The v0.8.13 release (PR #56) tagged and created the GitHub release, but the dispatched publish run failed:
Since @tmhs/screencast-mcp@0.8.12 is live and public, a 404 on PUT is npm masking an auth/permission failure. Publishes last succeeded 2026-06-16; the NPM_TOKEN secret is present (the workflow's guard passed) but is being rejected — consistent with token expiry under npm's granular-token lifetime limits.
To fix (maintainer action required):
- Create a new granular access token on npmjs.com with read/write access to
@tmhs/screencast-mcp (or the @tmhs scope), and update the NPM_TOKEN repo secret. Alternatively, configure npm trusted publishing for this repo/workflow — publish.yml already sets id-token: write and its own skip-message suggests this path, which removes token rotation entirely.
- Re-run:
gh workflow run publish.yml --ref main (idempotent; it skips already-published versions).
Until then, npm remains at 0.8.12 while the repo and GitHub release are at 0.8.13.
The v0.8.13 release (PR #56) tagged and created the GitHub release, but the dispatched publish run failed:
npm publishthen failed withE404 Not Found - PUT https://registry.npmjs.org/@tmhs%2fscreencast-mcp ... could not be found or you do not have permission to access it.Since
@tmhs/screencast-mcp@0.8.12is live and public, a 404 on PUT is npm masking an auth/permission failure. Publishes last succeeded 2026-06-16; theNPM_TOKENsecret is present (the workflow's guard passed) but is being rejected — consistent with token expiry under npm's granular-token lifetime limits.To fix (maintainer action required):
@tmhs/screencast-mcp(or the@tmhsscope), and update theNPM_TOKENrepo secret. Alternatively, configure npm trusted publishing for this repo/workflow —publish.ymlalready setsid-token: writeand its own skip-message suggests this path, which removes token rotation entirely.gh workflow run publish.yml --ref main(idempotent; it skips already-published versions).Until then, npm remains at 0.8.12 while the repo and GitHub release are at 0.8.13.