From 82122705fa0034ddc7ff9bca3a9b32aa384f8e61 Mon Sep 17 00:00:00 2001 From: Rostislav Simonik Date: Sun, 15 Mar 2026 11:29:23 +0100 Subject: [PATCH 1/2] chore: comment out NPM token --- .github/workflows/_release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/_release.yml b/.github/workflows/_release.yml index 9b9a29c..3a51880 100644 --- a/.github/workflows/_release.yml +++ b/.github/workflows/_release.yml @@ -58,7 +58,7 @@ jobs: - run: yarn semantic-release env: GITHUB_TOKEN: ${{ steps.get-token.outputs.token }} - NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + # NPM_TOKEN: ${{ secrets.NPM_TOKEN }} SLACK_WEBHOOK: ${{ secrets.SEMANTIC_RELEASE_SLACK_WEBHOOK }} - uses: technology-studio/github-workflows/.github/actions/save-dependencies@main with: From 0fbfed5834f71970401cbaa221f612307e750900 Mon Sep 17 00:00:00 2001 From: Rostislav Simonik Date: Sun, 15 Mar 2026 13:02:03 +0100 Subject: [PATCH 2/2] chore: add required permissions for release reusable workflow --- .github/workflows/_release.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/_release.yml b/.github/workflows/_release.yml index 3a51880..17c6f1f 100644 --- a/.github/workflows/_release.yml +++ b/.github/workflows/_release.yml @@ -9,13 +9,15 @@ on: secrets: SEMANTIC_RELEASE_SLACK_WEBHOOK: required: true - NPM_TOKEN: - required: true TXO_GITHUB_BOT_APP_ID: required: true TXO_GITHUB_BOT_APP_PRIVATE_KEY: required: true +permissions: + id-token: write + contents: write + jobs: release: name: "/" @@ -58,7 +60,6 @@ jobs: - run: yarn semantic-release env: GITHUB_TOKEN: ${{ steps.get-token.outputs.token }} - # NPM_TOKEN: ${{ secrets.NPM_TOKEN }} SLACK_WEBHOOK: ${{ secrets.SEMANTIC_RELEASE_SLACK_WEBHOOK }} - uses: technology-studio/github-workflows/.github/actions/save-dependencies@main with: