From dd0c09550ad3c96ea3bfa023f5fce4125ea9e59c Mon Sep 17 00:00:00 2001
From: Peter Johnson <738069+missinglink@users.noreply.github.com>
Date: Thu, 18 Dec 2025 13:39:40 +0100
Subject: [PATCH] feat(npm): configure CI for NPM OIDC Tokens

---
 .github/workflows/push.yml | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml
index c952d98..2f71020 100644
--- a/.github/workflows/push.yml
+++ b/.github/workflows/push.yml
@@ -9,6 +9,7 @@ jobs:
     runs-on: ubuntu-24.04
     permissions:
       id-token: write
+      contents: write
     steps:
       - uses: actions/checkout@v4
       - name: Install Node.js
@@ -17,9 +18,9 @@ jobs:
           node-version: 22.x
       - name: Run semantic-release
         env:
-          GH_TOKEN: ${{ secrets.GH_SEMANTIC_RELEASE_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: >
-          if [[ -n "$GH_TOKEN" ]]; then
+          if [[ "${{ github.repository_owner }}" == "pelias" ]]; then
             curl "https://raw.githubusercontent.com/pelias/ci-tools/master/semantic-release.sh" | bash -
           fi
   build-docker-images: