Create an NPM token validation actionΒ #1466
Description
When we're rotating NPM API keys (which we now do monthly), it's quite easy to make an error. Doing so is invisible and means that the next attempt to publish will fail.
After updating the token, we need an easy way to validate that it works.
Read only access is should be - we don't need to publish anything, we just need to ensure the token works. The trick is that we need to read something that isn't publicly available.
So what we need to is to work out a safe, no-op, idempotent call to make against the NPM API, then create a manually triggered github action to run it.