From bd8ec703e5668c58db0975d001c20a6629b0e6c1 Mon Sep 17 00:00:00 2001 From: Arthur Fiorette <me@arthur.place> Date: Wed, 22 May 2024 10:58:29 -0300 Subject: [PATCH] feat: provenance deployments --- .github/workflows/publish.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index d8d44e74..02c4b363 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -5,6 +5,9 @@ on: types: [published] workflow_dispatch: +permissions: + id-token: write + jobs: publish: runs-on: ubuntu-latest @@ -33,6 +36,6 @@ jobs: run: pnpm run build - name: Publish to NPM - run: pnpm publish --access public --no-git-checks + run: pnpm publish --access public --no-git-checks --provenance env: NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}