chore(provenance): drop publish-without-sfw + bump socket-registry to d638c11f

Upstream socket-registry no longer declares publish-without-sfw (the shim
disable/restore dance was removed now that sfw-enterprise bypass covers
the hosts publishing needs).

Author: jdalton

.github/workflows/provenance.yml

@@ -14,23 +14,17 @@ on:
         options:
           - '0'
           - '1'
-      publish-without-sfw:
-        description: 'Publish directly to npm, bypassing Socket firewall shims'
-        required: false
-        default: false
-        type: boolean
 
 permissions:
   contents: write   # Push git tags and create GitHub releases
   id-token: write   # NPM trusted publishing via OIDC
 
 jobs:
   publish:
-    uses: SocketDev/socket-registry/.github/workflows/provenance.yml@a5923566cd8bcf70aefa1eefacf21f96e328be45 # main
+    uses: SocketDev/socket-registry/.github/workflows/provenance.yml@d638c11f4bc7ac637e0f61f05729a54d68af40e0 # main
     with:
       debug: ${{ inputs.debug }}
       package-name: '@socketsecurity/lib'
-      publish-without-sfw: ${{ inputs.publish-without-sfw }}
       setup-script: 'pnpm run build'
       use-trusted-publishing: true
     secrets: