Skip to content

Migrate npm publish to OIDC Trusted Publishing via a reusable workflow (#57099)#57099

Closed
robhogan wants to merge 1 commit into
mainfrom
export-D107805971
Closed

Migrate npm publish to OIDC Trusted Publishing via a reusable workflow (#57099)#57099
robhogan wants to merge 1 commit into
mainfrom
export-D107805971

Migrate npm publish to OIDC Trusted Publishing via a reusable workflo…

22840c5
Select commit
Loading
Failed to load commit list.
GitHub Advanced Security / CodeQL completed Jun 9, 2026 in 2s

3 configurations not found

Warning: Code scanning may not have found all the alerts introduced by this pull request, because 3 configurations present on refs/heads/main were not found:

Default setup

  • ❓  /language:c-cpp
  • ❓  /language:javascript-typescript
  • ❓  /language:python

New alerts in code changed by this pull request

Security Alerts:

  • 1 medium

See annotations below for details.

View all branch alerts.

Annotations

Check warning on line 117 in .github/workflows/publish-release.yml

See this annotation in the file changed.

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}