✅ Deploy Preview for echoes-react ready!

Name	Link
🔨 Latest commit	18bdf98
🔍 Latest deploy log	https://app.netlify.com/projects/echoes-react/deploys/69d7707598e0d40008ad9333
😎 Deploy Preview	https://deploy-preview-666--echoes-react.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

BUILD-10954

Summary

This PR enables OIDC-based npm publishing in the release workflow by adding two configuration parameters to the shared workflow call:

• useNpmTrustedPublisher: true — activates npm Trusted Publisher authentication (short-lived OIDC tokens instead of persistent credentials)
• githubEnvironment: release — specifies the GitHub Environment that enforces deployment restrictions

This is a pure configuration change with no workflow logic or permission modifications. The id-token: write permission required for OIDC is already present.

What reviewers should know

What to verify:

• The two new parameters are passed to the correct shared workflow call
• The id-token: write permission (visible in the diff context) is already available — this is required for OIDC token generation

Prerequisites (per author):

• npm Trusted Publisher is already configured on npmjs.org
• GitHub Environment release already exists and is restricted to tags matching the release pattern

No logic changes here — this is purely enabling an already-configured authentication mechanism. If you're unfamiliar with npm Trusted Publishers, they're GitHub's replacement for permanent npm tokens: GitHub issues short-lived OIDC tokens at release time, eliminating the need to store long-term credentials.

• Generate Walkthrough
• Generate Diagram

🗣️ Give feedback

Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
0 Dependency risks
No data about Coverage
No data about Duplication

See analysis details on SonarQube