From b4d5a79b29196a77dac59b72895618c4bf0d762d Mon Sep 17 00:00:00 2001 From: Jason Date: Fri, 27 Mar 2026 13:52:26 +0200 Subject: [PATCH 1/2] Fix trusted publishing: upgrade to Node 24 for npm 11.x OIDC support Node 22 ships with npm 10.x which doesn't support OIDC trusted publishing (requires npm >= 11.5.1). Also add registry-url to setup-node so npm knows which registry to authenticate against. --- .github/workflows/publish_to_npm.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/publish_to_npm.yaml b/.github/workflows/publish_to_npm.yaml index 93fdd6f..128b6b7 100644 --- a/.github/workflows/publish_to_npm.yaml +++ b/.github/workflows/publish_to_npm.yaml @@ -286,9 +286,10 @@ jobs: - name: Setup node uses: actions/setup-node@v4 with: - node-version: 22 + node-version: 24 check-latest: true cache: yarn + registry-url: 'https://registry.npmjs.org' - name: Install dependencies run: yarn install - name: Download all artifacts From e5c8f19153d3efe18e3c8ca8b28c2a972ee8d89d Mon Sep 17 00:00:00 2001 From: Jason Date: Fri, 27 Mar 2026 14:24:44 +0200 Subject: [PATCH 2/2] Add repository.url to all package.json files for provenance validation Trusted publishing auto-generates provenance attestations, which require repository.url to match the GitHub repo URL. --- npm/darwin-arm64/package.json | 8 ++++++-- npm/darwin-x64/package.json | 8 ++++++-- npm/linux-arm64-gnu/package.json | 8 ++++++-- npm/linux-x64-gnu/package.json | 8 ++++++-- npm/linux-x64-musl/package.json | 8 ++++++-- package.json | 4 ++++ 6 files changed, 34 insertions(+), 10 deletions(-) diff --git a/npm/darwin-arm64/package.json b/npm/darwin-arm64/package.json index 136849f..886fcc5 100644 --- a/npm/darwin-arm64/package.json +++ b/npm/darwin-arm64/package.json @@ -15,5 +15,9 @@ }, "os": [ "darwin" - ] -} \ No newline at end of file + ], + "repository": { + "type": "git", + "url": "https://github.com/enviodev/hypersync-client-node" + } +} diff --git a/npm/darwin-x64/package.json b/npm/darwin-x64/package.json index d0573b4..8dfcefd 100644 --- a/npm/darwin-x64/package.json +++ b/npm/darwin-x64/package.json @@ -15,5 +15,9 @@ }, "os": [ "darwin" - ] -} \ No newline at end of file + ], + "repository": { + "type": "git", + "url": "https://github.com/enviodev/hypersync-client-node" + } +} diff --git a/npm/linux-arm64-gnu/package.json b/npm/linux-arm64-gnu/package.json index 364c11f..89a9941 100644 --- a/npm/linux-arm64-gnu/package.json +++ b/npm/linux-arm64-gnu/package.json @@ -18,5 +18,9 @@ ], "libc": [ "glibc" - ] -} \ No newline at end of file + ], + "repository": { + "type": "git", + "url": "https://github.com/enviodev/hypersync-client-node" + } +} diff --git a/npm/linux-x64-gnu/package.json b/npm/linux-x64-gnu/package.json index e9aaa87..7bbef3d 100644 --- a/npm/linux-x64-gnu/package.json +++ b/npm/linux-x64-gnu/package.json @@ -18,5 +18,9 @@ ], "libc": [ "glibc" - ] -} \ No newline at end of file + ], + "repository": { + "type": "git", + "url": "https://github.com/enviodev/hypersync-client-node" + } +} diff --git a/npm/linux-x64-musl/package.json b/npm/linux-x64-musl/package.json index e3d5e2b..e5b6c8f 100644 --- a/npm/linux-x64-musl/package.json +++ b/npm/linux-x64-musl/package.json @@ -18,5 +18,9 @@ ], "libc": [ "musl" - ] -} \ No newline at end of file + ], + "repository": { + "type": "git", + "url": "https://github.com/enviodev/hypersync-client-node" + } +} diff --git a/package.json b/package.json index 36e53d6..24a204a 100644 --- a/package.json +++ b/package.json @@ -15,6 +15,10 @@ "x86_64-apple-darwin" ] }, + "repository": { + "type": "git", + "url": "https://github.com/enviodev/hypersync-client-node" + }, "license": "MIT", "devDependencies": { "@napi-rs/cli": "3.5.0",