From c5fd4365b40047b117f97b2c0f6bb06733426a25 Mon Sep 17 00:00:00 2001
From: tom-ridsdale <thomas.ridsdale@typeform.com>
Date: Thu, 11 Dec 2025 14:11:46 +0000
Subject: [PATCH] feat(TU-33149): Write the actual secret value into the file

---
 .github/workflows/release.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 973ed913..5787a1de 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -46,7 +46,7 @@ jobs:
       # Configure registry for GitHub Packages using local .npmrc to avoid npm global config corruption
       - run: rm ./.npmrc
       - run: |
-          cat > .npmrc << 'EOF'
+          cat > .npmrc << EOF
           //npm.pkg.github.com/:_authToken=${GH_TOKEN}
           @typeform:registry=https://npm.pkg.github.com/
           EOF
@@ -56,7 +56,7 @@ jobs:
       - run: git checkout HEAD -- package.json # do not save jarvis dependency to package.json because it is private (the file is committed by semantic-release to bump version)
       # Create clean .npmrc with just auth token
       - run: |
-          cat > .npmrc << 'EOF'
+          cat > .npmrc << EOF
           //npm.pkg.github.com/:_authToken=${GH_TOKEN}
           EOF
         env: