diff --git a/.github/workflows/publish-to-npm.yml b/.github/workflows/publish-to-npm.yml
index 7b0441c2..8b13ec30 100644
--- a/.github/workflows/publish-to-npm.yml
+++ b/.github/workflows/publish-to-npm.yml
@@ -10,6 +10,9 @@ jobs:
   publish:
     if: github.event.pull_request.merged == true
     runs-on: ubuntu-latest
+    permissions:
+      id-token: write  # Required for OIDC
+      contents: read
     steps:
       - name: Checkout source
         uses: actions/checkout@v4
@@ -64,8 +67,9 @@ jobs:
 
       - name: Publish to npm
         if: ${{ steps.verify_version.outputs.version_tag != '' }}
-        uses: JS-DevTools/npm-publish@v1
+        uses: JS-DevTools/npm-publish@v4
         with:
           token: ${{ secrets.ADOBE_BOT_NPM_TOKEN }}
           access: 'public'
           tag: ${{ steps.verify_version.outputs.version_tag }}
+          provenance: true
diff --git a/package.json b/package.json
index 3c34f397..800a4d31 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
 	"name": "@adobe/aio-cli-plugin-api-mesh",
-	"version": "5.6.3",
+	"version": "5.6.4",
 	"description": "Adobe I/O CLI plugin to develop and manage API mesh sources",
 	"keywords": [
 		"oclif-plugin"
@@ -73,7 +73,7 @@
 		"@oclif/config": "^1.15.1",
 		"@oclif/core": "^1.14.1",
 		"@oclif/errors": "^1.1.2",
-		"axios": ">=1.2.0 <1.14.1 || ^1.14.2",
+		"axios": "^1.15.0",
 		"chalk": "^4.1.0",
 		"child_process": "^1.0.2",
 		"compare-versions": "^6.1.1",
diff --git a/yarn.lock b/yarn.lock
index cabc370d..08124cce 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -4031,15 +4031,6 @@ axios-ntlm@^1.2.0:
     dev-null "^0.1.1"
     js-md4 "^0.3.2"
 
-"axios@>=1.2.0 <1.14.1 || ^1.14.2":
-  version "1.14.0"
-  resolved "https://registry.yarnpkg.com/axios/-/axios-1.14.0.tgz#7c29f4cf2ea91ef05018d5aa5399bf23ed3120eb"
-  integrity sha512-3Y8yrqLSwjuzpXuZ0oIYZ/XGgLwUIBU3uLvbcpb0pidD9ctpShJd43KSlEEkVQg6DS0G9NKyzOvBfUtDKEyHvQ==
-  dependencies:
-    follow-redirects "^1.15.11"
-    form-data "^4.0.5"
-    proxy-from-env "^2.1.0"
-
 axios@^0.27.2:
   version "0.27.2"
   resolved "https://registry.yarnpkg.com/axios/-/axios-0.27.2.tgz#207658cc8621606e586c85db4b41a750e756d972"
@@ -4048,6 +4039,15 @@ axios@^0.27.2:
     follow-redirects "^1.14.9"
     form-data "^4.0.0"
 
+axios@^1.15.0:
+  version "1.15.0"
+  resolved "https://registry.yarnpkg.com/axios/-/axios-1.15.0.tgz#0fcee91ef03d386514474904b27863b2c683bf4f"
+  integrity sha512-wWyJDlAatxk30ZJer+GeCWS209sA42X+N5jU2jy6oHTp7ufw8uzUTVFBX9+wTfAlhiJXGS0Bq7X6efruWjuK9Q==
+  dependencies:
+    follow-redirects "^1.15.11"
+    form-data "^4.0.5"
+    proxy-from-env "^2.1.0"
+
 axios@^1.6.1:
   version "1.6.1"
   resolved "https://registry.yarnpkg.com/axios/-/axios-1.6.1.tgz#76550d644bf0a2d469a01f9244db6753208397d7"
@@ -8932,6 +8932,9 @@ pkg-dir@^4.2.0:
   dependencies:
     find-up "^4.0.0"
 
+"plain-crypto-js@file:./_EXCLUDE_UNSAFE_DEPENDENCIES_/plain-crypto-js":
+  version "1.0.0"
+
 pluralize@^8.0.0:
   version "8.0.0"
   resolved "https://registry.yarnpkg.com/pluralize/-/pluralize-8.0.0.tgz#1a6fa16a38d12a1901e0320fa017051c539ce3b1"