fix(ci): inline CI setup, add Node 24 support, harden workflows (#1176)

* fix(ci): inline CI setup, add Node 24 support, harden workflows

Previously our CI workflows depended on a shared composite action from
the socket-registry repo (setup-and-install). That action was pinned to
an October 2025 SHA that predated Node 24 support, and updating it meant
tracking SHA cascades across multiple layers of nested actions.

This commit replaces that dependency by inlining every setup step
directly into each workflow file. Now each workflow is self-contained
and easy to read top-to-bottom:

  1. actions/checkout   — clone the repo
  2. pnpm/action-setup  — install pnpm (version from package.json)
  3. actions/setup-node  — install the right Node.js version
  4. Download sfw-free   — fetch the Socket Firewall binary
  5. Create sfw shims    — wrap npm/yarn/pnpm through the firewall
  6. pnpm install        — install dependencies (through the firewall)

All three actions are pinned to full commit SHAs (not version tags) so
the exact code that runs is deterministic and auditable.

Binary downloads (sfw-free v1.6.1) are verified against SHA-256
checksums baked into the workflow. If someone tampers with a release
asset, CI will fail immediately instead of running untrusted code.

The sfw shim scripts handle both Linux/macOS and Windows:
- On Windows, MSYS-style paths (/c/Users/...) are converted to native
  format (C:\Users\...) so sfw-free can resolve them correctly.
- .cmd wrapper files are generated alongside bash shims for Windows.
- Each shim strips its own directory from PATH before exec to prevent
  infinite recursion (shim calling itself instead of the real binary).

Other changes:

- Node 24 is now tested in the CI matrix alongside Node 20 and 22.
  Provenance publishes with Node 24.

- The lint job now runs zizmor (a GitHub Actions security auditor) on
  every push/PR. It downloads a pinned, checksum-verified native binary
  — no Docker, Python, or pip needed. It scans .github/ for template
  injection, unpinned actions, cache poisoning, and other issues.

- Removed three dead workflow files that referenced shared workflows
  which no longer exist upstream: claude-auto-review.yml, claude.yml,
  and socket-auto-pr.yml.

- Fixed template injection in provenance.yml: inputs.dist-tag was
  interpolated directly into run blocks (attackable via workflow
  dispatch). Now passed through an environment variable instead.

- Removed the push/tag trigger from e2e-tests.yml to eliminate a
  cache-poisoning vector flagged by zizmor (PR + tag triggers combined
  with action caching).

- Removed the old npm install -g npm@latest hack from provenance.yml
  since Node 24 ships with a modern npm.

* fix(ci): replace pnpm/action-setup with inline binary download

Replace the pnpm/action-setup third-party action with a direct download
of the pnpm standalone binary from GitHub releases, matching the same
pattern used for sfw-free and zizmor.

The pnpm binary (v10.33.0) is downloaded, checksum-verified against a
SHA-256 hash, and symlinked as "pnpm" on PATH. This removes the last
third-party action dependency beyond actions/checkout and
actions/setup-node.

* chore: add packageManager field for pnpm 10.33.0

Aligns socket-cli with all other Socket repos which already declare
packageManager in package.json. This lets corepack and tooling auto-
detect the correct pnpm version.

* fix(ci): allow zizmor warnings (exit 13) in audit step

Zizmor exits 13 for warnings-only and 14 for errors. The
secrets-outside-env warnings are expected (requires GitHub environment
configuration) so we allow exit code 13 while still failing on actual
errors.

* chore: use Node 25.9.0 for lint, typecheck, and provenance

* chore: add sfw-free ecosystem docs link to shim loops

* fix(ci): work around sfw-free missing GIT_SSL_CAINFO

* fix(ci): use sha256sum with shasum fallback for Windows compatibility

* fix(ci): strip backslash prefix from sha256sum output on Windows

* fix(ci): copy pnpm binary as pnpm.exe on Windows instead of symlink

Author: jdalton

.github/workflows/ci.yml

@@ -1,9 +1,6 @@
 name: E2E Tests
 
 on:
-  push:
-    branches: [main]
-    tags: ['*']
   pull_request:
     branches: [main, v1.x]
   workflow_dispatch:
@@ -22,10 +19,124 @@ jobs:
         os: [ubuntu-latest]
         # os: [ubuntu-latest, windows-latest] - Windows tests disbaled (see project https://linear.app/socketdev/project/autofixes-windows-support-fc2f2a45f759)
     steps:
-      - uses: SocketDev/socket-registry/.github/actions/setup-and-install@51be85d39d3b4a42dd9d4712948b9d30a2e04794
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        with:
+          persist-credentials: false
+
+      - name: Install pnpm
+        shell: bash
+        run: | # zizmor: ignore[github-env]
+          PNPM_VERSION="10.33.0"
+          PNPM_DIR="${RUNNER_TEMP:-/tmp}/pnpm-bin"
+          KERNEL="$(uname -s | cut -d- -f1)"
+          ARCH="$(uname -m)"
+          case "${KERNEL}-${ARCH}" in
+            Linux-x86_64)                      ASSET="pnpm-linux-x64"    ; EXPECTED_SHA256="8d4e8f7d778e8ac482022e2577011706a872542f6f6f233e795a4d9f978ea8b5" ;;
+            Linux-aarch64)                     ASSET="pnpm-linux-arm64"   ; EXPECTED_SHA256="06755ad2817548b84317d857d5c8003dc6e9e28416a3ea7467256c49ab400d48" ;;
+            Darwin-x86_64)                     ASSET="pnpm-macos-x64"    ; EXPECTED_SHA256="c31e29554b0e3f4e03f4617195c949595e4dca36085922003de4896c3ca4057d" ;;
+            Darwin-arm64)                      ASSET="pnpm-macos-arm64"  ; EXPECTED_SHA256="ed8a1f140f4de457b01ebe0be3ae28e9a7e28863315dcd53d22ff1e5a32d63ae" ;;
+            MINGW64_NT-x86_64|MSYS_NT-x86_64) ASSET="pnpm-win-x64.exe" ; EXPECTED_SHA256="afc96009dc39fe23a835d65192049e6a995f342496b175585dc2beda7d42d33f" ;;
+            *) echo "Unsupported platform: ${KERNEL}-${ARCH}" >&2; exit 1 ;;
+          esac
+          PNPM_BIN="$PNPM_DIR/$ASSET"
+          if [ ! -x "$PNPM_BIN" ]; then
+            mkdir -p "$PNPM_DIR"
+            curl -fsSL -o "$PNPM_BIN" "https://github.com/pnpm/pnpm/releases/download/v${PNPM_VERSION}/${ASSET}"
+            ACTUAL_SHA256="$( (sha256sum "$PNPM_BIN" 2>/dev/null || shasum -a 256 "$PNPM_BIN") | cut -d' ' -f1 | tr -d '\\')"
+            if [ "$ACTUAL_SHA256" != "$EXPECTED_SHA256" ]; then
+              echo "Checksum mismatch for ${ASSET}!" >&2
+              echo "  Expected: ${EXPECTED_SHA256}" >&2
+              echo "  Actual:   ${ACTUAL_SHA256}" >&2
+              rm -f "$PNPM_BIN"
+              exit 1
+            fi
+            chmod +x "$PNPM_BIN"
+            # Create pnpm alias. Windows needs a .exe copy; Unix uses a symlink.
+            if [[ "$ASSET" == *.exe ]]; then
+              cp "$PNPM_BIN" "$PNPM_DIR/pnpm.exe"
+            else
+              ln -sf "$PNPM_BIN" "$PNPM_DIR/pnpm"
+            fi
+          fi
+          echo "$PNPM_DIR" >> "${GITHUB_PATH:-/dev/null}"
+
+      - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
         with:
           node-version: ${{ matrix.node-version }}
 
+      - name: Download sfw-free
+        shell: bash
+        env:
+          GH_TOKEN: ${{ github.token }}
+        run: | # zizmor: ignore[github-env]
+          SFW_DIR="${RUNNER_TEMP:-/tmp}/sfw-bin"
+          KERNEL="$(uname -s | cut -d- -f1)"
+          ARCH="$(uname -m)"
+          case "${KERNEL}-${ARCH}" in
+            Linux-x86_64)                      ASSET="sfw-free-linux-x86_64"       ; SFW_BIN="$SFW_DIR/sfw"     ; EXPECTED_SHA256="4a1e8b65e90fce7d5fd066cf0af6c93d512065fa4222a475c8d959a6bc14b9ff" ;;
+            Linux-aarch64)                     ASSET="sfw-free-linux-arm64"         ; SFW_BIN="$SFW_DIR/sfw"     ; EXPECTED_SHA256="df2eedb2daf2572eee047adb8bfd81c9069edcb200fc7d3710fca98ec3ca81a1" ;;
+            Darwin-x86_64)                     ASSET="sfw-free-macos-x86_64"       ; SFW_BIN="$SFW_DIR/sfw"     ; EXPECTED_SHA256="724ccea19d847b79db8cc8e38f5f18ce2dd32336007f42b11bed7d2e5f4a2566" ;;
+            Darwin-arm64)                      ASSET="sfw-free-macos-arm64"        ; SFW_BIN="$SFW_DIR/sfw"     ; EXPECTED_SHA256="bf1616fc44ac49f1cb2067fedfa127a3ae65d6ec6d634efbb3098cfa355e5555" ;;
+            MINGW64_NT-x86_64|MSYS_NT-x86_64) ASSET="sfw-free-windows-x86_64.exe" ; SFW_BIN="$SFW_DIR/sfw.exe" ; EXPECTED_SHA256="c953e62ad7928d4d8f2302f5737884ea1a757babc26bed6a42b9b6b68a5d54af" ;;
+            *) echo "Unsupported platform: ${KERNEL}-${ARCH}" >&2; exit 1 ;;
+          esac
+          if [ ! -x "$SFW_BIN" ]; then
+            mkdir -p "$SFW_DIR"
+            DOWNLOAD_URL="$(gh api repos/SocketDev/sfw-free/releases/latest \
+              --jq ".assets[] | select(.name == \"$ASSET\") | .browser_download_url")"
+            curl -fsSL -o "$SFW_BIN" "$DOWNLOAD_URL"
+            ACTUAL_SHA256="$( (sha256sum "$SFW_BIN" 2>/dev/null || shasum -a 256 "$SFW_BIN") | cut -d' ' -f1 | tr -d '\\')"
+            if [ "$ACTUAL_SHA256" != "$EXPECTED_SHA256" ]; then
+              echo "Checksum mismatch for ${ASSET}!" >&2
+              echo "  Expected: ${EXPECTED_SHA256}" >&2
+              echo "  Actual:   ${ACTUAL_SHA256}" >&2
+              rm -f "$SFW_BIN"
+              exit 1
+            fi
+            chmod +x "$SFW_BIN"
+          fi
+          echo "SFW_BIN=$SFW_BIN" >> "${GITHUB_ENV:-/dev/null}"
+
+      - name: Create sfw shims
+        shell: bash
+        run: | # zizmor: ignore[github-env]
+          SHIM_DIR="${RUNNER_TEMP:-/tmp}/sfw-shim"
+          rm -rf "$SHIM_DIR"
+          mkdir -p "$SHIM_DIR"
+          IS_WINDOWS=false
+          [[ "$OSTYPE" == msys* || "$OSTYPE" == cygwin* ]] && IS_WINDOWS=true
+          msys_to_win_path() {
+            if $IS_WINDOWS && [[ "$1" =~ ^/([a-zA-Z])/(.*) ]]; then
+              echo "${BASH_REMATCH[1]^^}:\\${BASH_REMATCH[2]//\//\\}"
+            else
+              echo "$1"
+            fi
+          }
+          strip_shim_dir() { echo "$PATH" | tr ':' '\n' | grep -vxF "$SHIM_DIR" | paste -sd: -; }
+          CLEAN_PATH="$(strip_shim_dir)"
+          # https://docs.socket.dev/docs/socket-firewall-free#what-ecosystems-and-package-managers-are-supported
+          for CMD in npm yarn pnpm pip uv cargo; do
+            REAL="$(PATH="$CLEAN_PATH" command -v "$CMD" 2>/dev/null || true)"
+            [ -z "$REAL" ] && continue
+            REAL="$(msys_to_win_path "$REAL")"
+            printf '%s\n' \
+              '#!/bin/bash' \
+              "export PATH=\"\$(echo \"\$PATH\" | tr ':' '\n' | grep -vxF '${SHIM_DIR}' | paste -sd: -)\"" \
+              'export GIT_SSL_NO_VERIFY=true # Workaround: sfw-free does not yet set GIT_SSL_CAINFO.' \
+              "exec \"${SFW_BIN}\" \"${REAL}\" \"\$@\"" \
+              > "$SHIM_DIR/$CMD"
+            chmod +x "$SHIM_DIR/$CMD"
+            if $IS_WINDOWS; then
+              printf '@echo off\r\nset "PATH=;%%PATH%%;"\r\nset "PATH=%%PATH:;%s;=;%%"\r\nset "PATH=%%PATH:~1,-1%%"\r\n"%s" "%s" %%*\r\n' \
+                "$SHIM_DIR" "$SFW_BIN" "$REAL" > "$SHIM_DIR/$CMD.cmd"
+            fi
+          done
+          echo "$SHIM_DIR" >> "${GITHUB_PATH:-/dev/null}"
+          echo "SFW_SHIM_DIR=$SHIM_DIR" >> "${GITHUB_ENV:-/dev/null}"
+
+      - name: Install dependencies
+        run: pnpm install --loglevel error
+
       - name: Install uv
         run: curl -LsSf https://astral.sh/uv/install.sh | sh
 

.github/workflows/claude-auto-review.yml

@@ -25,31 +25,149 @@ jobs:
       id-token: write
 
     steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
-      - uses: SocketDev/socket-registry/.github/actions/setup@1543e937143cf84e5161ad18c04cbd99c8a4c6d8
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
+          persist-credentials: false
+
+      - name: Install pnpm
+        shell: bash
+        run: | # zizmor: ignore[github-env]
+          PNPM_VERSION="10.33.0"
+          PNPM_DIR="${RUNNER_TEMP:-/tmp}/pnpm-bin"
+          KERNEL="$(uname -s | cut -d- -f1)"
+          ARCH="$(uname -m)"
+          case "${KERNEL}-${ARCH}" in
+            Linux-x86_64)                      ASSET="pnpm-linux-x64"    ; EXPECTED_SHA256="8d4e8f7d778e8ac482022e2577011706a872542f6f6f233e795a4d9f978ea8b5" ;;
+            Linux-aarch64)                     ASSET="pnpm-linux-arm64"   ; EXPECTED_SHA256="06755ad2817548b84317d857d5c8003dc6e9e28416a3ea7467256c49ab400d48" ;;
+            Darwin-x86_64)                     ASSET="pnpm-macos-x64"    ; EXPECTED_SHA256="c31e29554b0e3f4e03f4617195c949595e4dca36085922003de4896c3ca4057d" ;;
+            Darwin-arm64)                      ASSET="pnpm-macos-arm64"  ; EXPECTED_SHA256="ed8a1f140f4de457b01ebe0be3ae28e9a7e28863315dcd53d22ff1e5a32d63ae" ;;
+            MINGW64_NT-x86_64|MSYS_NT-x86_64) ASSET="pnpm-win-x64.exe" ; EXPECTED_SHA256="afc96009dc39fe23a835d65192049e6a995f342496b175585dc2beda7d42d33f" ;;
+            *) echo "Unsupported platform: ${KERNEL}-${ARCH}" >&2; exit 1 ;;
+          esac
+          PNPM_BIN="$PNPM_DIR/$ASSET"
+          if [ ! -x "$PNPM_BIN" ]; then
+            mkdir -p "$PNPM_DIR"
+            curl -fsSL -o "$PNPM_BIN" "https://github.com/pnpm/pnpm/releases/download/v${PNPM_VERSION}/${ASSET}"
+            ACTUAL_SHA256="$( (sha256sum "$PNPM_BIN" 2>/dev/null || shasum -a 256 "$PNPM_BIN") | cut -d' ' -f1 | tr -d '\\')"
+            if [ "$ACTUAL_SHA256" != "$EXPECTED_SHA256" ]; then
+              echo "Checksum mismatch for ${ASSET}!" >&2
+              echo "  Expected: ${EXPECTED_SHA256}" >&2
+              echo "  Actual:   ${ACTUAL_SHA256}" >&2
+              rm -f "$PNPM_BIN"
+              exit 1
+            fi
+            chmod +x "$PNPM_BIN"
+            # Create pnpm alias. Windows needs a .exe copy; Unix uses a symlink.
+            if [[ "$ASSET" == *.exe ]]; then
+              cp "$PNPM_BIN" "$PNPM_DIR/pnpm.exe"
+            else
+              ln -sf "$PNPM_BIN" "$PNPM_DIR/pnpm"
+            fi
+          fi
+          echo "$PNPM_DIR" >> "${GITHUB_PATH:-/dev/null}"
+
+      - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
+        with:
+          node-version: 25.9.0
+          cache: pnpm
+          registry-url: https://registry.npmjs.org
           scope: '@socketsecurity'
-      - run: npm install -g npm@latest
-      - run: pnpm install
+
+      - name: Download sfw-free
+        shell: bash
+        env:
+          GH_TOKEN: ${{ github.token }}
+        run: | # zizmor: ignore[github-env]
+          SFW_DIR="${RUNNER_TEMP:-/tmp}/sfw-bin"
+          KERNEL="$(uname -s | cut -d- -f1)"
+          ARCH="$(uname -m)"
+          case "${KERNEL}-${ARCH}" in
+            Linux-x86_64)                      ASSET="sfw-free-linux-x86_64"       ; SFW_BIN="$SFW_DIR/sfw"     ; EXPECTED_SHA256="4a1e8b65e90fce7d5fd066cf0af6c93d512065fa4222a475c8d959a6bc14b9ff" ;;
+            Linux-aarch64)                     ASSET="sfw-free-linux-arm64"         ; SFW_BIN="$SFW_DIR/sfw"     ; EXPECTED_SHA256="df2eedb2daf2572eee047adb8bfd81c9069edcb200fc7d3710fca98ec3ca81a1" ;;
+            Darwin-x86_64)                     ASSET="sfw-free-macos-x86_64"       ; SFW_BIN="$SFW_DIR/sfw"     ; EXPECTED_SHA256="724ccea19d847b79db8cc8e38f5f18ce2dd32336007f42b11bed7d2e5f4a2566" ;;
+            Darwin-arm64)                      ASSET="sfw-free-macos-arm64"        ; SFW_BIN="$SFW_DIR/sfw"     ; EXPECTED_SHA256="bf1616fc44ac49f1cb2067fedfa127a3ae65d6ec6d634efbb3098cfa355e5555" ;;
+            MINGW64_NT-x86_64|MSYS_NT-x86_64) ASSET="sfw-free-windows-x86_64.exe" ; SFW_BIN="$SFW_DIR/sfw.exe" ; EXPECTED_SHA256="c953e62ad7928d4d8f2302f5737884ea1a757babc26bed6a42b9b6b68a5d54af" ;;
+            *) echo "Unsupported platform: ${KERNEL}-${ARCH}" >&2; exit 1 ;;
+          esac
+          if [ ! -x "$SFW_BIN" ]; then
+            mkdir -p "$SFW_DIR"
+            DOWNLOAD_URL="$(gh api repos/SocketDev/sfw-free/releases/latest \
+              --jq ".assets[] | select(.name == \"$ASSET\") | .browser_download_url")"
+            curl -fsSL -o "$SFW_BIN" "$DOWNLOAD_URL"
+            ACTUAL_SHA256="$( (sha256sum "$SFW_BIN" 2>/dev/null || shasum -a 256 "$SFW_BIN") | cut -d' ' -f1 | tr -d '\\')"
+            if [ "$ACTUAL_SHA256" != "$EXPECTED_SHA256" ]; then
+              echo "Checksum mismatch for ${ASSET}!" >&2
+              echo "  Expected: ${EXPECTED_SHA256}" >&2
+              echo "  Actual:   ${ACTUAL_SHA256}" >&2
+              rm -f "$SFW_BIN"
+              exit 1
+            fi
+            chmod +x "$SFW_BIN"
+          fi
+          echo "SFW_BIN=$SFW_BIN" >> "${GITHUB_ENV:-/dev/null}"
+
+      - name: Create sfw shims
+        shell: bash
+        run: | # zizmor: ignore[github-env]
+          SHIM_DIR="${RUNNER_TEMP:-/tmp}/sfw-shim"
+          rm -rf "$SHIM_DIR"
+          mkdir -p "$SHIM_DIR"
+          IS_WINDOWS=false
+          [[ "$OSTYPE" == msys* || "$OSTYPE" == cygwin* ]] && IS_WINDOWS=true
+          msys_to_win_path() {
+            if $IS_WINDOWS && [[ "$1" =~ ^/([a-zA-Z])/(.*) ]]; then
+              echo "${BASH_REMATCH[1]^^}:\\${BASH_REMATCH[2]//\//\\}"
+            else
+              echo "$1"
+            fi
+          }
+          strip_shim_dir() { echo "$PATH" | tr ':' '\n' | grep -vxF "$SHIM_DIR" | paste -sd: -; }
+          CLEAN_PATH="$(strip_shim_dir)"
+          # https://docs.socket.dev/docs/socket-firewall-free#what-ecosystems-and-package-managers-are-supported
+          for CMD in npm yarn pnpm pip uv cargo; do
+            REAL="$(PATH="$CLEAN_PATH" command -v "$CMD" 2>/dev/null || true)"
+            [ -z "$REAL" ] && continue
+            REAL="$(msys_to_win_path "$REAL")"
+            printf '%s\n' \
+              '#!/bin/bash' \
+              "export PATH=\"\$(echo \"\$PATH\" | tr ':' '\n' | grep -vxF '${SHIM_DIR}' | paste -sd: -)\"" \
+              'export GIT_SSL_NO_VERIFY=true # Workaround: sfw-free does not yet set GIT_SSL_CAINFO.' \
+              "exec \"${SFW_BIN}\" \"${REAL}\" \"\$@\"" \
+              > "$SHIM_DIR/$CMD"
+            chmod +x "$SHIM_DIR/$CMD"
+            if $IS_WINDOWS; then
+              printf '@echo off\r\nset "PATH=;%%PATH%%;"\r\nset "PATH=%%PATH:;%s;=;%%"\r\nset "PATH=%%PATH:~1,-1%%"\r\n"%s" "%s" %%*\r\n' \
+                "$SHIM_DIR" "$SFW_BIN" "$REAL" > "$SHIM_DIR/$CMD.cmd"
+            fi
+          done
+          echo "$SHIM_DIR" >> "${GITHUB_PATH:-/dev/null}"
+          echo "SFW_SHIM_DIR=$SHIM_DIR" >> "${GITHUB_ENV:-/dev/null}"
+
+      - name: Install dependencies
+        run: pnpm install --loglevel error
+
       - run: INLINED_SOCKET_CLI_PUBLISHED_BUILD=1 pnpm run build:dist
-      - run: npm publish --provenance --access public --tag ${{ inputs.dist-tag }}
+      - run: npm publish --provenance --access public --tag "${NPM_DIST_TAG}"
         continue-on-error: true
         env:
+          NPM_DIST_TAG: ${{ inputs.dist-tag }}
           NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
           SOCKET_CLI_DEBUG: ${{ inputs.debug }}
       - run: INLINED_SOCKET_CLI_PUBLISHED_BUILD=1 INLINED_SOCKET_CLI_LEGACY_BUILD=1 pnpm run build:dist
         env:
           SOCKET_CLI_DEBUG: ${{ inputs.debug }}
-      - run: npm publish --provenance --access public --tag ${{ inputs.dist-tag }}
+      - run: npm publish --provenance --access public --tag "${NPM_DIST_TAG}"
         continue-on-error: true
         env:
+          NPM_DIST_TAG: ${{ inputs.dist-tag }}
           NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
           SOCKET_CLI_DEBUG: ${{ inputs.debug }}
       - run: INLINED_SOCKET_CLI_PUBLISHED_BUILD=1 INLINED_SOCKET_CLI_SENTRY_BUILD=1 pnpm run build:dist
         env:
           SOCKET_CLI_DEBUG: ${{ inputs.debug }}
-      - run: npm publish --provenance --access public --tag ${{ inputs.dist-tag }}
+      - run: npm publish --provenance --access public --tag "${NPM_DIST_TAG}"
         continue-on-error: true
         env:
+          NPM_DIST_TAG: ${{ inputs.dist-tag }}
           NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
           SOCKET_CLI_DEBUG: ${{ inputs.debug }}

.github/workflows/claude.yml

@@ -196,6 +196,7 @@
     "node": ">=18",
     "pnpm": ">=10.16.0"
   },
+  "packageManager": "pnpm@10.33.0",
   "files": [
     "bin/**",
     "dist/**",