@gjsify/cli 0.4.15 → 0.4.17

package/lib/commands/install.js

@@ -354,6 +354,14 @@ async function workspaceInstall(cwd, args) {
     // target in a shell script that picks the right interpreter (`gjs -m`
     // for `.mjs` bundles, `node` for `.js` files).
     const wsBinDir = join(cwd, 'node_modules', '.bin');
+    // Discover native prebuilds reachable from the workspace cwd so the
+    // workspace-local `node_modules/.bin/gjsify` shim sets GI_TYPELIB_PATH /
+    // LD_LIBRARY_PATH for them. Same rationale as the global launcher in
+    // install-global.ts — the bin shim invokes the CLI bundle via `gjs -m`
+    // directly, with no chance to set env after the fact, so without this
+    // preamble `imports.gi.GjsifyTerminal` etc. fail and process.stdout
+    // collapses to no-color, 80-col defaults.
+    const nativePrebuildDirs = detectNativePackages(cwd).map((p) => p.prebuildsDir);
     let wsBinsCreated = 0;
     for (const ws of workspaces) {
         const m = ws.manifest;
@@ -375,7 +383,7 @@ async function workspaceInstall(cwd, args) {
                 rmSync(linkPath, { force: true });
             }
             catch { /* fine */ }
-            writeFileSync(linkPath, buildBinShim(ws.location, nodeTarget, gjsTarget), { mode: 0o755 });
+            writeFileSync(linkPath, buildBinShim(ws.location, nodeTarget, gjsTarget, nativePrebuildDirs), { mode: 0o755 });
             chmodSync(linkPath, 0o755);
             wsBinsCreated++;
         }
@@ -441,16 +449,27 @@ function extractOverrides(rootManifest) {
     merge(rootManifest.resolutions, 'resolutions');
     return Object.keys(out).length > 0 ? out : undefined;
 }
-function buildBinShim(wsLocation, nodeTarget, gjsTarget) {
+function buildBinShim(wsLocation, nodeTarget, gjsTarget, nativePrebuildDirs = []) {
     const nodeAbs = nodeTarget ? join(wsLocation, nodeTarget) : null;
     const gjsAbs = gjsTarget ? join(wsLocation, gjsTarget) : null;
+    // GJS-only env preamble — Node ignores GI_TYPELIB_PATH so we scope the
+    // export to the gjs branch, keeping the shim minimal when no native pkgs
+    // exist or only the Node bin is in play.
+    const gjsPreamble = nativePrebuildDirs.length === 0
+        ? ''
+        : (() => {
+            const joined = `'${nativePrebuildDirs.join(':').replace(/'/g, `'\\''`)}'`;
+            return (`GI_TYPELIB_PATH=${joined}\${GI_TYPELIB_PATH:+":$GI_TYPELIB_PATH"}\n` +
+                `LD_LIBRARY_PATH=${joined}\${LD_LIBRARY_PATH:+":$LD_LIBRARY_PATH"}\n` +
+                `export GI_TYPELIB_PATH LD_LIBRARY_PATH\n`);
+        })();
     if (nodeAbs && gjsAbs) {
-        return `#!/bin/sh\nif [ -f "${nodeAbs}" ]; then\n  exec node "${nodeAbs}" "$@"\nfi\nexec gjs -m "${gjsAbs}" "$@"\n`;
+        return `#!/bin/sh\nif [ -f "${nodeAbs}" ]; then\n  exec node "${nodeAbs}" "$@"\nfi\n${gjsPreamble}exec gjs -m "${gjsAbs}" "$@"\n`;
     }
     if (nodeAbs)
         return `#!/bin/sh\nexec node "${nodeAbs}" "$@"\n`;
     if (gjsAbs)
-        return `#!/bin/sh\nexec gjs -m "${gjsAbs}" "$@"\n`;
+        return `#!/bin/sh\n${gjsPreamble}exec gjs -m "${gjsAbs}" "$@"\n`;
     throw new Error('buildBinShim: either nodeTarget or gjsTarget must be provided');
 }
 /**

package/lib/commands/publish.d.ts

@@ -7,6 +7,8 @@ interface PublishOptions {
     provenance?: boolean;
     'dry-run'?: boolean;
     json?: boolean;
+    trusted?: boolean | 'auto';
+    'check-trusted'?: boolean;
 }
 export declare const publishCommand: Command<any, PublishOptions>;
 export {};

package/lib/commands/publish.js

@@ -37,6 +37,7 @@ import { homedir } from 'node:os';
 import { join, resolve } from 'node:path';
 import { DEFAULT_REGISTRY, parseNpmrc, registryFor, buildHeaders, } from '@gjsify/npm-registry';
 import { packWorkspace } from './pack.js';
+import { getNpmTrustedToken, hasGithubOidcEnv, OidcExchangeError, OidcUnavailableError, } from '../utils/npm-oidc.js';
 export const publishCommand = {
     command: 'publish [path]',
     description: 'Pack + upload the workspace at <path> (default: cwd) to its npm registry. Drop-in for `npm publish` with workspace:^ rewrite handled automatically.',
@@ -70,6 +71,19 @@ export const publishCommand = {
         description: 'Emit publish metadata as JSON on stdout.',
         type: 'boolean',
         default: false,
+    })
+        .option('trusted', {
+        description: 'Authenticate via npm Trusted Publishing (OIDC): exchange the GitHub Actions id-token for a short-lived npm token. ' +
+            'Pass `--trusted` to force this mode (errors if env vars missing). ' +
+            'Omit to auto-detect: OIDC is used iff `ACTIONS_ID_TOKEN_REQUEST_URL`+`_TOKEN` are set AND no `_authToken` is present in the resolved npmrc; otherwise the long-lived token path is used. ' +
+            'Requires the calling workflow to declare `permissions: id-token: write` AND the target package to have a Trusted Publisher configured on npmjs.com.',
+        type: 'boolean',
+        default: undefined,
+    })
+        .option('check-trusted', {
+        description: 'Diagnostic mode: perform the OIDC id-token request + npm token exchange, report success/failure, then exit WITHOUT publishing. Useful as a bulk-verifier (e.g. via `gjsify foreach publish --check-trusted`) to confirm Trusted Publisher config across many packages.',
+        type: 'boolean',
+        default: false,
     }),
     handler: async (args) => {
         const wsDir = resolve(args.path ?? process.cwd());
@@ -78,9 +92,56 @@ export const publishCommand = {
         const tolerate = args['tolerate-republish'] === true;
         const provenance = args.provenance === true;
         const dryRun = args['dry-run'] === true;
+        const checkTrustedOnly = args['check-trusted'] === true;
+        const trustedFlag = args.trusted;
+        const verbose = Boolean(process.env.GJSIFY_PUBLISH_DEBUG);
         if (provenance) {
             console.warn('gjsify publish: --provenance recorded but not signed (no sigstore integration yet).');
         }
+        // `--check-trusted` short-circuits the entire pack + publish flow.
+        // Reports the OIDC exchange result for the workspace's package and
+        // exits 0 either way — by design, so `gjsify foreach publish
+        // --check-trusted` walks every workspace without bailing on the
+        // first misconfigured one. CI can grep `^✗ ` (or parse `--json`
+        // entries with `ok: false`) to surface failures.
+        if (checkTrustedOnly) {
+            const rawPkgPath = join(wsDir, 'package.json');
+            const rawPkg = JSON.parse(readFileSync(rawPkgPath, 'utf-8'));
+            if (typeof rawPkg.name !== 'string') {
+                process.stderr.write(`gjsify publish --check-trusted: ${rawPkgPath} has no \`name\` field\n`);
+                process.exit(2);
+            }
+            if (rawPkg.private === true) {
+                const out = { ok: true, action: 'check-trusted', name: rawPkg.name, skipped: 'private' };
+                if (args.json)
+                    process.stdout.write(`${JSON.stringify(out)}\n`);
+                else
+                    process.stdout.write(`- ${rawPkg.name}: skipped (private package)\n`);
+                return;
+            }
+            const npmrcCheck = await loadNpmrc(wsDir);
+            const registry = process.env.npm_config_registry ?? registryFor(rawPkg.name, npmrcCheck) ?? DEFAULT_REGISTRY;
+            try {
+                await getNpmTrustedToken({
+                    packageName: rawPkg.name,
+                    registry,
+                    log: verbose ? (m) => console.error(m) : undefined,
+                });
+                const out = { ok: true, action: 'check-trusted', name: rawPkg.name, registry };
+                if (args.json)
+                    process.stdout.write(`${JSON.stringify(out)}\n`);
+                else
+                    process.stdout.write(`✓ ${rawPkg.name}: trusted publisher OK\n`);
+                return;
+            }
+            catch (err) {
+                handleOidcFailure(err, rawPkg.name, args.json === true);
+                // Report-mode: exit 0 so `gjsify foreach` keeps walking. The
+                // `✗ <name>: <reason>` (or JSON `ok:false`) line is the
+                // failure signal for CI to grep / parse.
+                return;
+            }
+        }
         // 1. Pack the workspace (rewrites workspace:^, computes integrity)
         const packOpts = { dryRun: true };
         const packed = await packWorkspace(wsDir, packOpts);
@@ -159,10 +220,45 @@ export const publishCommand = {
         const headers = buildHeaders(url, { npmrc });
         headers['content-type'] = 'application/json';
         headers['accept'] = '*/*';
-        if (process.env.GJSIFY_PUBLISH_DEBUG) {
+        // Trusted Publishing path. `--trusted` forces OIDC (errors if env
+        // vars are missing); the default `undefined` triggers auto-detect:
+        // OIDC is used iff GitHub OIDC env vars are present AND no
+        // `NODE_AUTH_TOKEN` is set. With `NODE_AUTH_TOKEN` set the user has
+        // explicitly opted into token auth, so we don't shadow their choice.
+        const wantTrusted = trustedFlag === true ||
+            (trustedFlag === undefined && hasGithubOidcEnv() && !process.env.NODE_AUTH_TOKEN);
+        let authMode = 'token';
+        if (wantTrusted) {
+            try {
+                const { token: oidcToken, audience } = await getNpmTrustedToken({
+                    packageName: packed.name,
+                    registry,
+                    log: verbose ? (m) => console.error(m) : undefined,
+                });
+                headers['authorization'] = `Bearer ${oidcToken}`;
+                authMode = 'oidc';
+                if (verbose) {
+                    console.error(`gjsify publish: OIDC token obtained (audience=${audience})`);
+                }
+            }
+            catch (err) {
+                if (trustedFlag === true) {
+                    // Explicit --trusted: bail with a clear error.
+                    handleOidcFailure(err, packed.name, args.json === true);
+                    process.exit(1);
+                }
+                // Auto-detect: fall back to whatever buildHeaders found.
+                if (verbose) {
+                    const msg = err instanceof Error ? err.message : String(err);
+                    console.error(`gjsify publish: OIDC auto-detect failed (${msg}) — falling back to token auth`);
+                }
+            }
+        }
+        if (verbose) {
             console.error(`gjsify publish: PUT ${url} (${packed.name}@${packed.version})`);
+            console.error(`  auth-mode:     ${authMode}`);
             console.error(`  authorization: ${headers['authorization'] ? '(set)' : '(none)'}`);
-            console.error(`  payload size: ${JSON.stringify(payload).length} bytes`);
+            console.error(`  payload size:  ${JSON.stringify(payload).length} bytes`);
         }
         const res = await fetch(url, {
             method: 'PUT',
@@ -317,3 +413,28 @@ function base64Encode(bytes) {
     }
     return btoa(str);
 }
+function handleOidcFailure(err, packageName, asJson) {
+    if (err instanceof OidcUnavailableError) {
+        const msg = `gjsify publish: OIDC not available — ${err.message}`;
+        if (asJson)
+            process.stdout.write(`${JSON.stringify({ ok: false, name: packageName, error: 'oidc-unavailable', reason: err.reason, message: err.message })}\n`);
+        else
+            process.stderr.write(`${msg}\n`);
+        return;
+    }
+    if (err instanceof OidcExchangeError) {
+        const friendly = err.status === 401 || err.status === 403
+            ? `npm rejected the OIDC exchange (${err.status}) — check that ${packageName} has a Trusted Publisher configured at https://www.npmjs.com/package/${encodeURIComponent(packageName)}/access pointing at this workflow.`
+            : err.message;
+        if (asJson)
+            process.stdout.write(`${JSON.stringify({ ok: false, name: packageName, error: 'oidc-exchange', status: err.status, body: err.body, message: err.message })}\n`);
+        else
+            process.stderr.write(`✗ ${packageName}: ${friendly}\n`);
+        return;
+    }
+    const msg = err instanceof Error ? err.message : String(err);
+    if (asJson)
+        process.stdout.write(`${JSON.stringify({ ok: false, name: packageName, error: 'unknown', message: msg })}\n`);
+    else
+        process.stderr.write(`✗ ${packageName}: ${msg}\n`);
+}

package/lib/commands/uninstall.js

@@ -97,13 +97,18 @@ export const uninstallCommand = {
  *   #!/bin/sh
  *   exec '<absolute-path>' "$@"
  *
- * or (for `.gjs.mjs` / `.mjs` targets):
+ * or (for `.gjs.mjs` / `.mjs` targets, with optional GI_TYPELIB_PATH /
+ * LD_LIBRARY_PATH preamble for native @gjsify/* prebuilds):
  *
  *   #!/bin/sh
+ *   GI_TYPELIB_PATH='<dirs>'${GI_TYPELIB_PATH:+":$GI_TYPELIB_PATH"}
+ *   LD_LIBRARY_PATH='<dirs>'${LD_LIBRARY_PATH:+":$LD_LIBRARY_PATH"}
+ *   export GI_TYPELIB_PATH LD_LIBRARY_PATH
  *   exec gjs -m '<absolute-path>' "$@"
  *
- * We parse the absolute path out of the single-quoted segment and check
- * whether it's under `pkgDir`. Non-shim files (e.g. unrelated binaries
+ * We extract the single-quoted path on the `exec` line (NOT the first quoted
+ * string in the file, which with the preamble is the prebuild dir list) and
+ * check whether it's under `pkgDir`. Non-shim files (e.g. unrelated binaries
  * the user installed via `npm install -g`) are skipped silently.
  */
 function findBinShimsForPackage(binDir, pkgDir, verbose) {
@@ -126,8 +131,15 @@ function findBinShimsForPackage(binDir, pkgDir, verbose) {
             const content = readFileSync(fullPath, 'utf-8');
             if (!content.startsWith('#!/bin/sh'))
                 continue;
-            // Match the first single-quoted absolute path.
-            const m = content.match(/'([^']+)'/);
+            // Find the `exec [gjs -m] '<target>' "$@"` line; the path may
+            // contain `:` from the optional prebuild preamble lines, which
+            // is why we anchor to `exec ` rather than the first quoted run.
+            const execLine = content
+                .split('\n')
+                .find((line) => /^exec (?:gjs -m )?'/.test(line));
+            if (!execLine)
+                continue;
+            const m = execLine.match(/'([^']+)'/);
             if (!m)
                 continue;
             const target = m[1];

package/lib/index.js

@@ -8,9 +8,19 @@ import { APP_NAME } from './constants.js';
 // cosmetic — the event loop holds the process up — but under GJS the
 // script ends as soon as the top-level synchronous flow finishes, and
 // fire-and-forget handlers silently exit before any async work runs.
-await yargs(hideBin(process.argv))
+const cli = yargs(hideBin(process.argv));
+await cli
     .scriptName(APP_NAME)
     .strict()
+    // Use the full terminal width for help. yargs's default caps at 80
+    // (`Math.min(80, process.stdout.columns)`); we explicitly opt into
+    // the real terminal width so long option/description lines wrap at
+    // the actual terminal edge instead of an arbitrary 80-col limit.
+    // `terminalWidth()` reads `process.stdout.columns`, which under GJS
+    // is backed by @gjsify/terminal-native (ioctl TIOCGWINSZ) when the
+    // typelib is on GI_TYPELIB_PATH — see the global launcher in
+    // packages/infra/cli/src/utils/install-global.ts.
+    .wrap(cli.terminalWidth())
     .command(create.command, create.description, create.builder, create.handler)
     .command(install.command, install.description, install.builder, install.handler)
     .command(build.command, build.description, build.builder, build.handler)

package/lib/utils/install-backend-native.js

@@ -71,6 +71,11 @@ export async function installPackagesNative(opts) {
     // behavior). Sub-deps are not included.
     return topLevelResolutions(opts.specs, nodes);
 }
+function errMsg(err) {
+    if (err instanceof Error)
+        return err.message;
+    return String(err);
+}
 function topLevelResolutions(specs, nodes) {
     // Top-level installs live at `node_modules/<name>` (no nesting). Build
     // a name → root-node lookup limited to the top-level set.
@@ -131,7 +136,12 @@ async function resolveDeps(specs, npmrc, log, overrides) {
         const cached = packumentCache.get(name);
         if (cached)
             return cached;
-        const fresh = fetchPackument(name, { npmrc });
+        const fresh = fetchPackument(name, {
+            npmrc,
+            onRetry: ({ attempt, error, delayMs }) => {
+                log("packument %s: retry %d after %dms (%s)", name, attempt, delayMs, errMsg(error));
+            },
+        });
         packumentCache.set(name, fresh);
         return fresh;
     };
@@ -455,6 +465,9 @@ async function extractOne(node, prefix, npmrc, log) {
     const bytes = await fetchTarball(node.tarballUrl, {
         npmrc,
         integrity: node.integrity,
+        onRetry: ({ attempt, error, delayMs }) => {
+            log("tarball %s@%s: retry %d after %dms (%s)", node.name, node.version, attempt, delayMs, errMsg(error));
+        },
     });
     fs.rmSync(dest, { recursive: true, force: true });
     fs.mkdirSync(dest, { recursive: true });

package/lib/utils/install-global.js

@@ -23,6 +23,7 @@
 import * as fs from 'node:fs';
 import * as os from 'node:os';
 import * as path from 'node:path';
+import { detectNativePackages } from './detect-native-packages.js';
 /**
  * Compute the canonical global install layout for the current user. Honours
  * `XDG_DATA_HOME` (per the XDG Base Directory Spec) plus
@@ -67,6 +68,18 @@ export function defaultGlobalLayout() {
 export function linkGlobalBins(packageNames, layout) {
     fs.mkdirSync(layout.binDir, { recursive: true });
     const created = [];
+    // Discover @gjsify/* packages with native prebuilds (Vala/GObject typelibs
+    // + shared libs) under the global prefix. The launcher bakes their
+    // directories into GI_TYPELIB_PATH / LD_LIBRARY_PATH so `imports.gi.X`
+    // resolves at CLI startup — required for e.g. @gjsify/terminal-native,
+    // without which process.stdout.isTTY / columns / colors all fall back to
+    // the conservative env-only defaults (no colors, 80-col wrap).
+    //
+    // `runGjsBundle()` does the same dance for `gjsify run <bundle>` at
+    // runtime; here we do it at install time because the global launcher
+    // invokes the CLI bundle directly, with no opportunity to set env first.
+    const nativePrebuildDirs = detectNativePackages(layout.prefix).map((p) => p.prebuildsDir);
+    const envPreamble = buildLauncherEnvPreamble(nativePrebuildDirs);
     for (const pkgName of packageNames) {
         const pkgDir = path.join(layout.prefix, 'node_modules', pkgName);
         const pkgJsonPath = path.join(pkgDir, 'package.json');
@@ -101,8 +114,11 @@ export function linkGlobalBins(packageNames, layout) {
             // then tries to parse JavaScript as shell. Plain Node scripts
             // with shebangs (lib/index.js) keep the direct-exec path.
             const isGjsBundle = targetAbs.endsWith('.gjs.mjs') || targetAbs.endsWith('.mjs');
+            // Only GJS bundles need the GI typelib search path. Plain Node
+            // scripts ignore GI_TYPELIB_PATH, so skipping the preamble there
+            // keeps the launcher minimal.
             const launcher = isGjsBundle
-                ? `#!/bin/sh\nexec gjs -m ${shQuote(targetAbs)} "$@"\n`
+                ? `#!/bin/sh\n${envPreamble}exec gjs -m ${shQuote(targetAbs)} "$@"\n`
                 : `#!/bin/sh\nexec ${shQuote(targetAbs)} "$@"\n`;
             fs.writeFileSync(linkPath, launcher);
             fs.chmodSync(linkPath, 0o755);
@@ -114,6 +130,23 @@ export function linkGlobalBins(packageNames, layout) {
 function shQuote(s) {
     return `'${s.replace(/'/g, `'\\''`)}'`;
 }
+/**
+ * Build the POSIX-sh `export` lines that prepend the given prebuild
+ * directories to GI_TYPELIB_PATH and LD_LIBRARY_PATH. Any pre-existing value
+ * inherited from the user's environment is preserved as a suffix so
+ * user-installed typelibs/libraries still resolve.
+ *
+ * Returns the empty string when no prebuilds were found — avoids emitting an
+ * inert assignment in the launcher.
+ */
+function buildLauncherEnvPreamble(prebuildsDirs) {
+    if (prebuildsDirs.length === 0)
+        return '';
+    const joined = shQuote(prebuildsDirs.join(':'));
+    return (`GI_TYPELIB_PATH=${joined}\${GI_TYPELIB_PATH:+":$GI_TYPELIB_PATH"}\n` +
+        `LD_LIBRARY_PATH=${joined}\${LD_LIBRARY_PATH:+":$LD_LIBRARY_PATH"}\n` +
+        `export GI_TYPELIB_PATH LD_LIBRARY_PATH\n`);
+}
 function pickBinMap(pkgName, pkgJson) {
     const gjsifyEntry = pkgJson.gjsify;
     if (gjsifyEntry?.bin !== undefined) {

package/lib/utils/npm-oidc.d.ts

@@ -0,0 +1,53 @@
+interface OidcExchangeOptions {
+    /** Full package name including scope, e.g. `@gjsify/cli`. */
+    packageName: string;
+    /** Registry URL, e.g. `https://registry.npmjs.org`. */
+    registry: string;
+    /** Optional verbose logger — receives single-line strings. */
+    log?: (msg: string) => void;
+}
+export interface OidcExchangeResult {
+    /** Short-lived npm token (`Authorization: Bearer <token>`-compatible). */
+    token: string;
+    /** Audience used for the GitHub OIDC token request. */
+    audience: string;
+}
+export declare class OidcUnavailableError extends Error {
+    readonly reason: 'no-env' | 'fetch-id-token' | 'no-id-token';
+    constructor(message: string, reason: 'no-env' | 'fetch-id-token' | 'no-id-token');
+}
+export declare class OidcExchangeError extends Error {
+    readonly status: number;
+    readonly body: string;
+    readonly packageName: string;
+    constructor(message: string, status: number, body: string, packageName: string);
+}
+/**
+ * Probe whether OIDC publishing is available in the current process —
+ * cheap env-var check, no network access. Used by `gjsify publish` to
+ * decide between OIDC and token-based auth in auto-detect mode.
+ */
+export declare function hasGithubOidcEnv(): boolean;
+/**
+ * Request a GitHub Actions OIDC ID token for the given audience.
+ * Throws `OidcUnavailableError` when the required env vars are missing
+ * (caller can fall back to token auth) or when GitHub rejects the request.
+ */
+export declare function fetchGithubOidcToken(audience: string, log?: (msg: string) => void): Promise<string>;
+/**
+ * Exchange a GitHub OIDC JWT for a short-lived npm publish token at
+ * `/-/npm/v1/oidc/token/exchange/package/<escaped-name>`. The npm
+ * registry validates the JWT against the package's Trusted Publisher
+ * config — if no Trusted Publisher is configured, or the JWT comes from
+ * a repo/workflow that doesn't match, the exchange returns a 4xx with
+ * a descriptive body which we propagate as `OidcExchangeError`.
+ */
+export declare function exchangeOidcForNpmToken(args: OidcExchangeOptions & {
+    idToken: string;
+}): Promise<string>;
+/**
+ * End-to-end: probe env → fetch id-token → exchange for npm token.
+ * One-shot convenience for `gjsify publish` and the verification command.
+ */
+export declare function getNpmTrustedToken(opts: OidcExchangeOptions): Promise<OidcExchangeResult>;
+export {};

package/lib/utils/npm-oidc.js

@@ -0,0 +1,140 @@
+// npm Trusted Publishing — OIDC token exchange for `gjsify publish`.
+//
+// Two-step flow, mirroring `refs/npm-cli/lib/utils/oidc.js`:
+//
+//   1. Request a GitHub Actions OIDC ID token (JWT) from the runner.
+//      Requires `permissions: id-token: write` in the calling workflow.
+//      GitHub provides `ACTIONS_ID_TOKEN_REQUEST_URL` and
+//      `ACTIONS_ID_TOKEN_REQUEST_TOKEN` env vars; we GET the URL with
+//      the runner-provided audience (`npm:registry.npmjs.org`).
+//
+//   2. Exchange that JWT at npm's `/-/npm/v1/oidc/token/exchange/package/<name>`
+//      endpoint for a short-lived (~5 min) npm publish token. npm verifies
+//      the JWT against the package's configured Trusted Publisher
+//      (repository + workflow filename + optional environment) and either
+//      issues a token or rejects with an explanatory error.
+//
+// The token returned by step 2 is used for the publish PUT in the same
+// way the long-lived NPM_TOKEN would have been — drop-in replacement.
+//
+// Reference: refs/npm-cli/lib/utils/oidc.js
+// Original: Copyright (c) npm contributors. Artistic-2.0.
+export class OidcUnavailableError extends Error {
+    reason;
+    constructor(message, reason) {
+        super(message);
+        this.reason = reason;
+        this.name = 'OidcUnavailableError';
+    }
+}
+export class OidcExchangeError extends Error {
+    status;
+    body;
+    packageName;
+    constructor(message, status, body, packageName) {
+        super(message);
+        this.status = status;
+        this.body = body;
+        this.packageName = packageName;
+        this.name = 'OidcExchangeError';
+    }
+}
+/**
+ * Probe whether OIDC publishing is available in the current process —
+ * cheap env-var check, no network access. Used by `gjsify publish` to
+ * decide between OIDC and token-based auth in auto-detect mode.
+ */
+export function hasGithubOidcEnv() {
+    return Boolean(process.env.ACTIONS_ID_TOKEN_REQUEST_URL && process.env.ACTIONS_ID_TOKEN_REQUEST_TOKEN);
+}
+/**
+ * Request a GitHub Actions OIDC ID token for the given audience.
+ * Throws `OidcUnavailableError` when the required env vars are missing
+ * (caller can fall back to token auth) or when GitHub rejects the request.
+ */
+export async function fetchGithubOidcToken(audience, log) {
+    const url = process.env.ACTIONS_ID_TOKEN_REQUEST_URL;
+    const bearer = process.env.ACTIONS_ID_TOKEN_REQUEST_TOKEN;
+    if (!url || !bearer) {
+        throw new OidcUnavailableError('GitHub Actions OIDC env vars (ACTIONS_ID_TOKEN_REQUEST_{URL,TOKEN}) not set. ' +
+            'The calling workflow needs `permissions: id-token: write`.', 'no-env');
+    }
+    const requestUrl = new URL(url);
+    requestUrl.searchParams.set('audience', audience);
+    log?.(`gjsify oidc: GET ${requestUrl.href.replace(bearer, '<bearer>')}`);
+    const res = await fetch(requestUrl.href, {
+        method: 'GET',
+        headers: {
+            Accept: 'application/json',
+            Authorization: `Bearer ${bearer}`,
+        },
+    });
+    if (!res.ok) {
+        const text = await res.text().catch(() => '<no body>');
+        throw new OidcUnavailableError(`Failed to fetch GitHub OIDC id_token: ${res.status} ${res.statusText} — ${text.slice(0, 200)}`, 'fetch-id-token');
+    }
+    const json = (await res.json().catch(() => ({})));
+    if (!json.value) {
+        throw new OidcUnavailableError('GitHub OIDC response missing `value` field', 'no-id-token');
+    }
+    return json.value;
+}
+/**
+ * Exchange a GitHub OIDC JWT for a short-lived npm publish token at
+ * `/-/npm/v1/oidc/token/exchange/package/<escaped-name>`. The npm
+ * registry validates the JWT against the package's Trusted Publisher
+ * config — if no Trusted Publisher is configured, or the JWT comes from
+ * a repo/workflow that doesn't match, the exchange returns a 4xx with
+ * a descriptive body which we propagate as `OidcExchangeError`.
+ */
+export async function exchangeOidcForNpmToken(args) {
+    const { packageName, registry, idToken, log } = args;
+    const registryClean = registry.endsWith('/') ? registry.slice(0, -1) : registry;
+    // npm-package-arg's escapedName convention — same as gjsify publish.ts.
+    const escapedName = packageName.startsWith('@')
+        ? (() => {
+            const slash = packageName.indexOf('/');
+            const scope = packageName.slice(1, slash);
+            const base = packageName.slice(slash + 1);
+            return `@${encodeURIComponent(scope)}%2f${encodeURIComponent(base)}`;
+        })()
+        : encodeURIComponent(packageName);
+    const exchangeUrl = `${registryClean}/-/npm/v1/oidc/token/exchange/package/${escapedName}`;
+    log?.(`gjsify oidc: POST ${exchangeUrl}`);
+    const res = await fetch(exchangeUrl, {
+        method: 'POST',
+        headers: {
+            Authorization: `Bearer ${idToken}`,
+            'Content-Type': 'application/json',
+            Accept: 'application/json',
+        },
+        // npm's exchange endpoint accepts an empty JSON body — the JWT is
+        // the proof, no additional claims needed from us.
+        body: '{}',
+    });
+    const text = await res.text().catch(() => '');
+    if (!res.ok) {
+        throw new OidcExchangeError(`npm OIDC token exchange failed for ${packageName}: ${res.status} ${res.statusText} — ${text.slice(0, 300)}`, res.status, text, packageName);
+    }
+    let json;
+    try {
+        json = JSON.parse(text);
+    }
+    catch {
+        throw new OidcExchangeError(`npm OIDC token exchange returned non-JSON body for ${packageName}: ${text.slice(0, 200)}`, res.status, text, packageName);
+    }
+    if (!json.token) {
+        throw new OidcExchangeError(`npm OIDC token exchange returned no \`token\` field for ${packageName}`, res.status, text, packageName);
+    }
+    return json.token;
+}
+/**
+ * End-to-end: probe env → fetch id-token → exchange for npm token.
+ * One-shot convenience for `gjsify publish` and the verification command.
+ */
+export async function getNpmTrustedToken(opts) {
+    const audience = `npm:${new URL(opts.registry).hostname}`;
+    const idToken = await fetchGithubOidcToken(audience, opts.log);
+    const token = await exchangeOidcForNpmToken({ ...opts, idToken });
+    return { token, audience };
+}

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@gjsify/cli",
-    "version": "0.4.15",
+    "version": "0.4.17",
     "description": "CLI for Gjsify",
     "type": "module",
     "main": "lib/index.js",
@@ -37,18 +37,18 @@
         "cli"
     ],
     "dependencies": {
-        "@gjsify/buffer": "^0.4.15",
-        "@gjsify/create-app": "^0.4.15",
-        "@gjsify/node-globals": "^0.4.15",
-        "@gjsify/node-polyfills": "^0.4.15",
-        "@gjsify/npm-registry": "^0.4.15",
-        "@gjsify/resolve-npm": "^0.4.15",
-        "@gjsify/rolldown-plugin-gjsify": "^0.4.15",
-        "@gjsify/rolldown-plugin-pnp": "^0.4.15",
-        "@gjsify/semver": "^0.4.15",
-        "@gjsify/tar": "^0.4.15",
-        "@gjsify/web-polyfills": "^0.4.15",
-        "@gjsify/workspace": "^0.4.15",
+        "@gjsify/buffer": "^0.4.17",
+        "@gjsify/create-app": "^0.4.17",
+        "@gjsify/node-globals": "^0.4.17",
+        "@gjsify/node-polyfills": "^0.4.17",
+        "@gjsify/npm-registry": "^0.4.17",
+        "@gjsify/resolve-npm": "^0.4.17",
+        "@gjsify/rolldown-plugin-gjsify": "^0.4.17",
+        "@gjsify/rolldown-plugin-pnp": "^0.4.17",
+        "@gjsify/semver": "^0.4.17",
+        "@gjsify/tar": "^0.4.17",
+        "@gjsify/web-polyfills": "^0.4.17",
+        "@gjsify/workspace": "^0.4.17",
         "cosmiconfig": "^9.0.1",
         "get-tsconfig": "^4.14.0",
         "pkg-types": "^2.3.1",
@@ -56,12 +56,12 @@
         "yargs": "^18.0.0"
     },
     "devDependencies": {
-        "@gjsify/unit": "^0.4.15",
+        "@gjsify/unit": "^0.4.17",
         "@types/yargs": "^17.0.35",
         "typescript": "^6.0.3"
     },
     "peerDependencies": {
-        "@gjsify/rolldown-native": "^0.4.15"
+        "@gjsify/rolldown-native": "^0.4.17"
     },
     "peerDependenciesMeta": {
         "@gjsify/rolldown-native": {