From 3eca9242862010ca9a04fe5825adec930ba15c7c Mon Sep 17 00:00:00 2001 From: James Kebinger Date: Thu, 20 Nov 2025 17:07:43 -0600 Subject: [PATCH 1/2] chore: update Yarn to 4.11.0 for trusted publisher support MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Updates package manager to Yarn 4.11.0 which provides better support for NPM's trusted publisher authentication system. This ensures secure publishing without needing an NPM_TOKEN secret. Changes: - Update packageManager in package.json to yarn@4.11.0 - Update corepack prepare command in release workflow to yarn@4.11.0 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude --- .github/workflows/release.yaml | 2 +- package.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 1fa70f7..37b9477 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -63,7 +63,7 @@ jobs: - name: enable corepack run: | corepack enable - corepack prepare yarn@4.9.2 --activate + corepack prepare yarn@4.11.0 --activate - name: cache yarn dependencies uses: actions/cache@v4 with: diff --git a/package.json b/package.json index bcd9ffe..a4852f6 100644 --- a/package.json +++ b/package.json @@ -1,5 +1,5 @@ { - "packageManager": "yarn@4.9.2", + "packageManager": "yarn@4.11.0", "name": "@reforge-com/react", "version": "0.0.3", "description": "Feature Flags & Dynamic Configuration as a Service", From 889273d53e1f29e4fd9c4da9a33a363a5d5da12b Mon Sep 17 00:00:00 2001 From: James Kebinger Date: Thu, 20 Nov 2025 17:11:58 -0600 Subject: [PATCH 2/2] chore: configure npmPublishProvenance in .yarnrc.yml MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Remove --provenance flags from publish commands as they are now handled automatically by Yarn configuration. Changes: - Replace npmAuthToken with npmPublishProvenance: true in .yarnrc.yml - Remove --provenance flags from yarn npm publish commands 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude --- .github/workflows/release.yaml | 4 ++-- .yarnrc.yml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 37b9477..5568f0a 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -76,9 +76,9 @@ jobs: - name: Publish to npm run: | if [ "${{ needs.check-version.outputs.is-prerelease }}" == "true" ]; then - yarn npm publish --provenance --access public --tag ${{ needs.check-version.outputs.npm-tag }} + yarn npm publish --access public --tag ${{ needs.check-version.outputs.npm-tag }} else - yarn npm publish --provenance --access public + yarn npm publish --access public fi create-release: diff --git a/.yarnrc.yml b/.yarnrc.yml index 45a70b4..cc0f02d 100644 --- a/.yarnrc.yml +++ b/.yarnrc.yml @@ -1,3 +1,3 @@ nodeLinker: node-modules npmRegistryServer: 'https://registry.npmjs.org' -npmAuthToken: '${NPM_AUTH_TOKEN}' +npmPublishProvenance: true