From 9a4d675d6e8781f6ccbe8084edd126a35b63dfe5 Mon Sep 17 00:00:00 2001
From: yltw27 <yiying.lin@loveholidays.com>
Date: Tue, 14 Apr 2026 11:26:23 +0100
Subject: [PATCH] fix: use pnpm publish instead of npm to prevent ENEEDAUTH

pnpm was already handling all package operations (install, build, test).
Switching the publish step from npm to pnpm ensures consistent registry and
auth configuration throughout the workflow. npm's OIDC flow can fail when
pnpm has written registry config that npm then misinterprets. Using pnpm
publish avoids this auth state collision and leverages pnpm's native
--provenance and OIDC support.

Also add --no-git-checks to allow publishing after version commit.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .github/workflows/build-main.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/build-main.yaml b/.github/workflows/build-main.yaml
index 4a27bf4..5d4b78e 100644
--- a/.github/workflows/build-main.yaml
+++ b/.github/workflows/build-main.yaml
@@ -65,5 +65,5 @@ jobs:
       - name: Publish packages
         if: steps.changesets.outputs.HAS_CHANGESETS == 'true'
         run: |
-          npm publish --provenance --access public
+          pnpm publish --provenance --access public --no-git-checks
           git push --follow-tags