From ca9f306c6738e9648e0e093a7e7f6872b1b9feb3 Mon Sep 17 00:00:00 2001
From: sean <sean@deepracticex.com>
Date: Mon, 2 Jun 2025 10:15:44 +0800
Subject: [PATCH] =?UTF-8?q?=F0=9F=94=A7=20=E4=BD=BF=E7=94=A8=E7=BB=84?=
 =?UTF-8?q?=E7=BB=87=E7=BA=A7ORG=5FNPM=5FTOKEN=E6=9B=BF=E4=BB=A3NPM=5FTOKE?=
 =?UTF-8?q?N=20-=20=E6=9B=B4=E6=96=B0CI=E9=85=8D=E7=BD=AE=E4=BD=BF?=
 =?UTF-8?q?=E7=94=A8secrets.ORG=5FNPM=5FTOKEN=20-=20=E6=9B=B4=E6=96=B0?=
 =?UTF-8?q?=E6=96=87=E6=A1=A3=E8=AF=B4=E6=98=8E=E7=BB=84=E7=BB=87=E7=BA=A7?=
 =?UTF-8?q?token=E9=85=8D=E7=BD=AE=E6=96=B9=E6=B3=95=20-=20=E5=87=86?=
 =?UTF-8?q?=E5=A4=87=E6=B5=8B=E8=AF=95npm=E8=AE=A4=E8=AF=81?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .github/workflows/snapshot.yml |  4 ++--
 docs/npm-publishing-setup.md   | 18 +++++++++++++++---
 2 files changed, 17 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/snapshot.yml b/.github/workflows/snapshot.yml
index cb46704..c008aa8 100644
--- a/.github/workflows/snapshot.yml
+++ b/.github/workflows/snapshot.yml
@@ -62,8 +62,8 @@ jobs:
           echo "SNAPSHOT_VERSION=$SNAPSHOT_VERSION" >> $GITHUB_ENV
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
-          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+          NPM_TOKEN: ${{ secrets.ORG_NPM_TOKEN }}
+          NODE_AUTH_TOKEN: ${{ secrets.ORG_NPM_TOKEN }}
 
       - name: Comment on related PRs
         if: success()
diff --git a/docs/npm-publishing-setup.md b/docs/npm-publishing-setup.md
index fd6f17e..91ea281 100644
--- a/docs/npm-publishing-setup.md
+++ b/docs/npm-publishing-setup.md
@@ -27,7 +27,15 @@ npm error need auth You need to authorize this machine using `npm adduser`
 #### 步骤1：访问仓库设置
 访问：https://github.com/Deepractice/PromptX/settings/secrets/actions
 
-#### 步骤2：添加NPM_TOKEN
+#### 步骤2：添加ORG_NPM_TOKEN（组织级）
+1. 访问组织设置：https://github.com/organizations/Deepractice/settings/secrets/actions
+2. 点击 "New organization secret"
+3. Name: `ORG_NPM_TOKEN`
+4. Secret: 粘贴上一步获取的npm token
+5. Repository access: 选择适当的访问权限
+6. 点击 "Add secret"
+
+或者添加仓库级的NPM_TOKEN：
 1. 点击 "New repository secret"
 2. Name: `NPM_TOKEN`
 3. Secret: 粘贴上一步获取的npm token
@@ -111,6 +119,10 @@ DPML项目（https://github.com/Deepractice/dpml）也使用类似的发布流
 - ✅ 使用pnpm发布（与DPML项目一致）
 - ✅ 移除了手动.npmrc配置（使用actions/setup-node自动配置）
 
+已更新配置：
+- ✅ 使用组织级ORG_NPM_TOKEN
+- ✅ CI配置已更新为使用组织token
+
 待验证：
-- 🔍 GitHub Secrets中的NPM_TOKEN配置
-- 🔍 npm账户的包发布权限 # 测试CI npm认证配置
+- 🔍 组织token的访问权限设置
+- 🔍 npm账户的包发布权限