chore(ci-cd): remove provenance

GH-114

Author: yeshamavani

.github/workflows/release.yml

@@ -4,11 +4,9 @@ name: Release [Manual]
 on: workflow_dispatch
 permissions:
   contents: write
-  id-token: write
 jobs:
   Release:
     runs-on: ubuntu-latest
-    environment: npm-release
     steps:
       - uses: actions/checkout@v4
         with:
@@ -19,32 +17,33 @@ jobs:
       - name: Setup Node
         uses: actions/setup-node@v4
         with:
-          node-version: '22'
-          registry-url: "https://registry.npmjs.org/"
-          scope: '@sourceloop'
-          provenance: true  # enables trusted publish via OIDC
-      # - name: Force OIDC (disable npm token auth)
-      #   run: |
-      #     unset NPM_TOKEN
-      #     unset NODE_AUTH_TOKEN
-      #     npm config delete //registry.npmjs.org/:_authToken || true    
+          node-version: '24.x'
       - name: Configure CI Git User
         run: |
           git config --global user.name $CONFIG_USERNAME
           git config --global user.email $CONFIG_EMAIL
-          git remote set-url origin https://${GITHUB_ACTOR}:${GITHUB_PAT}@github.com/sourcefuse/arc-saas
-
+          git remote set-url origin https://$GITHUB_ACTOR:$GITHUB_PAT@github.com/sourcefuse/arc-saas
         env:
           GITHUB_PAT: ${{ secrets.RELEASE_COMMIT_GH_PAT }}
           CONFIG_USERNAME: ${{ vars.RELEASE_COMMIT_USERNAME }}
           CONFIG_EMAIL: ${{ vars.RELEASE_COMMIT_EMAIL }}
+      - name: Authenticate with Registry
+        run: |
+          echo "@${NPM_USERNAME}:registry=https://registry.npmjs.org/" > .npmrc
+          echo "registry=https://registry.npmjs.org/" >> .npmrc
+          echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" >> .npmrc
+          npm whoami
+        env:
+          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
+          NPM_USERNAME: ${{ vars.NPM_USERNAME }}
 
       - name: Install Dependencies
         run: npm ci --ignore-scripts
+
       # this step is added only since this version of nx dependency is not being installed on linux systems
       # can be removed once this issue is fixed or we update to later versions
       - name: nx dependency
-        run: npm i @nx/nx-linux-x64-gnu@16.10.0
+        run: npm i @nx/nx-linux-x64-gnu@16.10.0 --ignore-scripts
       - name: Test
         run: npm run test --workspaces --if-present
       - name: Lint
@@ -54,9 +53,9 @@ jobs:
       - name: Bump Versions
         # "HUSKY=0" disables pre-commit-msg check (Needed in order to allow lerna perform the release commit)
         run: HUSKY=0 npx lerna version --yes --ci --conventional-commits
-        # run: HUSKY=0 npx lerna version --yes --ci --no-git-tag-version --force-publish
-      # and replicates its logic safely while keeping provenance and trusted publishing.
-      - name: Publish all changed packages with provenance
-        run: |
-          echo "🚀 Publishing packages"
-          npm publish -ws --provenance
+      - name: Publish to NPM 🚀
+        # To always compare changes from registry
+        # using `from-package` compares version in local package.json with registry and publish it if required.
+        run: npx lerna publish from-package --yes
+        env:
+          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}