From f0bad51c24aaed65cc197a55ac0a3ca41cd583a1 Mon Sep 17 00:00:00 2001 From: Jon Rohan Date: Wed, 5 Nov 2025 20:04:33 +0000 Subject: [PATCH 1/2] Update release workflow for npm token changes --- .github/workflows/release.yml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 41627724..cca314ba 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -18,16 +18,16 @@ jobs: persist-credentials: false - name: Set up Node.js - uses: actions/setup-node@v3 + uses: actions/setup-node@v6 with: - node-version: 14.x + node-version: 24 - name: Install dependencies run: yarn - name: Create release pull request or publish to npm id: changesets - uses: changesets/action@master + uses: changesets/action@v1 with: title: Release Tracking # This expects you to have a script called release which does a build for your packages and calls changeset publish @@ -35,4 +35,3 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GPR_AUTH_TOKEN_SHARED }} VSCE_PAT: ${{ secrets.VSCE_PUBLISHER_TOKEN }} - NPM_TOKEN: ${{ secrets.NPM_AUTH_TOKEN_SHARED }} From c2e0b259b69386ce80c7ea6446249ea9f8feb728 Mon Sep 17 00:00:00 2001 From: Jon Rohan Date: Wed, 5 Nov 2025 20:06:45 +0000 Subject: [PATCH 2/2] Add permissions --- .github/workflows/release.yml | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index cca314ba..646ba65b 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -3,6 +3,17 @@ on: push: branches: - 'main' + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +permissions: + id-token: write # Required for OIDC + contents: read + checks: write + statuses: write + jobs: release: name: Final