fix(publish): drop npm workspaces field that broke npm version (EUNSUPPORTEDPROTOCOL)

[khaliqgant]

User description

Problem

The 3.0.45 publish run (26949232814) failed at the Bump versions step:

npm error code EUNSUPPORTEDPROTOCOL
npm error Unsupported URL Type "workspace:": workspace:*

Nothing was published — 3.0.45 is not on the registry, no release commit/tag was pushed, so a clean re-dispatch works after this lands.

Root cause

#191 (merged as 4f37303) added "workspaces": ["packages/*"] to the root package.json. This repo is a pnpm workspace (pnpm-workspace.yaml is the manifest); the npm-style field makes every npm command treat the repo as an npm workspace. npm version (with its default workspaces-update=true) then tries to reify the root package-lock.json and Arborist dies on the workspace:* protocol, which npm doesn't support.

The field also couldn't have served the local-tooling purpose #191 cited: plain npm install at the root fails with the identical error.

Fix

• Remove the workspaces field from root package.json (revert of that hunk of docs: spec — agentworkforce integrations integration & trigger discoverability (CLI + mcp-workforce tool) #191).
• Defense in depth: add --workspaces-update=false to every npm version call in publish.yml, publish-persona.yml, and publish-internal-personas.yml, so a future reintroduction of npm workspaces config can't take down publishing again.

Verification

Reproduced locally: npm version patch --no-git-tag-version in packages/runtime fails with EUNSUPPORTEDPROTOCOL on main, succeeds after this change — both with and without the new flag.

🤖 Generated with Claude Code

---

CodeAnt-AI Description

Prevent publishing failures caused by npm workspace handling

What Changed

• Removed the npm workspace setting from the root package file so npm no longer treats the repo like an npm workspace
• Added a safeguard to all version-bump steps in publishing workflows so they skip workspace lockfile updates and avoid the workspace:* error
• Publishing now continues to work even if npm workspace settings are added back later

Impact

✅ Fewer publish run failures
✅ Successful version bumps in CI
✅ Avoids broken releases from workspace protocol errors

💡 Usage Guide

Checking Your Pull Request

Every time you make a pull request, our system automatically looks through it. We check for security issues, mistakes in how you're setting up your infrastructure, and common code problems. We do this to make sure your changes are solid and won't cause any trouble later.

Talking to CodeAnt AI

Got a question or need a hand with something in your pull request? You can easily get in touch with CodeAnt AI right here. Just type the following in a comment on your pull request, and replace "Your question here" with whatever you want to ask:

@codeant-ai ask: Your question here

This lets you have a chat with CodeAnt AI about your pull request, making it easier to understand and improve your code.

Example

@codeant-ai ask: Can you suggest a safer alternative to storing this secret?

Preserve Org Learnings with CodeAnt

You can record team preferences so CodeAnt AI applies them in future reviews. Reply directly to the specific CodeAnt AI suggestion (in the same thread) and replace "Your feedback here" with your input:

@codeant-ai: Your feedback here

This helps CodeAnt AI learn and adapt to your team's coding style and standards.

Example

@codeant-ai: Do not flag unused imports.

Retrigger review

Ask CodeAnt AI to review the PR again, by typing:

@codeant-ai: review

Check Your Repository Health

To analyze the health of your code repository, visit our dashboard at https://app.codeant.ai. This tool helps you identify potential issues and areas for improvement in your codebase, ensuring your repository maintains high standards of code health.

[gemini-code-assist]

Warning

You have reached your daily quota limit. Please wait up to 24 hours and I will start processing your requests again!

[codeant-ai]

CodeAnt AI is reviewing your PR.

[coderabbitai]

Warning

Review limit reached

@khaliqgant, we couldn't start this review because you've reached your PR review rate limit.

More reviews will be available in 2 minutes and 31 seconds. Learn how PR review limits work.

Your organization has run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available.

Please see our Fair Usage Limits Policy for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro Plus

Run ID: 21308f35-51a1-4bc2-bf2f-c57a03c15e23

📥 Commits

Reviewing files that changed from the base of the PR and between 4f37303 and e4b36f3.

📒 Files selected for processing (4)

• .github/workflows/publish-internal-personas.yml
• .github/workflows/publish-persona.yml
• .github/workflows/publish.yml
• package.json

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/publish-npm-workspaces-protocol

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codeant-ai]

CodeAnt AI finished reviewing your PR.

[cubic-dev-ai]

No issues found across 4 files

_{Re-trigger cubic}