Support OIDC publishing ("trusted publishing")

### Contribution

- [ ] I'd be willing to implement this feature ([contributing guide](https://github.com/pnpm/pnpm/blob/main/CONTRIBUTING.md))

### Describe the user story

Trusted publishing is an important security feature that prevents leaking long-lived publishing tokens from workflows. The npmjs registry supports it, so it's important that it works throughout the ecosystem.

### Describe the solution you'd like

Now that [npmjs.com](https://github.com/orgs/community/discussions/161015) & the npm client [support](https://github.com/npm/cli/pull/8336) OIDC publishing, the pnpm client should follow suit.

### Describe the drawbacks of your solution

- Requires implementation, maintenance, etc
- Locks publishers into GitHub/GitLab

### Describe alternatives you've considered

Don't implement it-which, for better and for worse, will look insecure on our part, especially once [Yarn](https://github.com/yarnpkg/berry/issues/6831) or Bun implement it.


### Related

https://github.com/pnpm/pnpm/pull/8897#issuecomment-2558203178

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Support OIDC publishing ("trusted publishing") #9812

Contribution

Describe the user story

Describe the solution you'd like

Describe the drawbacks of your solution

Describe alternatives you've considered

Related

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

Support OIDC publishing ("trusted publishing") #9812

Description

Contribution

Describe the user story

Describe the solution you'd like

Describe the drawbacks of your solution

Describe alternatives you've considered

Related

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions