From 193e52a2c8d72a7cd59a141f2dec14c67a354577 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Eray=20Ayd=C4=B1n?= <eray.aydin@fingerprint.com>
Date: Thu, 26 Feb 2026 22:49:00 +0300
Subject: [PATCH 1/2] ci: add trusted publishing support

---
 .github/workflows/release.yml | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 99b9ad48..3ee90821 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -5,6 +5,10 @@ on:
       - main
       - test
 
+permissions:
+  id-token: write
+  contents: read
+
 jobs:
   build-and-release:
     name: 'Build project, run CI checks and publish new release'
@@ -17,7 +21,7 @@ jobs:
       language: node
       language-version: 21
       prepare-command: pnpm build
+      useTrustedPublishing: true
     secrets:
       APP_PRIVATE_KEY: ${{ secrets.APP_PRIVATE_KEY }}
       RUNNER_APP_PRIVATE_KEY: ${{ secrets.RUNNER_APP_PRIVATE_KEY }}
-      NPM_AUTH_TOKEN: ${{ secrets.NPM_AUTH_TOKEN }}

From 9c035be874483a8369c3bdb1ad23ba8d1044d0b4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Eray=20Ayd=C4=B1n?= <eray.aydin@fingerprint.com>
Date: Thu, 26 Feb 2026 22:57:36 +0300
Subject: [PATCH 2/2] ci: add publishConfig to package

---
 package.json | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/package.json b/package.json
index 825dcb9b..abfcf538 100644
--- a/package.json
+++ b/package.json
@@ -17,6 +17,10 @@
     "type": "git",
     "url": "https://github.com/fingerprintjs/node-sdk"
   },
+  "publishConfig": {
+    "access": "public",
+    "provenance": true
+  },
   "engines": {
     "node": ">=18.17.0"
   },