From 098b274fc909868b499c89feffecda8952315665 Mon Sep 17 00:00:00 2001
From: Kuba Adamczyk <jakub.adamczyk@phantom.app>
Date: Mon, 26 Jan 2026 13:50:18 +0100
Subject: [PATCH] set NPM_TOKEN

# Conflicts:
#	.github/workflows/release.yml
---
 .github/workflows/release.yml | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index c416c425d..ed00e5d47 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -40,15 +40,17 @@ jobs:
       - name: Install Dependencies
         run: yarn
 
-      - name: Create Release Pull Request
+      - name: Create Release Pull Request or Publish to npm
         id: changesets
         uses: changesets/action@e0145edc7d9d8679003495b11f87bd8ef63c0cba
         with:
+          # This expects you to have a script called release which does a build for your packages and calls changeset publish
           version: yarn changeset version
+          publish: yarn release
           commitMode: github-api
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Publish to npm (OIDC Trusted Publishing)
-        if: steps.changesets.outputs.hasChangesets == 'false'
-        run: yarn release
+          # we use trusted publishing and setup-node will set these incorrectly. Unset if we ever use RO_TOKEN
+          NODE_AUTH_TOKEN: ""
+          NPM_TOKEN: ""
+          NPM_CONFIG_PROVENANCE: true