From 067724a37bd1d27eec3aef83540032b5d662b5c5 Mon Sep 17 00:00:00 2001 From: Tommy Nguyen <4123478+tido64@users.noreply.github.com> Date: Thu, 4 Jun 2026 19:54:08 +0200 Subject: [PATCH] ci: enable trusted publishing --- .github/workflows/build.yml | 2 +- .github/workflows/pr.yml | 4 +--- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 611c2fb11..839503e37 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -9,6 +9,7 @@ jobs: name: "Build and publish" permissions: contents: write # for GH releases and Git tags (Changesets) + id-token: write # enable use of OIDC for trusted publishing if: ${{ github.repository == 'microsoft/rnx-kit' }} runs-on: ubuntu-24.04 steps: @@ -45,7 +46,6 @@ jobs: # We cannot use the GHA generated tokens because we've disabled # creation of pull requests at the org level. GITHUB_TOKEN: ${{ steps.app-token.outputs.token }} - NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} website: name: "Publish website" permissions: diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index a7bf218b8..3d95d03f0 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -159,7 +159,7 @@ jobs: build-ios-test-app: name: "Build iOS" permissions: {} - runs-on: macos-15 + runs-on: macos-26 steps: - name: Checkout uses: actions/checkout@v6 @@ -170,7 +170,6 @@ jobs: uses: microsoft/react-native-test-app/.github/actions/setup-toolchain@5.1.5 with: platform: ios - xcode-developer-dir: /Applications/Xcode_16.4.app - name: Install package dependencies run: | yarn @@ -215,7 +214,6 @@ jobs: uses: microsoft/react-native-test-app/.github/actions/setup-toolchain@5.1.5 with: platform: macos - xcode-developer-dir: /Applications/Xcode_16.4.app - name: Install package dependencies run: | yarn