Replace NPM tokens with trusted publisher workflow

[manics]

NPM tokens without an expiry are being dropped.
We should switch to an NPM trusted publisher workflow for publishing packages, similar to PyPI.

Affected repositories include:

• https://github.com/jupyterhub/configurable-http-proxy
• https://github.com/jupyterhub/jupyter-server-proxy

[rgaiacs]

https://github.com/jupyterhub/binderhub/ is also affected in the long term. When fixing for the other repositories, we can also change for https://github.com/jupyterhub/binderhub/.

[minrk]

set up on CHP: jupyterhub/configurable-http-proxy#610