You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: fern/products/sdks/overview/typescript/publishing-to-npm.mdx
+7-8Lines changed: 7 additions & 8 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -106,19 +106,18 @@ groups:
106
106
107
107
## Configure authentication
108
108
109
-
Choose how you want to authenticate with npmjs when publishing. **OpenID Connect (OIDC) is strongly recommended** for security.
109
+
Choose how you want to authenticate with npmjs when publishing.
110
110
111
-
<Note>
112
-
**Starting in early 2025**, npmjs.org is deprecating long-lived authentication tokens for publishing from CI/CD workflows. OIDC-based authentication is recommended.
113
-
</Note>
111
+
<Warning>
112
+
**Starting in early 2025**, npmjs.org is deprecating long-lived authentication tokens for publishing from CI/CD workflows. **OpenID Connect (OIDC) authentication is strongly recommended** for security.
OIDC-based publishing (also known as "trusted publishing") is the most secure way to publish. With OIDC, you don't need to manage authentication tokens - npmjs trusts your GitHub repository to publish directly.
119
119
120
-
<Info>
121
-
**Requirements:**
120
+
<Info title="Prerequisites">
122
121
- Fern TypeScript SDK generator version `3.12.0` or later
123
122
- Fern CLI version `0.94.0` or later (only required for local generation with `--local`)
124
123
</Info>
@@ -156,7 +155,7 @@ OIDC-based publishing (also known as "trusted publishing") is the most secure wa
156
155
fern generate --group ts-sdk
157
156
```
158
157
159
-
Or push your `generators.yml` changes and let the Fern GitHub Action generate it for you.
158
+
This creates a `.github/workflows/ci.yml` file that's configured to use OIDC for npmjs publishing. Alternatively, you can push your `generators.yml` changes and let the Fern GitHub Action generate the workflow for you.
160
159
161
160
This creates a `.github/workflows/ci.yml` file that's configured to use OIDC for npm publishing.
162
161
@@ -202,7 +201,7 @@ Provenance attestations aren't generated for packages published from private rep
**This method is being deprecated by npmjs.org in early 2025.** OIDC-based authentication is strongly recommended instead. Long-lived authentication tokens can be exposed in logs, compromised, and are difficult to manage and rotate.
204
+
**This method is being deprecated by npmjs.org in early 2025.** Long-lived authentication tokens can be exposed in logs, compromised, and are difficult to manage and rotate. [OIDC-based authentication is strongly recommended instead](#migrating-from-token-based-to-oidc-publishing).
0 commit comments