You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
At the moment, I publish releases by running npm publish locally.
With my python libraries, I have a workflow that runs when I push a tag which builds the package and then uses the trusted publisher workflow to push it to PyPI using a time-limited token.
What is the best practice for doing this in NPM land these days? Can you do trusted publisher? Do you have to store an API token in GH secrets?
The text was updated successfully, but these errors were encountered:
At the moment, I publish releases by running
npm publishlocally.With my python libraries, I have a workflow that runs when I push a tag which builds the package and then uses the trusted publisher workflow to push it to PyPI using a time-limited token.
What is the best practice for doing this in NPM land these days? Can you do trusted publisher? Do you have to store an API token in GH secrets?
The text was updated successfully, but these errors were encountered: