9dd856db3d
Replace NPM_TOKEN-based authentication with OIDC trusted publishing. This eliminates the need for long-lived npm access tokens. Changes: - Add id-token: write permission to the release job - Add registry-url to setup-node - Remove the setup authentication step (.npmrc token write) - Remove NPM_TOKEN env var from the Publish packages step Requires trusted publisher configuration on npmjs.com for each package. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>