Releases: semantic-release/npm
Releases · semantic-release/npm
v13.1.1
v13.1.0
13.1.0 (2025-10-19)
Features
- trusted-publishing: verify auth, considering OIDC vs tokens from various registries (e3319f1), closes #958
- trusted-publishing: refine the messages for related errors (316ce21), closes #958
- trusted-publishing: make request to verify if OIDC token exchange can succeed (c80ecb0), closes #958
- trusted-publishing: pass id-token as bearer header for github actions (d83b727), closes #958
- trusted-publishing: pass id-token as bearer header for gitlab pipelines (6d1c3cf), closes #958
- trusted-publishing: handle failure to retrieve id-token in the context of github actions (b673257), closes #958
- auth-error: update messaging for auth failure to be less token specific (e24967d)
- auth: attempt a dry-run publish to determine auth status (841dc67)
Bug Fixes
- trusted-publishing: uri encode the package name for the token exchange request (3dd95d0), closes #958
- auth: throw appropriate error when auth context fails to enable publishing (f5c8d85)
- auth: throw error if dry-run publish determines lack of auth (8f88e9d)
- verify-auth: enable the publish dry-run to work for projects publishing from a sub-directory (e7d684c)
v13.1.0-beta.3
13.1.0-beta.3 (2025-10-18)
Features
v13.1.0-beta.2
13.1.0-beta.2 (2025-10-18)
Bug Fixes
- verify-auth: enable the publish dry-run to work for projects publishing from a sub-directory (e7d684c)
v13.1.0-beta.1
13.1.0-beta.1 (2025-10-16)
Bug Fixes
- auth: throw appropriate error when auth context fails to enable publishing (f5c8d85)
- auth: throw error if dry-run publish determines lack of auth (8f88e9d)
- deps: depend on the oidc branch for npm (733fe89)
- deps: depend on the released version of the cli branch now that the oidc features are merged (fc30c21)
- dry-run: look for the warning in stderr output rather than stdout (86f65a6)
- dry-run: stop searching for "warn" to avoid ANSI color complications (bee5db6)
- errors: bring back the invalid token error (c9f0da5), closes #958
- errors: resolve syntax problem (d825403)
- error: throw an aggregate error rather than a simple error (1967d72)
- stdout: fix the reference of stdout from execa (4ab3e74)
- token: temporarily disable configuring token into .npmrc (73185a3), closes #958
- trusted-publishing: properly await the check for trusted publishing context (23c8610), closes #958
- trusted-publishing: uri encode the package name for the token exchange request (3dd95d0), closes #958
- verify-auth: stream output of the dry-run for custom registries (67ee603), closes #958
- whoami: temporarily disable verifying token validity (0fc050d), closes #958
Features
- auth-error: updated messaging for auth failure to be less token specific (e24967d)
- auth: attempt a dry-run publish to determine auth status (841dc67)
- trusted-publishing: handle failure to retrieve id-token in the context of github actions (b673257), closes #958
- trusted-publishing: highlight in the error that a token is only required when not using OIDC (a2aa38f), closes #958
- trusted-publishing: log progression of token-exchange steps (a4a5add), closes #958
- trusted-publishing: make request to verify if OIDC token exchange can succeed (c80ecb0), closes #958
- trusted-publishing: pass id-token as bearer header for github actions (d83b727), closes #958
- trusted-publishing: pass id-token as bearer header for gitlab pipelines (6d1c3cf), closes #958
- trusted-publishing: verify auth, considering OIDC vs tokens from various registriess (e3319f1), closes #958
- verify-auth: configure npmrc details again (bd7acfb)