chore: release flow using provenance

mcollina · mcollina · commit 2aefada122af · 2026-01-05T16:21:05.000+01:00
Signed-off-by: Matteo Collina &lt;hello@matteocollina.com&gt;
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -57,18 +57,14 @@ jobs:
       - run: npm install -g npm@latest
       - run: npm install
       - name: Create NPM release
-        run: npm publish --provenance --access public
-        env:
-          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+        run: npm publish --provenance --access public --tag six
       - run: node scripts/generate-undici-types-package-json.js
-      - run: npm publish --provenance
+      - run: npm publish --provenance --tag six
         working-directory: './types'
-        env:
-          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
       - name: Create GitHub release
         uses: actions/github-script@v7
         with:
           script: |
             const defaultBranch = "${{ github.event.repository.default_branch }}"
             const versionTag = "${{ needs.check-release-version.outputs.release-version }}"
-            await require('./scripts/release').release({ github, context, defaultBranch, versionTag })
+            await require('./scripts/release').release({ github, context, defaultBranch, versionTag })
