revert: restore GitHub Packages publishing, drop npm publish changes

benminer · benminer · commit 35317c9d7a4e · 2026-03-13T12:46:36.000-05:00
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -17,6 +17,7 @@ jobs:
     permissions:
       contents: write
       id-token: write
+      packages: write
 
     steps:
       - name: Checkout
@@ -30,7 +31,6 @@ jobs:
         with:
           node-version: 24.x
           cache: npm
-          registry-url: https://registry.npmjs.org
 
       - name: Install dependencies
         run: npm ci
@@ -158,20 +158,22 @@ jobs:
             --notes "${RELEASE_BODY}" \
             ${PRERELEASE_FLAG}
 
+      - name: Setup Node.js for publishing
+        if: steps.should_release.outputs.needed == 'true'
+        uses: actions/setup-node@v4
+        with:
+          node-version: 24.x
+          registry-url: https://npm.pkg.github.com
+
       - name: Build package
         if: steps.should_release.outputs.needed == 'true'
         run: npm run build
 
-      - name: Publish to npm
+      - name: Publish to GitHub Packages
         if: steps.should_release.outputs.needed == 'true'
         env:
-          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: |
-          if [ -z "$NODE_AUTH_TOKEN" ]; then
-            echo "::warning::NPM_TOKEN secret is not set — skipping npm publish"
-            exit 0
-          fi
-
           NPM_TAG="latest"
           if [ "${{ steps.prerelease.outputs.value }}" = "true" ]; then
             NPM_TAG="next"
@@ -185,7 +187,7 @@ jobs:
           echo "## Release Summary" >> $GITHUB_STEP_SUMMARY
           echo "- **Version**: ${{ steps.pkg_version.outputs.tag }}" >> $GITHUB_STEP_SUMMARY
           echo "- **Prerelease**: ${{ steps.prerelease.outputs.value }}" >> $GITHUB_STEP_SUMMARY
-          echo "- **npm tag**: ${{ steps.prerelease.outputs.value == 'true' && 'next' || 'latest' }}" >> $GITHUB_STEP_SUMMARY
+          echo "- **GitHub Packages tag**: ${{ steps.prerelease.outputs.value == 'true' && 'next' || 'latest' }}" >> $GITHUB_STEP_SUMMARY
 
       - name: No release needed
         if: steps.should_release.outputs.needed != 'true'
diff --git a/README.md b/README.md
@@ -1,11 +1,20 @@
-# @scope3/observability-js
+# @scope3data/observability-js
 
 Unified observability for Node.js services. A single `init()` call wires up [Sentry](https://sentry.io) (error monitoring, tracing, and profiling), [Pyroscope](https://pyroscope.io) (continuous CPU and heap profiling), and optionally the [OpenTelemetry](https://opentelemetry.io) SDK with OTLP trace export.
 
 ## Installation
 
+This package is published to [GitHub Packages](https://docs.github.com/en/packages/working-with-a-github-packages-registry/working-with-the-npm-registry). Ensure your project has a `.npmrc` with the `@scope3data` scope configured:
+
+```
+@scope3data:registry=https://npm.pkg.github.com
+//npm.pkg.github.com/:_authToken=${PACKAGES_ACCESS_TOKEN}
+```
+
+Then install:
+
 ```sh
-npm install @scope3/observability-js
+npm install @scope3data/observability-js
 ```
 
 Requires Node.js >= 24.
@@ -20,7 +29,7 @@ Without this, `instrument.js` (which calls `init()`) and `server.js` (which uses
 
 ```js
 const EXTERNAL_PACKAGES = [
-  '@scope3/observability-js',
+  '@scope3data/observability-js',
   // ...
 ]
 ```
@@ -32,7 +41,7 @@ This is not required when running with a dev server (e.g. `tsx`) since Node's mo
 Call `init()` once at process startup, before anything else runs:
 
 ```ts
-import { init } from '@scope3/observability-js'
+import { init } from '@scope3data/observability-js'
 
 init({
   serviceName: 'my-service',
@@ -246,7 +255,7 @@ All span helpers are safe to call without `init()` having been called first. Whe
 In your library, pass your library name as the `tracerName` argument to any span helper. Do not call `init()` — that is the responsibility of the consuming application.
 
 ```ts
-import { startSpan, setSpanAttributes } from '@scope3/observability-js'
+import { startSpan, setSpanAttributes } from '@scope3data/observability-js'
 
 async function executeToolCall(toolName: string, agentId: string, params: unknown) {
   return startSpan(
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,5 +1,5 @@
 {
-  "name": "@scope3/observability-js",
+  "name": "@scope3data/observability-js",
   "version": "1.0.0",
   "description": "Unified observability (Sentry, OpenTelemetry, Pyroscope) for Node.js services",
   "keywords": [
@@ -40,8 +40,7 @@
     "test": "vitest run",
     "test:ci": "vitest run --reporter=verbose",
     "prepare": "husky",
-    "prepublishOnly": "npm run build",
-    "publish:npm": "npm publish --ignore-scripts --tag latest"
+    "prepublishOnly": "npm run build"
   },
   "lint-staged": {
     "*.{js,ts,cjs,mjs,json,jsonc}": [
@@ -74,6 +73,7 @@
     "node": ">= 24"
   },
   "publishConfig": {
-    "access": "public"
+    "@scope3data:registry": "https://npm.pkg.github.com",
+    "registry": "https://npm.pkg.github.com"
   }
 }
