Skip to content

fix: use PYPI_API_TOKEN for main publish workflow#8

Merged
cafitac merged 1 commit intomainfrom
fix/pypi-token-publish
Apr 27, 2026
Merged

fix: use PYPI_API_TOKEN for main publish workflow#8
cafitac merged 1 commit intomainfrom
fix/pypi-token-publish

Conversation

@cafitac
Copy link
Copy Markdown
Owner

@cafitac cafitac commented Apr 27, 2026

Summary

  • remove the unused OIDC permission from the main publish workflow
  • keep the PyPI publish step on the repo's configured PYPI_API_TOKEN path
  • preserve the existing main-branch auto publish flow for npm and PyPI

Verification

  • parsed .github/workflows/publish.yml as YAML locally
  • confirmed PYPI_API_TOKEN and NPM_TOKEN secrets exist in the repo
  • confirmed the prior failure came from trusted publisher claim mismatch on publish.yml

@cafitac cafitac merged commit 56b2009 into main Apr 27, 2026
6 checks passed
@cafitac cafitac deleted the fix/pypi-token-publish branch April 27, 2026 02:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@cafitac