From 1db7dd33a514d4278acf39ded195a6bf456d0f30 Mon Sep 17 00:00:00 2001
From: Aaron McConnell <amcconnell@duosecurity.com>
Date: Mon, 17 Nov 2025 15:54:38 -0500
Subject: [PATCH] Update publishing flow to use trusted publisher

---
 .github/workflows/npm-publish.yml | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/npm-publish.yml b/.github/workflows/npm-publish.yml
index 42e5c81..1d0b4d7 100644
--- a/.github/workflows/npm-publish.yml
+++ b/.github/workflows/npm-publish.yml
@@ -5,6 +5,10 @@ name: Node.js Package
 on:
   workflow_dispatch
 
+permissions:
+  id-token: write
+  contents: read
+
 jobs:
   build:
     runs-on: ubuntu-latest
@@ -29,5 +33,3 @@ jobs:
           registry-url: https://registry.npmjs.org/
       - run: pnpm install
       - run: pnpm publish --access public
-        env:
-          NODE_AUTH_TOKEN: ${{secrets.npm_token}}