From 4ea5f49542f2b977bde829e419daf06d36d0a84b Mon Sep 17 00:00:00 2001
From: Michael Telatynski <7t3chguy@gmail.com>
Date: Thu, 30 Oct 2025 12:57:58 +0000
Subject: [PATCH] Switch to NPM Trusted Publishing

---
 .github/workflows/publish.yml | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index f365913a..16767b41 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -83,6 +83,9 @@ jobs:
   npm:
     name: Publish to npm
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      id-token: write
     steps:
       - name: 🧮 Checkout code
         uses: actions/checkout@v4
@@ -97,6 +100,10 @@ jobs:
           cache-dependency-path: platforms/web/yarn.lock
           registry-url: "https://registry.npmjs.org"
 
+      # Ensure npm 11.5.1 or later is installed
+      - name: Update npm
+        run: npm install -g npm@latest
+
       - name: 🔨 Install dependencies
         run: "yarn install --pure-lockfile"
         working-directory: platforms/web
@@ -106,9 +113,5 @@ jobs:
         working-directory: platforms/web
 
       - name: 🚀 Publish to npm
-        id: npm-publish
-        uses: JS-DevTools/npm-publish@v3
-        with:
-          package: platforms/web/package.json
-          token: ${{ secrets.NPM_TOKEN }}
-          access: public
+        run: npm publish --access public --provenance
+        working-directory: platforms/web