Enhancement Request
NPM tokens now expire after 90 days and an expired token blocked the most recent release. We should move the project to Trusted Publishing (uses an OIDC login instead and automates the inclusion of provenance). This will require updates to the release workflow - however, FINOS tell us that any necessary setup on their end has already been done.
The token has just been renewed and will be good until early July, we should migrate the project before it expires again.
Additional Information
See: https://docs.npmjs.com/trusted-publishers
Enhancement Request
NPM tokens now expire after 90 days and an expired token blocked the most recent release. We should move the project to Trusted Publishing (uses an OIDC login instead and automates the inclusion of provenance). This will require updates to the release workflow - however, FINOS tell us that any necessary setup on their end has already been done.
The token has just been renewed and will be good until early July, we should migrate the project before it expires again.
Additional Information
See: https://docs.npmjs.com/trusted-publishers