ci: use OIDC for nightly npm publish (drop NPMJS_TOKEN)

[chakAs3]

Nightly releases already run in the same workflow file as tag releases and have id-token: write. With trusted publishing configured for this repo + release.yml, npm/pnpm can authenticate via GitHub OIDC without NODE_AUTH_TOKEN.

Change

• Remove NODE_AUTH_TOKEN: secrets.NPMJS_TOKEN from the Nightly release step so behavior matches the tag release job (OIDC-only publish).

Why

• Aligns nightly with trusted publishing and avoids relying on a long-lived (or missing/expired) granular token in GitHub secrets.

After merge

• Confirm the next push to main runs pnpm nightly-release successfully. If NPMJS_TOKEN is unused elsewhere, the secret can be removed from repo settings.

Made with Cursor

[netlify]

❌ Deploy Preview for nuxt-storybook failed. Why did it fail? →

Name	Link
🔨 Latest commit	315c9d9
🔍 Latest deploy log	https://app.netlify.com/projects/nuxt-storybook/deploys/69db7c5cd02fc40008af7df1

[pkg-pr-new]

Open in StackBlitz

npm i https://pkg.pr.new/@nuxtjs/storybook@1048

npm i https://pkg.pr.new/@storybook-vue/nuxt@1048

commit: 315c9d9

[tobiasdiez]

Thanks! I tried that in #1047, but it's still not working. Any idea?