Add Support for NPM Trusted Publishing via OIDC in Bitbucket Pipelines

XMLWordPrintable

    • 2

      Issue
      Currently, Bitbucket Pipelines does not support NPM Trusted Publishing using OIDC. Following the NPM security incident in mid-September 2025, NPM is deprecating token-based authentication and requiring publishers to adopt OAuth and Trusted Publishing. 

      Github and GitLab are providing integration relying on Trusted Publishing - https://docs.npmjs.com/trusted-publishers

       

      Suggestion
      It is recommended to introduce native OIDC integration for NPM Trusted Publishing in Bitbucket Pipelines. 

              Assignee:
              Unassigned
              Reporter:
              Suyog Rajendra Deshpande
              Votes:
              43 Vote for this issue
              Watchers:
              27 Start watching this issue

                Created:
                Updated: