From fac4493c9a930d1e739c6f349c19709d948ea582 Mon Sep 17 00:00:00 2001
From: Daniel Barion <danielbarionn@gmail.com>
Date: Mon, 6 Apr 2026 12:52:12 -0300
Subject: [PATCH] fix: npm publish worklow updated to use id-token instead of
 npm token

---
 .github/workflows/beta-release.yaml | 15 +++++----------
 1 file changed, 5 insertions(+), 10 deletions(-)

diff --git a/.github/workflows/beta-release.yaml b/.github/workflows/beta-release.yaml
index 33df04da..4dab14ff 100644
--- a/.github/workflows/beta-release.yaml
+++ b/.github/workflows/beta-release.yaml
@@ -6,25 +6,22 @@ on:
 jobs:
   beta_release:
     runs-on: ubuntu-latest
-    env:
-      NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
-      NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+    permissions:
+      contents: read
+      id-token: write
     steps:
       - uses: actions/checkout@v4
         with:
           ref: ${{ github.head_ref }}
       - uses: actions/setup-node@v4
         with:
-          node-version: '16.x'
+          node-version: '20.x'
           registry-url: 'https://registry.npmjs.org'
           cache: 'yarn'
 
       - name: Install dev dependencies
         run: yarn install
 
-      - name: Setup npm credentials file
-        run: echo "//registry.npmjs.org/:_authToken=$NODE_AUTH_TOKEN" >> .npmrc
-
       - name: Setup git credentials
         run: |
           git config --global user.name 'Auto Release Bot'
@@ -39,9 +36,7 @@ jobs:
           GITHUB_PR_NUMBER: ${{ github.event.pull_request.number }}
 
       - name: Release a new beta version
-        run: npm publish --tag beta
-        env:
-          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
+        run: npm publish --tag beta --provenance --access public
 
       - uses: actions/github-script@v6
         with: