From 257f6082ad1ee6ff90547836df6588a85e73c888 Mon Sep 17 00:00:00 2001
From: Tanjeem Hossain <tanjeemhossain125@bitgo.com>
Date: Wed, 8 Oct 2025 20:28:40 -0400
Subject: [PATCH 1/2] ci: modify release.yml to work with Trusted Publisher

Ticket: DX-2083
---
 .github/workflows/release.yml | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 3b4d29be6..0a29024df 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -7,6 +7,9 @@ jobs:
   release:
     name: Release
     runs-on: ubuntu-latest
+    permissions:
+      id-token: write
+      contents: read
     steps:
       - name: Checkout
         uses: actions/checkout@v4
@@ -23,7 +26,7 @@ jobs:
       - name: Release
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
+          NPM_TOKEN: "n/a"
           BRANCH_NAME: ${{ github.head_ref || github.ref_name }}
         run: yarn run semantic-release
       - name: Rebase master

From 6db8f46a7204535d6c8a033d0cf733ac712df7de Mon Sep 17 00:00:00 2001
From: Tanjeem Hossain <tanjeemhossain125@bitgo.com>
Date: Tue, 14 Oct 2025 14:36:14 -0400
Subject: [PATCH 2/2] fix: replaced "n/a" with more detailed dummy value

Ticket: DX-2083
---
 .github/workflows/release.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 0a29024df..c72559a70 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -26,7 +26,7 @@ jobs:
       - name: Release
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          NPM_TOKEN: "n/a"
+          NPM_TOKEN: "FAKE_NPM_TOKEN_FOR_SEMANTIC_RELEASE"
           BRANCH_NAME: ${{ github.head_ref || github.ref_name }}
         run: yarn run semantic-release
       - name: Rebase master