From 839cc2473bb6cd9bcdd6f1f038448d6cb31881f0 Mon Sep 17 00:00:00 2001
From: Fleny <Fleny113@outlook.com>
Date: Thu, 18 Dec 2025 09:14:37 +0100
Subject: [PATCH] ci: Use trusted publishing for npm packages (#4644)

---
 .github/workflows/release.yml | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 8193220b1..4096dd046 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -39,8 +39,10 @@ jobs:
       - run: yarn pack
         working-directory: packages/${{ matrix.package }}
 
+      # We use Trusted Publishing, however this requires npm 11.5.1 or higher
+      - name: Update npm
+        run: npm install -g npm@11.7.0
+
       # If the action is running from a release, if prerelease use beta tag else use latest tag, otherwise use the next tag
       - run: npm publish package.tgz --tag ${{ github.event_name == 'release' && github.event.action == 'published' && (github.event.release.prerelease && 'beta' || 'latest') || 'next' }} --access public --provenance
         working-directory: packages/${{ matrix.package }}
-        env:
-          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}