Use NPM trusted publishing

The current token structure used to publish packages to npmjs is changing (https://github.blog/changelog/2025-09-29-strengthening-npm-security-important-changes-to-authentication-and-token-management/) so we should move towards Trusted Publishing (https://docs.npmjs.com/trusted-publishers) to make it more secure and removes the administration of key rollover.