Show HN: Publish from GitHub Actions using multi-factor authentication https://ift.tt/y42WvLC

Show HN: Publish from GitHub Actions using multi-factor authentication The backstory about this GitHub Action: I discussed with an open-source maintainer why they publish npm packages from their local machine and do not use CI/CD pipelines. They said publishing should require human intervention and want to continue using multi-factor authentication to publish to the npm registry. This led to building the wait-for-secrets GitHub Action. It prints a URL in the build log and waits for secrets to be entered using a browser. Once entered, the workflow continues, and secrets can be used in future steps. The latest release of "eslint-plugin-react" to the npm registry used a one-time password (OTP) from a GitHub Actions workflow! https://ift.tt/wnyuXtg... https://ift.tt/i97Oyv6 December 6, 2022 at 11:05PM