From 4205327784f29a0c6a1ba545e27ab84aa821fe46 Mon Sep 17 00:00:00 2001
From: MantisClone <david.huntmateo@request.network>
Date: Fri, 17 Oct 2025 17:11:23 -0400
Subject: [PATCH 1/4] chore: add OIDC Trusted Publisher for NPM publishing

- Add OIDC permissions (id-token: write, contents: read)
- Update to actions/setup-node@v4 and Node 20
- Add npm update step to ensure npm 11.5.1+
- Remove NODE_AUTH_TOKEN (OIDC handles authentication)
- Add @types/prettier to fix build errors
---
 .github/workflow/npm-publish.yaml | 14 ++++++++++----
 package-lock.json                 | 18 +++++++++++++-----
 package.json                      |  1 +
 3 files changed, 24 insertions(+), 9 deletions(-)

diff --git a/.github/workflow/npm-publish.yaml b/.github/workflow/npm-publish.yaml
index a0bef25..d714068 100644
--- a/.github/workflow/npm-publish.yaml
+++ b/.github/workflow/npm-publish.yaml
@@ -6,6 +6,10 @@ on:
       - main
   workflow_dispatch:
 
+permissions:
+  id-token: write  # Required for OIDC
+  contents: read
+
 jobs:
   release-cli-if-necessary:
     runs-on: ubuntu-latest
@@ -14,11 +18,15 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Set up Node.js
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
         with:
-          node-version: '18'
+          node-version: '20'
           registry-url: 'https://registry.npmjs.org'
 
+      # Ensure npm 11.5.1 or later is installed
+      - name: Update npm
+        run: npm install -g npm@latest
+
       - name: Install dependencies 📥
         run: npm ci
 
@@ -40,5 +48,3 @@ jobs:
       - name: Publish package on NPM 📦
         if: steps.is-release-needed.outputs.is-release-needed == 'true'
         run: npm publish
-        env:
-          NODE_AUTH_TOKEN: ${{ secrets.REQUEST_BOT_NPM_TOKEN }}
diff --git a/package-lock.json b/package-lock.json
index 2318153..264b62e 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,22 +1,23 @@
 {
-  "name": "request-cli",
-  "version": "0.0.1",
+  "name": "request-injector",
+  "version": "0.1.2",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
-      "name": "request-cli",
-      "version": "0.0.1",
+      "name": "request-injector",
+      "version": "0.1.2",
       "license": "ISC",
       "dependencies": {
         "@clack/prompts": "^0.7.0",
         "remove-types": "^1.0.0"
       },
       "bin": {
-        "request-cli": "dist/index.js"
+        "request-injector": "dist/index.js"
       },
       "devDependencies": {
         "@types/node": "^22.4.1",
+        "@types/prettier": "^2.7.3",
         "typescript": "^5.5.4"
       }
     },
@@ -540,6 +541,13 @@
         "undici-types": "~6.19.2"
       }
     },
+    "node_modules/@types/prettier": {
+      "version": "2.7.3",
+      "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-2.7.3.tgz",
+      "integrity": "sha512-+68kP9yzs4LMp7VNh8gdzMSPZFL44MLGqiHWvttYJe+6qnuVr4Ek9wSBQoveqY/r+LwjCcU29kNVkidwim+kYA==",
+      "dev": true,
+      "license": "MIT"
+    },
     "node_modules/ansi-styles": {
       "version": "3.2.1",
       "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz",
diff --git a/package.json b/package.json
index 15e3a24..d20bfef 100644
--- a/package.json
+++ b/package.json
@@ -18,6 +18,7 @@
   },
   "devDependencies": {
     "@types/node": "^22.4.1",
+    "@types/prettier": "^2.7.3",
     "typescript": "^5.5.4"
   }
 }

From 48d1065785544cd5bb80c338bdf21977c71e75f1 Mon Sep 17 00:00:00 2001
From: MantisClone <david.hunt-mateo@mantisdata.solutions>
Date: Tue, 28 Oct 2025 09:15:00 -0400
Subject: [PATCH 2/4] Update .github/workflow/npm-publish.yaml

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
---
 .github/workflow/npm-publish.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflow/npm-publish.yaml b/.github/workflow/npm-publish.yaml
index d714068..407cc4e 100644
--- a/.github/workflow/npm-publish.yaml
+++ b/.github/workflow/npm-publish.yaml
@@ -25,7 +25,7 @@ jobs:
 
       # Ensure npm 11.5.1 or later is installed
       - name: Update npm
-        run: npm install -g npm@latest
+        run: npm install -g npm@^11.5.1
 
       - name: Install dependencies 📥
         run: npm ci

From 14a1a79abeb201ae9c70040e601dce861b8d8002 Mon Sep 17 00:00:00 2001
From: MantisClone <david.huntmateo@request.network>
Date: Tue, 28 Oct 2025 09:16:39 -0400
Subject: [PATCH 3/4] feat: add workflows for NPM publishing and PR comments
 automation

---
 .github/{workflow => workflows}/npm-publish.yaml | 0
 .github/{workflow => workflows}/pr-comments.yml  | 0
 2 files changed, 0 insertions(+), 0 deletions(-)
 rename .github/{workflow => workflows}/npm-publish.yaml (100%)
 rename .github/{workflow => workflows}/pr-comments.yml (100%)

diff --git a/.github/workflow/npm-publish.yaml b/.github/workflows/npm-publish.yaml
similarity index 100%
rename from .github/workflow/npm-publish.yaml
rename to .github/workflows/npm-publish.yaml
diff --git a/.github/workflow/pr-comments.yml b/.github/workflows/pr-comments.yml
similarity index 100%
rename from .github/workflow/pr-comments.yml
rename to .github/workflows/pr-comments.yml

From 56f1ae3d25b653bf1980d35eb7da65d7f41e31db Mon Sep 17 00:00:00 2001
From: MantisClone <david.huntmateo@request.network>
Date: Tue, 28 Oct 2025 09:18:21 -0400
Subject: [PATCH 4/4] fix: add --provenance flag to npm publish command

---
 .github/workflows/npm-publish.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/npm-publish.yaml b/.github/workflows/npm-publish.yaml
index 407cc4e..37a43df 100644
--- a/.github/workflows/npm-publish.yaml
+++ b/.github/workflows/npm-publish.yaml
@@ -47,4 +47,4 @@ jobs:
 
       - name: Publish package on NPM 📦
         if: steps.is-release-needed.outputs.is-release-needed == 'true'
-        run: npm publish
+        run: npm publish --provenance