diff options
| author | ST-DDT <[email protected]> | 2024-09-17 13:26:11 +0200 |
|---|---|---|
| committer | GitHub <[email protected]> | 2024-09-17 11:26:11 +0000 |
| commit | 548c034f2f15a5b88bed46d0f427f8c692f7ce00 (patch) | |
| tree | 766ef3e3af915cc070baff8975655709e338855c | |
| parent | 48f171e70731c6acfe1e19482a77da6d8d6073d7 (diff) | |
| download | faker-548c034f2f15a5b88bed46d0f427f8c692f7ce00.tar.xz faker-548c034f2f15a5b88bed46d0f427f8c692f7ce00.zip | |
infra: publish releases with provenance (#3119)
| -rw-r--r-- | .github/workflows/publish-release.yml | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/.github/workflows/publish-release.yml b/.github/workflows/publish-release.yml index 1b6a8050..f581d0b6 100644 --- a/.github/workflows/publish-release.yml +++ b/.github/workflows/publish-release.yml @@ -4,7 +4,9 @@ on: release: types: [published] -permissions: {} # we use a personal access token to push the release branch +permissions: + # we use a personal access token to push the release branch + id-token: write # required for provenance/signed releases on npm jobs: publish: @@ -56,6 +58,7 @@ jobs: pnpm publish --tag next --no-git-checks env: CYPRESS_INSTALL_BINARY: 0 + NPM_CONFIG_PROVENANCE: true - name: Set latest/next dist-tag run: | |