diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 4991041f..f1c8393a 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -344,7 +344,18 @@ jobs:
           pnpm config set exclude-links-from-lockfile true
 
       - name: Update npm
+        # The Node 22 runner image ships npm 10.9.7, whose @npmcli/arborist
+        # lazy-loads promise-retry and crashes mid self-upgrade. npm 10.9.8
+        # (arborist 8.0.5) fixed that by eagerly loading it. We tarball-install
+        # 10.9.8 as a bootstrap, then use normal `npm install -g` to reach
+        # npm 11+ which is required for OIDC trusted publishing.
+        # TODO: drop the tarball step once the runner image ships npm >= 10.9.8.
         run: |
+          NPM_BOOTSTRAP_VERSION="10.9.8"
+          NPM_DIR="$(dirname "$(dirname "$(which node)")")/lib/node_modules/npm"
+          sudo rm -rf "${NPM_DIR}"
+          sudo mkdir -p "${NPM_DIR}"
+          curl -fsSL "https://registry.npmjs.org/npm/-/npm-${NPM_BOOTSTRAP_VERSION}.tgz" | sudo tar -xz -C "${NPM_DIR}" --strip-components=1
           npm install -g npm@^11.6
           npm --version
 
@@ -363,7 +374,6 @@ jobs:
           createGithubReleases: true
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          NPM_TOKEN: "" # See https://github.com/changesets/changesets/issues/1152#issuecomment-3190884868
           PYPI_TOKEN: ${{ secrets.PYPI_TOKEN }}
 
       - name: Update lock file