Skip to content

fix: simplify release to workflow_dispatch (no bot commits) #48

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
Wenxin Jiang (Wenxin-Jiang) merged 4 commits into from
Apr 2, 2026
Merged

fix: simplify release to workflow_dispatch (no bot commits) #48

Changes from 1 commit
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
b53aa0c
fix: simplify release to workflow_dispatch (no bot commits needed)
Wenxin-Jiang Apr 1, 2026
98e404f
fix: remove NPM_TOKEN, use OIDC trusted publishing like socket-cli
Wenxin-Jiang Apr 1, 2026
bcbd063
fix: restore NPM_TOKEN with environment for new package publishing
Wenxin-Jiang Apr 1, 2026
d0c042b
fix: use pure OIDC trusted publishing, matching socket-cli/socket-mcp
Wenxin-Jiang Apr 1, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
fix: remove NPM_TOKEN, use OIDC trusted publishing like socket-cli 
The original ENEEDAUTH failure was caused by missing registry-url in
setup-node, not missing NPM_TOKEN. With registry-url set, OIDC
trusted publishing works for both existing and new packages.

Also fixes zizmor secrets-outside-env warnings.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
  • Loading branch information
@Wenxin-Jiang @claude
Wenxin-Jiang and claude committed Apr 1, 2026
commit 98e404f2ae19d56178f73caec8db735dc3c26a55
4 changes: 0 additions & 4 deletions .github/workflows/release.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -291,8 +291,6 @@ jobs:
stage_win socket-patch-aarch64-pc-windows-msvc npm/socket-patch-win32-arm64

- name: Publish platform packages
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
run: |
for pkg_dir in npm/socket-patch-*/; do
echo "Publishing ${pkg_dir}..."
Expand All @@ -306,8 +304,6 @@ jobs:
run: cp README.md npm/socket-patch/README.md

- name: Publish main package
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
run: npm publish ./npm/socket-patch --provenance --access public

pypi-publish:
Expand Down
Loading