- Use nick-fields/retry@v3 for Build binary step
- 5 minute timeout per attempt
- Max 5 attempts with 10s wait between retries
- Prevents infinite hang on Bun cross-compile network issues
setup-node with registry-url injects NODE_AUTH_TOKEN secret which is revoked.
Create .npmrc manually with empty _authToken to force OIDC authentication.
- Remove registry-url from setup-node (was injecting NODE_AUTH_TOKEN)
- Add npm version check and auto-upgrade for OIDC support (11.5.1+)
- Add explicit --registry flag to npm publish
- Remove empty NODE_AUTH_TOKEN/NPM_CONFIG_USERCONFIG env vars that were breaking OIDC
Bun cross-compilation from Linux to Windows produces binaries that crash
with 'Segmentation fault at address 0xFFFFFFFFFFFFFFFF'.
Root cause: oven-sh/bun#18416
Solution:
- Use windows-latest runner for Windows platform in publish-platform.yml
- Set shell: bash for consistent behavior across runners
This is a simpler fix than PR #938 which modified publish.yml (wrong workflow).
The platform binaries are built and published by publish-platform.yml.
Fixes#873Fixes#844
Co-authored-by: justsisyphus <justsisyphus@users.noreply.github.com>
- publish.yml: main package only, triggers platform workflow on success
- publish-platform.yml: dedicated workflow with fresh OIDC token per run
- Fixes OIDC token expiration during large binary uploads (~40MB+)
- Platform workflow can also be triggered manually via workflow_dispatch
