From 2e39d2607ac53b1bc5f7c8d49882f1b200eeb35c Mon Sep 17 00:00:00 2001
From: Kevin Codex <kevin@gitlawb.com>
Date: Sun, 12 Apr 2026 23:24:39 +0800
Subject: [PATCH] Fix/release please invalid input (#620)

* ci: remove invalid release-please input

* ci: add npm publish debug diagnostics
---
 .github/workflows/release.yml | 38 +++++++++++++++++++++++++++++++++++
 1 file changed, 38 insertions(+)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 11d6720d..ec8e8ef8 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -70,6 +70,44 @@ jobs:
       - name: Dry-run package
         run: npm pack --dry-run
 
+      - name: Debug GitHub context
+        run: |
+          echo "repository=$GITHUB_REPOSITORY"
+          echo "ref=$GITHUB_REF"
+          echo "workflow=$GITHUB_WORKFLOW"
+          echo "job=$GITHUB_JOB"
+          echo "actor=$GITHUB_ACTOR"
+          echo "sha=$GITHUB_SHA"
+
+      - name: Debug OIDC token claims
+        run: |
+          python - <<'PY'
+          import base64
+          import json
+          import os
+          import urllib.request
+
+          req = urllib.request.Request(
+              os.environ["ACTIONS_ID_TOKEN_REQUEST_URL"] + "&audience=npm:registry.npmjs.org",
+              headers={"Authorization": f"Bearer {os.environ['ACTIONS_ID_TOKEN_REQUEST_TOKEN']}"},
+          )
+          token = json.load(urllib.request.urlopen(req))["value"]
+          payload = token.split(".")[1]
+          payload += "=" * (-len(payload) % 4)
+          claims = json.loads(base64.urlsafe_b64decode(payload))
+
+          for key in [
+              "iss",
+              "sub",
+              "aud",
+              "repository",
+              "repository_owner",
+              "job_workflow_ref",
+              "environment",
+          ]:
+              print(f"{key}={claims.get(key)}")
+          PY
+
       - name: Publish to npm
         run: npm publish --access public --provenance