From bf4da07e1452b713d8f6634589e406dc6600e060 Mon Sep 17 00:00:00 2001
From: Pedro Bilro <pedro.gustavo.bilro@outsystems.com>
Date: Thu, 23 Oct 2025 17:54:25 +0100
Subject: [PATCH 1/3] ci: Use Trusted publishing (#87)

---
 .github/actions/setup-tools/action.yml | 5 ++++-
 .github/workflows/release.yml          | 2 +-
 package.json                           | 6 +++---
 3 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/.github/actions/setup-tools/action.yml b/.github/actions/setup-tools/action.yml
index d185871..00013e3 100644
--- a/.github/actions/setup-tools/action.yml
+++ b/.github/actions/setup-tools/action.yml
@@ -7,7 +7,10 @@ runs:
     - name: Install Node.js
       uses: actions/setup-node@v4
       with:
-        node-version: 20
+        node-version: 22 # semantic-release requires at least this version
+    - name: Update npm # To ensure npm 11.5.1 or later is installed for Trusted publishing
+      shell: bash
+      run: npm install -g npm@latest
     - name: Install dependencies
       shell: bash
       run: npm i
\ No newline at end of file
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 11ab070..fcaec86 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -12,6 +12,7 @@ permissions:
     contents: write
     issues: write
     deployments: write
+    id-token: write # to enable use of OIDC for npm provenance and trusted publishing
 
 jobs:
   setup:
@@ -46,5 +47,4 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ secrets.CAP_GH_RELEASE_TOKEN }}
           GH_TOKEN: ${{ secrets.CAP_GH_RELEASE_TOKEN }}
-          NPM_TOKEN: ${{ secrets.NPM_AUTH_TOKEN }}
         run: npx semantic-release
\ No newline at end of file
diff --git a/package.json b/package.json
index cf4802b..a6603c2 100644
--- a/package.json
+++ b/package.json
@@ -63,8 +63,8 @@
     "@rollup/wasm-node": "~4.19.0",
     "@semantic-release/changelog": "^6.0.3",
     "@semantic-release/git": "^10.0.1",
-    "@semantic-release/github": "^10.1.2",
-    "@semantic-release/npm": "^12.0.1",
+    "@semantic-release/github": "^12.0.0",
+    "@semantic-release/npm": "^13.1.1",
     "@typescript-eslint/eslint-plugin": "~7.17.0",
     "@typescript-eslint/parser": "~7.17.0",
     "eslint": "^8.56.0",
@@ -73,7 +73,7 @@
     "prettier": "~3.3.3",
     "prettier-plugin-java": "~2.6.4",
     "rimraf": "^3.0.2",
-    "semantic-release": "^24.0.0",
+    "semantic-release": "^25.0.1",
     "swiftlint": "^1.0.2",
     "typescript": "~5.4.5",
     "vite": "^5.2.11",

From 416f43d91c14a5afa23e2376ede4c6c1ca1e2ce9 Mon Sep 17 00:00:00 2001
From: OS-pedrogustavobilro <pedro.gustavo.bilro@outsystems.com>
Date: Tue, 28 Oct 2025 11:58:14 +0000
Subject: [PATCH 2/3] chore: Update release for 1.x branch

---
 release.config.cjs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/release.config.cjs b/release.config.cjs
index 9d37f48..56fdfda 100644
--- a/release.config.cjs
+++ b/release.config.cjs
@@ -1,7 +1,7 @@
 module.exports = {
   branches: [
     { name: 'main', channel: 'latest' },
-    { name: '1.x-Maintenance', channel: 'latest' },
+    { name: '1.x-Maintenance', channel: 'latest-1', prerelease: false },
     { name: 'next', channel: 'next', prerelease: true },
     { name: 'dev', channel: 'dev', prerelease: true }
   ],

From e095c921006789e31dd03ab93b78959b631cfa26 Mon Sep 17 00:00:00 2001
From: OS-pedrogustavobilro <pedro.gustavo.bilro@outsystems.com>
Date: Tue, 28 Oct 2025 11:58:55 +0000
Subject: [PATCH 3/3] chore: remove next and dev branch from release config
 (not needed here)

---
 release.config.cjs | 2 --
 1 file changed, 2 deletions(-)

diff --git a/release.config.cjs b/release.config.cjs
index 56fdfda..c748022 100644
--- a/release.config.cjs
+++ b/release.config.cjs
@@ -2,8 +2,6 @@ module.exports = {
   branches: [
     { name: 'main', channel: 'latest' },
     { name: '1.x-Maintenance', channel: 'latest-1', prerelease: false },
-    { name: 'next', channel: 'next', prerelease: true },
-    { name: 'dev', channel: 'dev', prerelease: true }
   ],
   repositoryUrl: 'https://github.com/ionic-team/capacitor-os-inappbrowser.git',
   plugins: [