chore: bump version to v0.2.9 #21
Conversation
|
Warning Rate limit exceeded@crisap94 has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 25 minutes and 8 seconds before requesting another review. ⌛ How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. Please see our FAQ for further information. 📒 Files selected for processing (1)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
🔍 PR Quality Check Summary
📋 Checks Performed:
🎉 All checks passed! This PR is ready for review. |
After 4 failed attempts with OIDC trusted publishing (#20, #21, #22, #23), we're switching to the more reliable traditional npm token authentication. Changes: - Add registry-url back to setup-node - Add NODE_AUTH_TOKEN env using NPM_TOKEN secret - Bump version to 0.2.12 - Keep --provenance flag for supply chain security Required setup: 1. Create npm automation token at https://www.npmjs.com/settings/[username]/tokens/create 2. Add as GitHub secret: NPM_TOKEN Benefits: ✅ Battle-tested and reliable ✅ Still supports provenance attestation ✅ No OIDC configuration issues Trade-offs:⚠️ Requires manual token management⚠️ Token needs rotation
Test OIDC fix - removed NODE_AUTH_TOKEN env variable