Skip to content

ci(release): drop sudo so npm upgrade actually takes effect#51

Merged
milstan merged 1 commit into
mainfrom
milstan/release-oidc-npm-path
May 20, 2026
Merged

ci(release): drop sudo so npm upgrade actually takes effect#51
milstan merged 1 commit into
mainfrom
milstan/release-oidc-npm-path

Conversation

@milstan
Copy link
Copy Markdown
Contributor

@milstan milstan commented May 20, 2026

Last OIDC attempt published with npm 10.9.7 (logged by the new npm --version line). sudo installs go outside setup-node's PATH; dropping sudo so the upgrade hits the active prefix and the next npm publish runs on npm ≥11.5.1 with OIDC support.

@milstan @claude
ci(release): drop sudo so npm upgrade lands in setup-node's PATH
e92b99e 
Previous PR ran `sudo npm install -g npm@latest` which installs to
/usr/local/lib/node_modules — outside setup-node's bin prefix. The
next `npm` call kept resolving to the runner-bundled npm 10.9.7
(visible in the failed run's `npm --version` output), which doesn't
speak Trusted Publishers OIDC. Result: publish attempted token-style
auth with no token, got 404.

Without sudo, the install goes into setup-node's writable prefix
(/opt/hostedtoolcache/node/.../bin/), so `npm --version` reflects the
upgrade and OIDC kicks in.

Also: echo `npm $(npm --version) at $(which npm)` for next-time
debuggability.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@milstan milstan merged commit 3c1c74e into main May 20, 2026
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@milstan