Okay, it seems classic NPM tokens already stopped working and so it's IMPOSSIBLE for me to release any new versions of my 210 projects/packages until they have implemented a solution which:
1) Doesn't require to manually setup a Trusted Publishing config for *every single package* or
2) They're lifting the arbitrary 50 packages per token limit for their new "granular" tokens (in addition to them already being severely time limited)
The current combined effect of these two restrictions means I cannot do automated multi-package releases from my monorepo, using a tool which handles changelog generation, version bumps and topological sorting of releases.
It's bloody infuriating! NPM has ignored looming security issues for a decade. Now they're rushing some halfbaked no-solution with several glaring issues, all within a few weeks notice and then not even sticking to their timeline. Classic tokens were supposed to stop working in November only...