chore: add npm trusted publishing workflow

[manu-bitt]

What:

Added a new GitHub Action workflow for npm Trusted Publishing using OpenID Connect (OIDC).

Why:

To enable secure, tokenless npm publishing directly from GitHub Actions.
This improves CI/CD security and automation while keeping compatibility with existing workflows.

How:

Created .github/workflows/publish.yml that triggers on release creation and publishes the package using:

• permissions: id-token: write
• npm publish --provenance --access public

Checklist:

• Documentation: Not applicable (internal CI workflow)
• Tests: N/A (no code changes)
• TypeScript definitions updated: N/A
• Ready to be merged ✅

Fixes #1420

This complements the existing validate.yml workflow and introduces no breaking changes.

[codesandbox-ci]

This pull request is automatically built and testable in CodeSandbox.

To see build info of the built libraries, click here or the icon next to each commit SHA.

Latest deployment of this branch, based on commit 4971e88:

Sandbox	Source
react-testing-library-examples	Configuration

[manu-bitt]

Hi 👋, I’ve added the workflow for NPM Trusted Publishing as discussed in #1420.
The setup uses GitHub OIDC authentication and complements the existing validate.yml.
Please let me know if any adjustments are needed. 😊

[manu-bitt]

Hi 👋 just following up kindly on this PR.
All checks have passed, and the workflow implements npm Trusted Publishing with OIDC as discussed in the issue.
Please let me know if you'd like me to make any adjustments or improvements 🙂
Thanks!

[MatanBobi]

Thanks for taking the time to opening this one but it doesn't 100% follow the way we publish our package. We've adapted our pipeline to support trusted publishing.