Skip to content

brand release.yml: migrate npm publish to OIDC (token auth 404s, every release fails CI) #22

Description

@drewstone

brand's release.yml publishes with token auth (NODE_AUTH_TOKEN/NPM_TOKEN), which 404s on the @tangle-network scope (E404 PUT https://registry.npmjs.org/@tangle-network%2fbrand) — confirmed when 0.4.0 + ui 3.0.0 failed at the publish step and had to be recovered with a local changeset publish as drewstone.

sandbox-ui already solved this: its release.yml strips the token and uses OIDC trusted publishing (its own comment notes 'our scoped tokens 404 on this package'). brand + ui need the same migration, else every future brand/ui release fails CI and needs manual recovery.

Fix: mirror sandbox-ui's OIDC publish job (id-token: write permission, no NODE_AUTH_TOKEN, npm trusted publisher configured for the scope).

🤖 Generated with Claude Code

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions