fix: n8n review feedback (codex fields, homepage, provenance auth)

[Kylejeong2]

Summary

Addresses blocking issues from n8n Community Engineering review of v1.2.3.

Changes

• [MEDIUM] Codex file — removed unsupported subcategories and n8nNodesApiVersion fields from nodes/Browserbase/Browserbase.node.json. Only node, nodeVersion, codexVersion, categories, resources, alias are recognized by n8n.
• [LOW] package.json — set empty homepage field to https://github.com/browserbase/n8n-node.
• [LOW] npm provenance — added missing NODE_AUTH_TOKEN env var on the npm publish --provenance step in .github/workflows/publish.yml. Without it, the publish either fails auth or falls back to manual publishing (which is why v1.2.3 shipped without an attestation). Provenance becomes mandatory for verified community nodes May 1st 2026.
• [Note] Tag/version mismatch — added requireCleanWorkingDir: true to .release-it.json so release-it refuses to tag when there are uncommitted changes. Combined with running npm run release only from main (never a feature branch), this prevents the recurring bug where git tags point to commits that don't match the published package.json version.

[shrey150]

Can you verify / pattern match the publish CI flow here? Not sure we shouldn't be including an NPM token if we're using provenance

[shrey150]

If we're using provenance, we don't need an auth token. see example here: https://github.com/browserbase/openclaw-browserbase/blob/0e38ccb01ed8a762f9bb8715a7291bbc301155cb/.github/workflows/release.yml