orbio-api · Gabrielgvl · Feb 24, 2026 · Feb 21, 2026 · Feb 24, 2026 · Feb 24, 2026
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
@@ -27,7 +27,7 @@ jobs:
       - name: Setup Node.js
         uses: actions/setup-node@v4
         with:
-          node-version: 20
+          node-version: 24
           registry-url: "https://registry.npmjs.org"
           cache: pnpm
           cache-dependency-path: pnpm-lock.yaml
@@ -61,5 +61,3 @@ jobs:
       - name: Publish package
         working-directory: orbio-openclaw-plugin
         run: pnpm publish --access public --no-git-checks --provenance --tag "${{ inputs.dist_tag }}"
-        env:
-          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
diff --git a/RELEASING.md b/RELEASING.md
@@ -4,7 +4,7 @@
 
 - `pnpm` 10+
 - npm publish access for `@orbio` scope
-- `NPM_TOKEN` set for GitHub Actions publishing
+- npm Trusted Publisher configured for `orbio-api/orbio-openclaw` on workflow `publish.yml`
 
 ## Manual local release
 
@@ -28,7 +28,7 @@ pnpm publish --access public --no-git-checks --provenance
 
 1. Go to Actions -> `Publish npm package`.
 2. Choose the npm dist-tag (`latest`, `next`, etc.).
-3. Workflow validates version sync, builds, and publishes to npm.
+3. Workflow uses OIDC trusted publishing (no `NPM_TOKEN` secret), validates version sync, builds, and publishes to npm.
 
 ## Post-release