Merge pull request #168 from linearis-oss/fix/release-npm-publish-environment

fix(ci): use npm-publish environment in release job

Author: iamfj

.github/workflows/release-check.yml

@@ -19,6 +19,7 @@ concurrency:
 jobs:
   release:
     runs-on: ubuntu-latest
+    environment: npm-publish
     steps:
       - name: Guard workflow_dispatch caller permissions
         if: ${{ github.event_name == 'workflow_dispatch' }}
@@ -122,6 +123,16 @@ jobs:
       - name: Type check
         run: npx tsc --noEmit
 
+      - name: Verify npm auth
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+        run: |
+          test -n "${NODE_AUTH_TOKEN}" || {
+            echo "NPM_TOKEN missing (check job environment + secret scope)"
+            exit 1
+          }
+          npm whoami --registry=https://registry.npmjs.org/
+
       - name: Run semantic-release
         env:
           GH_TOKEN: ${{ steps.app-token.outputs.token }}