Show HN: Publish from GitHub Actions using multi-factor authentication (MFA) https://ift.tt/Jgi9Ekp

Show HN: Publish from GitHub Actions using multi-factor authentication (MFA) The backstory about this GitHub Action: I discussed with an open-source maintainer why they publish npm packages from their local machine and do not use CI/CD pipelines. They said publishing should require human intervention and want to continue using multi-factor authentication to publish to the npm registry. This led to building the wait-for-secrets GitHub Action. It prints a URL in the build log and waits for secrets to be entered using a browser. Once entered, the workflow continues, and secrets can be used in future steps. The latest release of "eslint-plugin-react" to the npm registry used a one-time password (OTP) from a GitHub Actions workflow! https://ift.tt/N6nMSaC... https://ift.tt/yeRiLta December 6, 2022 at 11:05PM