Update release workflow with permissions and Node.js version

DiegoRBaquero · web-flow · commit 466f6eebeb42 · 2026-04-14T18:06:12.000-05:00
Added permissions for GitHub actions and updated Node.js version.
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -5,10 +5,18 @@ on:
     branches:
       - master
 
+permissions:
+  contents: read # for checkout
+
 jobs:
   release:
     name: Release
     runs-on: ubuntu-latest
+    permissions:
+      contents: write # to be able to publish a GitHub release
+      issues: write # to be able to comment on released issues
+      pull-requests: write # to be able to comment on released pull requests
+      id-token: write # to enable use of OIDC for trusted publishing and npm provenance
     steps:
       - name: Checkout
         uses: actions/checkout@v6
@@ -17,7 +25,7 @@ jobs:
       - name: Setup Node.js
         uses: actions/setup-node@v6
         with:
-          node-version: 18
+          node-version: 22
       - name: Cache
         uses: actions/cache@v5
         with:
@@ -27,10 +35,7 @@ jobs:
             ${{ runner.os }}-npm-
       - name: Install dependencies
         run: npm i
-        env:
-          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
       - name: Release
         env:
           GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
-          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
         run: npx semantic-release
