diff --git a/.github/workflows/cleanup.yml b/.github/workflows/cleanup.yml
index 63c5ee5..3e09f6b 100644
--- a/.github/workflows/cleanup.yml
+++ b/.github/workflows/cleanup.yml
@@ -20,7 +20,7 @@ jobs:
       - name: Setup Node
         uses: actions/setup-node@v3
         with:
-          node-version: 22
+          node-version: 24
           cache: "yarn"
 
       - name: Install Dependencies
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index f1cc5c5..1d93790 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -7,25 +7,28 @@ on:
       - main
   workflow_dispatch:
 
+permissions:
+  id-token: write # Required for OIDC
+  contents: write # required for committing the version bump
+
 jobs:
   Release:
     name: 🚀 Release
     if: github.event_name == 'workflow_dispatch' || github.event.pull_request.merged && startsWith(github.head_ref, 'release-please--branches--main')
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           fetch-depth: 0
       - name: Setup Node
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
         with:
-          node-version: 18
+          node-version: 24
           cache: "yarn"
+          registry-url: "https://registry.npmjs.org"
 
       - name: Install Dependencies
         run: yarn install --immutable
 
       - name: Publish package
-        run: |
-          npm config set //registry.npmjs.org/:_authToken=${{ secrets.NPM_TOKEN }}
-          npm publish
+        run: npm publish