From ad6f55a85dc121731be49351215bdeaea3cafb18 Mon Sep 17 00:00:00 2001 From: Daniel Sogl Date: Sat, 21 Mar 2026 16:22:38 -0700 Subject: [PATCH] fix: add id-token permission to release-please workflow The publish workflow requires id-token: write for npm provenance. When called via workflow_call, permissions are inherited from the caller, so id-token must be declared in release-please.yml. --- .github/workflows/release-please.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml index 799ba606d..89fb1e3bb 100644 --- a/.github/workflows/release-please.yml +++ b/.github/workflows/release-please.yml @@ -9,6 +9,7 @@ permissions: contents: write pull-requests: write issues: write + id-token: write jobs: release-please: