File tree Expand file tree Collapse file tree 4 files changed +17
-0
lines changed Expand file tree Collapse file tree 4 files changed +17
-0
lines changed Original file line number Diff line number Diff line change @@ -3,6 +3,13 @@ name: Release
33 push :
44 branches :
55 - main
6+ # These are recommended by the semantic-release docs: https://github.com/semantic-release/npm#npm-provenance
7+ permissions :
8+ contents : write # to be able to publish a GitHub release
9+ issues : write # to be able to comment on released issues
10+ pull-requests : write # to be able to comment on released pull requests
11+ id-token : write # to enable use of OIDC for npm provenance
12+
613jobs :
714 release :
815 name : release
Original file line number Diff line number Diff line change @@ -71,6 +71,7 @@ async function createPackageJson(answers) {
7171 if ( answers . publicAccess ) {
7272 pkg . publishConfig = {
7373 access : "public" ,
74+ provenance : true ,
7475 } ;
7576 }
7677
Original file line number Diff line number Diff line change 1515 - next
1616 - beta
1717 - "*.x" # maintenance release branches, e.g. v1.x
18+ # These are recommended by the semantic-release docs: https://github.com/semantic-release/npm#npm-provenance
19+ permissions:
20+ contents: write # to be able to publish a GitHub release
21+ issues: write # to be able to comment on released issues
22+ pull-requests: write # to be able to comment on released pull requests
23+ id-token: write # to enable use of OIDC for npm provenance
1824
1925jobs:
2026 release:
Original file line number Diff line number Diff line change 3636 },
3737 "engines" : {
3838 "node" : " >= 18"
39+ },
40+ "publishConfig" : {
41+ "provenance" : true
3942 }
4043}
You can’t perform that action at this time.
0 commit comments