develop

[ienaga]

No description provided.

[Copilot]

Pull request overview

This PR addresses a spelling error in the source code and restructures the GitHub Actions publish workflow to align with modern npm publishing practices. The changes include fixing a typo in a variable name and attempting to transition from token-based to OIDC-based npm authentication.

Key Changes:

• Fixed spelling: recommendeVersion → recommendedVersion across all references in the Node.js version check
• Restructured publish workflow with workflow-level permissions and renamed job from "build" to "publish"
• Modified npm publish authentication approach by removing NODE_AUTH_TOKEN and adding id-token: write permission

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.

File	Description
src/index.ts	Corrected variable name typo from "recommendeVersion" to "recommendedVersion" in Node.js version validation logic
.github/workflows/publish.yml	Restructured workflow permissions, renamed job to "publish", and modified npm authentication approach

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The removal of NODE_AUTH_TOKEN from the npm publish step may cause authentication failures unless npm is configured to use provenance-based publishing with OIDC (which the id-token: write permission suggests).

Ensure that:

1. The npm package is configured to accept provenance-based publishing
2. The GitHub Actions environment is properly set up for OIDC authentication with npm
3. The package repository settings on npm allow for this authentication method

If provenance publishing is not set up, the npm publish command will fail with an authentication error. Consider adding --provenance flag to the publish command to explicitly enable provenance: npm publish --provenance

Suggested change

	- run: npm publish
	- run: npm publish --provenance