Skip to content

Commit 3993565

Browse files
antongolubantongolub
authored
ci: enable npm provenance (#818)
* ci: enable npm provenance * ci: use nodejs 20 on publish * chore: up dev deps
1 parent ae55549 commit 3993565

File tree

4 files changed

+121
-115
lines changed

4 files changed

+121
-115
lines changed

.github/workflows/dev-publish.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@ jobs:
1010
- uses: actions/checkout@v4
1111
- uses: actions/setup-node@v4
1212
with:
13-
node-version: 18
13+
node-version: 20
1414
- run: npm ci
1515
- run: npm test
1616
env:

.github/workflows/npm-publish.yml

Lines changed: 8 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -7,16 +7,22 @@ on:
77
jobs:
88
publish:
99
runs-on: ubuntu-latest
10+
permissions:
11+
checks: read
12+
statuses: write
13+
contents: write
14+
packages: write
15+
id-token: write
1016
steps:
1117
- uses: actions/checkout@v4
1218
- uses: actions/setup-node@v4
1319
with:
14-
node-version: 16
20+
node-version: 20
1521
- run: npm ci
1622
- run: npm test
1723
env:
1824
FORCE_COLOR: 3
1925
- run: echo "//wombat-dressing-room.appspot.com/:_authToken=$AUTH_TOKEN" >> .npmrc
2026
env:
2127
AUTH_TOKEN: ${{ secrets.AUTH_TOKEN }}
22-
- run: npm publish
28+
- run: npm publish --provenance

0 commit comments

Comments
 (0)