File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change 8080 with :
8181 node-version : 24
8282 registry-url : https://registry.npmjs.org
83+ package-manager-cache : false
8384 - run : npm install -g npm@latest
8485 - run : bun install --frozen-lockfile
8586 working-directory : bindings/wasm
8990 working-directory : bindings/wasm
9091 - run : npm publish ./pkg --access public
9192 working-directory : bindings/wasm
92- env :
93- NODE_AUTH_TOKEN : ${{ secrets.NPM_TOKEN }}
94- NPM_CONFIG_PROVENANCE : " true"
9593
9694 python-build :
9795 name : Build Python wheels
Original file line number Diff line number Diff line change @@ -56,15 +56,15 @@ Releases are driven by Git tags like `v0.2.0`.
5656
5757Before the first automated release:
5858
59- - Configure npm publishing for ` @ameyanagi/chemical-formula ` .
59+ - Configure npm trusted publishing for ` @ameyanagi/chemical-formula ` .
6060 - Workflow: ` release.yml `
6161 - Environment: ` npm `
62- - Secret : ` NPM_TOKEN `
62+ - Allowed action : ` npm publish `
6363- Configure PyPI trusted publishing for ` chemical-formula-rs ` .
6464 - Workflow: ` release.yml `
6565 - Environment: ` pypi `
6666
67- The release workflow publishes npm with provenance and an ` NPM_TOKEN ` environment secret. PyPI publishing uses OIDC trusted publishing .
67+ The release workflow publishes npm and PyPI through OIDC trusted publishing. It does not require long-lived registry tokens .
6868
6969## Public Binding API
7070
You can’t perform that action at this time.
0 commit comments