Upgrade npm to latest for OIDC trusted publishing#6
Conversation
Node 22.x ships with npm 10.x; npm's auto-OIDC trusted publishing flow requires npm >= 11.5. Add 'npm install -g npm@latest' before npm ci so the runner has a recent enough npm to perform the OIDC token exchange.
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: c64b5a93a6
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| with: | ||
| node-version: 22.x | ||
| cache: npm | ||
| - run: npm install -g npm@latest |
There was a problem hiding this comment.
Installing npm@latest makes release behavior non-deterministic and can break tag publishes as soon as npm ships a new major with changed defaults or Node engine requirements; this job runs on every v* tag, so a future npm release can fail publishing without any repo change. npm’s trusted publishing docs only require a minimum npm version (>=11.5.1), so pinning to a known-compatible major/minor (instead of latest) avoids unexpected CI regressions.
Useful? React with 👍 / 👎.
1 participant
Node 22 ships npm 10.x; OIDC trusted publishing needs npm >= 11.5. Bump 0.1.4.