From 23ce159e984c10e1e71317f410616860deca4830 Mon Sep 17 00:00:00 2001
From: 0xtxbi <techiejossy@gmail.com>
Date: Wed, 18 Feb 2026 13:54:16 +0100
Subject: [PATCH] migrate to trusted publishers flow

---
 .github/workflows/release.yml | 17 ++++++-----------
 .npmrc                        |  1 -
 2 files changed, 6 insertions(+), 12 deletions(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index a3e2c98a2..21ca3bfc5 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -15,17 +15,20 @@ jobs:
       contents: write
       pull-requests: write
       packages: write
+      id-token: write
     env:
       GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-      NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
     steps:
       - name: Checkout Repo
         uses: actions/checkout@v3
 
-      - name: Setup Node.js 20.x
+      - name: Setup Node.js 22.14.0
         uses: actions/setup-node@v3
         with:
-          node-version: 20.x
+          node-version: 22.14.0
+
+      - name: Setup npm for trusted publishing
+        run: sudo npm i -g npm@^11.5.1
 
       - name: Setup pnpm
         run: sudo npm i -g pnpm@10.4.1
@@ -33,12 +36,6 @@ jobs:
       - name: Install Dependencies
         run: pnpm install
 
-      - name: Creating .npmrc
-        run: |
-              cat << EOF > "$HOME/.npmrc"
-              //registry.npmjs.org/:_authToken=$NPM_TOKEN
-              EOF
-
       - name: Get Open PRs Created by Bots
         id: get_bot_prs
         run: |
@@ -96,5 +93,3 @@ jobs:
           commitMode: github-api
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
-
diff --git a/.npmrc b/.npmrc
index db5887955..8ed12fdb3 100644
--- a/.npmrc
+++ b/.npmrc
@@ -1,3 +1,2 @@
 registry=https://registry.npmjs.org
-https://registry.npmjs.org/:_authToken=${NPM_TOKEN}
 auto-install-peers = true
\ No newline at end of file