From a965991dc42babb0c39599d42675ecddb6d0ba97 Mon Sep 17 00:00:00 2001 From: mshriver Date: Thu, 6 Nov 2025 14:17:04 +0100 Subject: [PATCH 1/2] provenance is granted but 404 for package trying an NPM token with write access --- .github/workflows/npm-publish.yml | 3 ++- package.json | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/npm-publish.yml b/.github/workflows/npm-publish.yml index 8134043..8f3d000 100644 --- a/.github/workflows/npm-publish.yml +++ b/.github/workflows/npm-publish.yml @@ -32,7 +32,8 @@ jobs: with: node-version: 22 cache: 'yarn' - registry-url: https://registry.npmjs.org/ - run: yarn install --frozen-lockfile - run: yarn build - run: npm publish --provenance --access public + env: + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} diff --git a/package.json b/package.json index 726230d..868ae9f 100644 --- a/package.json +++ b/package.json @@ -35,7 +35,7 @@ }, "repository": { "type": "git", - "url": "https://github.com/ibutsu/ibutsu-client-javascript.git" + "url": "git+https://github.com/ibutsu/ibutsu-client-javascript.git" }, "keywords": [ "ibutsu", From e530ee301ea99707990c8ad79535610f29315cef Mon Sep 17 00:00:00 2001 From: Mike Shriver Date: Thu, 6 Nov 2025 14:27:24 +0100 Subject: [PATCH 2/2] Update .github/workflows/npm-publish.yml Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- .github/workflows/npm-publish.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/npm-publish.yml b/.github/workflows/npm-publish.yml index 8f3d000..bda6d5e 100644 --- a/.github/workflows/npm-publish.yml +++ b/.github/workflows/npm-publish.yml @@ -32,6 +32,7 @@ jobs: with: node-version: 22 cache: 'yarn' + registry-url: https://registry.npmjs.org/ - run: yarn install --frozen-lockfile - run: yarn build - run: npm publish --provenance --access public