docs(release): prefer npm token workflow for dist-tags · openclaw/openclaw@8207567
steipete
·
2026-04-25
·
via Recent Commits to openclaw:main
File tree
.agents/skills/openclaw-release-maintainer
| Original file line number | Diff line number | Diff line change |
|---|
@@ -341,6 +341,10 @@ node --import tsx scripts/openclaw-npm-postpublish-verify.ts <published-version>
|
341 | 341 | `openclaw/releases-private/.github/workflows/openclaw-npm-dist-tags.yml` |
342 | 342 | workflow because `npm dist-tag` management needs `NPM_TOKEN`, while the |
343 | 343 | public npm release workflow stays OIDC-only. |
| 344 | +- Prefer fixing the private workflow token path over any local 1Password |
| 345 | + fallback. The desired setup is a granular npm token stored as the private |
| 346 | + repo's `NPM_TOKEN` secret, scoped to the `openclaw` package with read/write |
| 347 | + and 2FA bypass for automation. |
344 | 348 | - If the private dist-tag workflow cannot promote because `NPM_TOKEN` is absent |
345 | 349 | or stale, use the local tmux + 1Password fallback: |
346 | 350 | - Start or reuse a tmux session so interactive `npm login` and OTP prompts |
|
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。