mirror of
https://github.com/shivammathur/setup-php.git
synced 2026-03-16 22:03:18 +07:00
Fix permission for OIDC tokens in publish.yml for trusted publishing [skip ci]
This commit is contained in:
Shivam Mathur
5
.github/workflows/publish.yml
vendored
5
.github/workflows/publish.yml
vendored
@@ -16,6 +16,7 @@ jobs:
|
||||
permissions:
|
||||
contents: read
|
||||
packages: write
|
||||
id-token: write
|
||||
steps:
|
||||
- name: Checkout release
|
||||
if: github.event_name != 'workflow_dispatch'
|
||||
@@ -30,7 +31,7 @@ jobs:
|
||||
- name: Setup Node.js
|
||||
uses: actions/setup-node@v6
|
||||
with:
|
||||
node-version: '20.x'
|
||||
node-version: '24.x'
|
||||
registry-url: https://registry.npmjs.org
|
||||
|
||||
- name: Install dependencies and add lib
|
||||
@@ -42,8 +43,6 @@ jobs:
|
||||
- name: Publish to NPM
|
||||
if: "!contains(github.event.inputs.skip, 'skip-npm')"
|
||||
run: npm publish --access public
|
||||
env:
|
||||
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
|
||||
|
||||
- name: Change to GitHub Packages registry
|
||||
uses: actions/setup-node@v6
|
||||
|
||||
Reference in New Issue
Block a user