Value Prop
You can now set up multiple trusted publishing workflows for each npm package, making it easy to publish stable releases, betas, and other versions from different CI workflows—all without relying on long-lived tokens. This gives you more flexibility and security, letting you use short-lived credentials for every publishing path.
Expected Outcome
By supporting multiple OIDC configurations per package and namespace, teams can fully retire long-lived publish tokens and streamline their release processes. This change aims to improve both the security and convenience of npm publishing for projects with complex or multi-path release workflows.
Value Prop
You can now set up multiple trusted publishing workflows for each npm package, making it easy to publish stable releases, betas, and other versions from different CI workflows—all without relying on long-lived tokens. This gives you more flexibility and security, letting you use short-lived credentials for every publishing path.
Expected Outcome
By supporting multiple OIDC configurations per package and namespace, teams can fully retire long-lived publish tokens and streamline their release processes. This change aims to improve both the security and convenience of npm publishing for projects with complex or multi-path release workflows.