From fe9867675e8335ccb01cd5e26b97759907e32b55 Mon Sep 17 00:00:00 2001
From: GigiaJ <gigiaboone@yahoo.com>
Date: Mon, 24 Nov 2025 00:56:34 -0600
Subject: [PATCH] setup for trusted publishing

---
 .github/workflows/generate.yml | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/generate.yml b/.github/workflows/generate.yml
index 6d9216b..52c31dc 100644
--- a/.github/workflows/generate.yml
+++ b/.github/workflows/generate.yml
@@ -7,6 +7,10 @@ on:
   push:
     branches: [ main ]
 
+permissions:
+  contents: read
+  id-token: write 
+
 jobs:
   generate-crds:
     runs-on: ubuntu-latest
@@ -59,8 +63,6 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
-      - name: Publish to npm
+      - name: Publish to npm (Trusted Publishing)
         if: github.ref == 'refs/heads/main'
-        run: npm publish
-        env:
-          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+        run: npm publish --provenance