: npm ci --include=dev @@ -46,7 +48,6 @@ runs: else TAG="latest" fi - npm publish --provenance --tag $TAG + npm publish --tag $TAG env: - NODE_AUTH_TOKEN: ${{ inputs.npm-token }} VERSION: ${{ inputs.version }} \ No newline at end of file diff --git a/.github/workflows/npm-release.yml b/.github/workflows/npm-release.yml index 0216c172..426fde0d 100644 --- a/.github/workflows/npm-release.yml +++ b/.github/workflows/npm-release.yml @@ -15,14 +15,15 @@ on: secrets: github-token: required: true - npm-token: - required: true jobs: release: if: github.event_name == 'workflow_dispatch' || (github.event_name == 'pull_request' && github.event.pull_request.merged && startsWith(github.event.pull_request.head.ref, 'release/')) runs-on: ubuntu-latest environment: release + permissions: + contents: write + id-token: write steps: # Checkout the code @@ -66,7 +67,6 @@ jobs: node-version: ${{ inputs.node-version }} require-build: ${{ inputs.require-build }} version: ${{ steps.get_version.outputs.version }} - npm-token: ${{ secrets.npm-token }} release-directory: ${{ inputs.release-directory }} # Create a release for the tag diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 95e2f53e..6637b51d 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -33,5 +33,4 @@ jobs: node-version: 18 require-build: true secrets: - npm-token: ${{ secrets.NPM_TOKEN }} github-token: ${{ secrets.GITHUB_TOKEN }}