[Dependency Mgmt] Set up trusted publishing for CommonGrants npm packages

### Summary

Configure trusted publishing for CommonGrants npm packages to eliminate the need to rotate npm tokens stored in GitHub Actions. Trusted publishing lets GitHub Actions authenticate to npm without long-lived tokens. May require GitHub org admin approval. PyPI trusted publishing for common-grants-sdk is out of scope here and will be tracked separately (see #650).

### Acceptance criteria

- [ ] Trusted publishing configured for CommonGrants npm packages
- [ ] Token-based npm auth removed from GitHub Actions workflows
- [ ] Required GitHub org admin approvals secured if needed
- [ ] Publishing of npm packages is verified for all packages switched to trusted publishing

### References

- Related umbrella: #567 [Release Mgmt] Security improvements (Q7)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Dependency Mgmt] Set up trusted publishing for CommonGrants npm packages #765

Summary

Acceptance criteria

References

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

[Dependency Mgmt] Set up trusted publishing for CommonGrants npm packages #765

Description

Summary

Acceptance criteria

References

Metadata

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Issue actions