fix: remove environment to prevent org secret injection breaking OIDC

The `environment: npm` causes org-level NODE_AUTH_TOKEN to be
injected, which overrides OIDC trusted publishing. This was
previously fixed in 4c3e673 but accidentally re-added in 9ba37eb.

Author: nicknisi

.github/workflows/release.yml

@@ -18,7 +18,6 @@ jobs:
   publish:
     name: Publish to npm
     runs-on: ubuntu-latest
-    environment: npm
     permissions:
       contents: read
       id-token: write