From 99180da3e30423994759485259f530036d7cc740 Mon Sep 17 00:00:00 2001
From: Peter Johnson <738069+missinglink@users.noreply.github.com>
Date: Thu, 18 Dec 2025 13:05:20 +0100
Subject: [PATCH] feat(npm): configure CI for NPM OIDC Tokens

---
 .github/workflows/push.yml | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml
index 6169f8b..c952d98 100644
--- a/.github/workflows/push.yml
+++ b/.github/workflows/push.yml
@@ -7,6 +7,8 @@ jobs:
     needs: unit-tests
     if: github.ref == 'refs/heads/master' && needs.unit-tests.result == 'success'
     runs-on: ubuntu-24.04
+    permissions:
+      id-token: write
     steps:
       - uses: actions/checkout@v4
       - name: Install Node.js
@@ -16,9 +18,8 @@ jobs:
       - name: Run semantic-release
         env:
           GH_TOKEN: ${{ secrets.GH_SEMANTIC_RELEASE_TOKEN }}
-          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
         run: >
-          if [[ -n "$GH_TOKEN" && -n "$NPM_TOKEN" ]]; then
+          if [[ -n "$GH_TOKEN" ]]; then
             curl "https://raw.githubusercontent.com/pelias/ci-tools/master/semantic-release.sh" | bash -
           fi
   build-docker-images: