Skip to content

Fix GitHub Actions publish workflow to support OIDC authentication#62

Merged
jfrench9 merged 1 commit intomainfrom
bugfix/fix-oidc-npm
Feb 2, 2026
Merged

Fix GitHub Actions publish workflow to support OIDC authentication#62
jfrench9 merged 1 commit intomainfrom
bugfix/fix-oidc-npm

Conversation

@jfrench9
Copy link
Member

@jfrench9 jfrench9 commented Feb 2, 2026

Summary

This PR enhances the GitHub Actions publish workflow by adding support for OpenID Connect (OIDC) authentication, addressing issues with the current npm publishing process.

Changes Made

  • Modified .github/workflows/publish.yml to include OIDC configuration
  • Added 8 lines of configuration to enable secure token-based authentication
  • Improved the CI/CD pipeline reliability for package publishing

Key Improvements

  • Enhanced Security: Eliminates the need for long-lived npm tokens by using OIDC for authentication
  • Improved Reliability: Reduces potential authentication failures during the publish process
  • Better DevOps Practices: Aligns with modern CI/CD security standards

Breaking Changes

None. This change only affects the CI/CD pipeline and does not impact the application code or user-facing functionality.

Testing Notes for Reviewers

  • ✅ Verify the OIDC configuration syntax is correct
  • ✅ Ensure all required permissions and secrets are properly configured
  • ✅ Check that the workflow maintains compatibility with existing publish steps
  • ✅ Test the publish workflow in a safe environment if possible

Browser Compatibility

No impact on browser compatibility as this change only affects the build/publish pipeline infrastructure.

Additional Notes

This is a DevOps infrastructure improvement that enhances the security and reliability of our package publishing process without affecting end users or the application runtime.

🤖 Generated with Claude Code

Branch Info:

  • Source: bugfix/fix-oidc-npm
  • Target: main
  • Type: bugfix

Co-Authored-By: Claude noreply@anthropic.com

@jfrench9
Enhance GitHub Actions publish workflow for OIDC support
bd3597d 
- Added environment variable `NODE_AUTH_TOKEN` to clear default token for OIDC usage.
- Upgraded npm to version 11 to support OIDC features during the publish process.
- Improved workflow flexibility and security by leveraging token-based authentication.

This change is part of ongoing improvements to the publishing process, ensuring better integration with modern authentication methods.
@jfrench9 jfrench9 merged commit f9b45a3 into main Feb 2, 2026
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jfrench9