Skip to content

Set up workflow permissions for trusted publishing#1644

Merged
kpfleming merged 1 commit into
mainfrom
kats/npmjs-trusted-publishing
Feb 2, 2026
Merged

Set up workflow permissions for trusted publishing#1644
kpfleming merged 1 commit into
mainfrom
kats/npmjs-trusted-publishing

Conversation

@harmony7
Copy link
Copy Markdown
Member

@harmony7 harmony7 commented Feb 2, 2026
edited
Loading

Change summary

This PR updates the publish_release.yml workflow file:

  1. enables the permission id-token: write for OpenID Connect (OIDC) authentication for use with Trusted Publishing with npmjs
  2. removes the auth token as it's no longer used when Trusted Publishing is used

All Submissions:

  • Have you followed the guidelines in our Contributing document?
  • Have you checked to ensure there aren't other open Pull Requests for the same update/change?

New Feature Submissions:

  • Does your submission pass tests?
    N/A

Changes to Core Features:

  • Have you written new tests for your core changes, as applicable?
  • Have you successfully run tests with your changes locally?
    N/A

User Impact

None

Are there any considerations that need to be addressed for release?

None

@harmony7 harmony7 self-assigned this Feb 2, 2026
@harmony7 harmony7 requested a review from a team as a code owner February 2, 2026 09:48
@harmony7 harmony7 requested a review from rcaril February 2, 2026 09:48
@harmony7 harmony7 force-pushed the kats/npmjs-trusted-publishing branch from 9dbdd95 to 87215c4 Compare February 2, 2026 10:10
@kpfleming kpfleming added the Skip-Changelog do not add a changelog entry for this change label Feb 2, 2026
@kpfleming kpfleming requested review from kpfleming and removed request for rcaril February 2, 2026 14:44
@kpfleming kpfleming merged commit a7ebdb3 into main Feb 2, 2026
20 of 21 checks passed
@kpfleming kpfleming deleted the kats/npmjs-trusted-publishing branch February 2, 2026 15:07
@harmony7 harmony7 mentioned this pull request Apr 11, 2026
Merged
3 tasks
anthony-gomez-fastly pushed a commit that referenced this pull request Apr 13, 2026
@harmony7
Restore permission for trusted publishing (#1724)
e90d690 
### Change summary

This PR restores a permission in the workflow that had been removed in
#1718 that is needed for publishing to NPM.

Publishing to NPM using trusted publishing requires `id-token: write` as
added in #1644.

### New Feature Submissions:

* [x] Does your submission pass tests?

### Changes to Core Features:

* [ ] Have you written new tests for your core changes, as applicable?
* [ ] Have you successfully run tests with your changes locally?

### Are there any considerations that need to be addressed for release?

A new point release (14.3.1) would be needed to get this version into
NPM.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kpfleming kpfleming kpfleming approved these changes

Assignees

@harmony7 harmony7

Labels

Skip-Changelog do not add a changelog entry for this change

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@harmony7 @kpfleming