From bd8ec703e5668c58db0975d001c20a6629b0e6c1 Mon Sep 17 00:00:00 2001
From: Arthur Fiorette <me@arthur.place>
Date: Wed, 22 May 2024 10:58:29 -0300
Subject: [PATCH] feat: provenance deployments

---
 .github/workflows/publish.yml | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index d8d44e74..02c4b363 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -5,6 +5,9 @@ on:
     types: [published]
   workflow_dispatch:
 
+permissions:
+  id-token: write
+
 jobs:
   publish:
     runs-on: ubuntu-latest
@@ -33,6 +36,6 @@ jobs:
         run: pnpm run build
 
       - name: Publish to NPM
-        run: pnpm publish --access public --no-git-checks
+        run: pnpm publish --access public --no-git-checks --provenance
         env:
           NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}