From 81df7d7e40b2006069523b06a410e7a16bd2894b Mon Sep 17 00:00:00 2001
From: Val Alexander <bunsthedev@gmail.com>
Date: Sun, 5 Apr 2026 08:36:05 -0500
Subject: [PATCH] Add npm auth checks to release workflow

- Fail fast when `NPM_TOKEN` is missing
- Configure npm auth and registry before Changesets publish
- Pass `NODE_AUTH_TOKEN` for release publishing
---
 .github/workflows/release.yml | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 8a9eff6..71d976d 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -39,7 +39,20 @@ jobs:
       
       - name: Build packages
         run: pnpm run build
-      
+
+      - name: Ensure NPM token is present
+        run: |
+          test -n "${NPM_TOKEN}" || { echo "::error::NPM_TOKEN secret is missing or empty"; exit 1; }
+        env:
+          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
+
+      - name: Authenticate to npm
+        run: |
+          npm config set //registry.npmjs.org/:_authToken "${NPM_TOKEN}"
+          npm config set @create-markdown:registry https://registry.npmjs.org/
+        env:
+          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
+
       - name: Create Release Pull Request or Publish
         id: changesets
         uses: changesets/action@v1
@@ -51,3 +64,4 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}