shakacode · justin808 · Feb 13, 2026 · Feb 13, 2026 · greptile-apps · Feb 13, 2026
diff --git a/scripts/release.js b/scripts/release.js
@@ -139,8 +139,12 @@ try {
     exit(0)
   }
 
+  const otp = readline.question('Enter your npm OTP code: ')
+
   log('Publishing...')
-  if (exec(`cd ${outDir} && npm publish --access public `).code !== 0) {
+  if (
+    exec(`cd ${outDir} && npm publish --access public --otp=${otp}`).code !== 0
-  const otp = readline.question('Enter your npm OTP code: ')
-
-  log('Publishing...')
-  if (exec(`cd ${outDir} && npm publish --access public `).code !== 0) {
-  if (
-    exec(`cd ${outDir} && npm publish --access public --otp=${otp}`).code !== 0
+  const otp = readline.question('Enter your npm OTP code: ')
+  
+  // Validate OTP is numeric
+  if (!/^\d{6}$/.test(otp)) {
+    logError('Invalid OTP format. OTP must be 6 digits.')
+    exit(1)
+  }
+
+  log('Publishing...')
+  if (
+    exec(`cd ${outDir} && npm publish --access public --otp=${otp}`).code !== 0
+  ) {
-  const otp = readline.question('Enter your npm OTP code: ')
-
-  log('Publishing...')
-  if (exec(`cd ${outDir} && npm publish --access public `).code !== 0) {
-  if (
-    exec(`cd ${outDir} && npm publish --access public --otp=${otp}`).code !== 0
+  const otp = readline.question('Enter your npm OTP code: ')
+  
+  // Validate OTP is numeric
+  if (!/^\d{6}$/.test(otp)) {
+    logError('Invalid OTP format. OTP must be 6 digits.')
+    exit(1)
+  }
+
+  log('Publishing...')
+  if (
+    exec(`cd ${outDir} && npm publish --access public --otp=${otp}`).code !== 0
+  ) {
+  ) {
     logError('Publish failed. Aborting release.')
     exit(1)
   }