Update publish workflow

.github/workflows/ci.yml

@@ -2,9 +2,7 @@
 # For more information see: https://help.github.com/actions/language-and-framework-guides/using-nodejs-with-github-actions
 
 name: CI
-permissions:
-  contents: write
-  pull-requests: write
+
 on:
   push:
     branches:
@@ -14,16 +12,17 @@ on:
       - main
   workflow_dispatch:
 
+permissions:
+  id-token: write  # Required for OIDC
+  contents: read
+  pull-requests: write
+
 jobs:
   build:
-
     runs-on: ubuntu-latest
-
     strategy:
       matrix:
-        node-version: 
-          - 20.x
-          - 22.x
+        node-version: [20, 22, 24]
 
     steps:
       - uses: actions/checkout@v6
@@ -36,7 +35,7 @@ jobs:
       - run: npm test
       - run: npm run build --if-present
       - name: Save build
-        if: matrix.node-version == '20.x'
+        if: matrix.node-version == 20
         uses: actions/upload-artifact@v6
         with:
           name: build
@@ -60,39 +59,63 @@ jobs:
   npm-publish-build:
       needs: build
       runs-on: ubuntu-latest
+      permissions:
+        id-token: write
+        contents: read
       steps:
         - uses: actions/download-artifact@v7
           with:
             name: build
         - uses: actions/setup-node@v6
           with:
-            node-version: 20.x
+            node-version: 20
+            registry-url: 'https://registry.npmjs.org'
+        - name: Update npm to latest (required for OIDC)
+          run: npm install -g npm@latest
         - uses: rlespinasse/github-slug-action@v3.x
         - name: Append commit hash to package version
           run: 'sed -i -E "s/(\"version\": *\"[^\"]+)/\1-${GITHUB_SHA_SHORT}/" package.json'
         - name: Disable pre- and post-publish actions
           run: 'sed -i -E "s/\"((pre|post)publish)/\"ignore:\1/" package.json'
-        - uses: JS-DevTools/npm-publish@v4.1.4
+        - name: Clear npm authentication cache
+          run: |
+            rm -rf ~/.npm/_cacache || true
+            rm -f ~/.npmrc || true
+        - name: Verify npm version
+          run: npm --version
+        - name: Check npm configuration
+          run: npm config list
+        - name: Publish to npm
           if: github.actor != 'dependabot[bot]' && github.actor != 'dependabot-preview[bot]'
-          with:
-            token: ${{ secrets.NPM_TOKEN }}
-            tag: ${{ env.GITHUB_REF_SLUG }}
+          run: npm publish --tag ${{ env.GITHUB_REF_SLUG }}
 
   npm-publish-latest:
     needs: [build, npm-publish-build]
     runs-on: ubuntu-latest
     if: github.ref == 'refs/heads/main'
+    permissions:
+      id-token: write  # Required for OIDC
+      contents: read
     steps:
       - uses: actions/download-artifact@v7
         with:
           name: build
       - uses: actions/setup-node@v6
         with:
-          node-version: 20.x
+          node-version: 20
+          registry-url: 'https://registry.npmjs.org'
+      - name: Update npm to latest (required for OIDC)
+        run: npm install -g npm@latest
       - name: Disable pre- and post-publish actions
         run: 'sed -i -E "s/\"((pre|post)publish)/\"ignore:\1/" package.json'
-      - uses: JS-DevTools/npm-publish@v4.1.4
+      - name: Clear npm authentication cache
+        run: |
+          rm -rf ~/.npm/_cacache || true
+          rm -f ~/.npmrc || true
+      - name: Verify npm version
+        run: npm --version
+      - name: Check npm configuration
+        run: npm config list
+      - name: Publish to npm
         if: github.actor != 'dependabot[bot]' && github.actor != 'dependabot-preview[bot]'
-        with:
-          token: ${{ secrets.NPM_TOKEN }}
-          tag: latest
+        run: npm publish --tag latest

package.json

@@ -34,7 +34,7 @@
   },
   "repository": {
     "type": "git",
-    "url": "git+https://github.com/solidos/solid-panes.git"
+    "url": "git+https://github.com/SolidOS/solid-panes.git"
   },
   "keywords": [
     "solid",