Publish to npm with provenance

Ref: https://github.blog/changelog/2023-04-19-npm-provenance-public-beta/
This commit is contained in:
Pavel Djundik 2023-04-23 11:44:18 +03:00
parent 21d1dbaad6
commit 3cd0a75ac2
2 changed files with 12 additions and 2 deletions

View File

@ -1,5 +1,8 @@
name: Build name: Build
permissions:
contents: read
on: [push, pull_request] on: [push, pull_request]
jobs: jobs:

View File

@ -1,5 +1,9 @@
name: Release name: Release
permissions:
contents: read
id-token: write
on: on:
push: push:
tags: v* tags: v*
@ -29,15 +33,18 @@ jobs:
- name: Test - name: Test
run: yarn test run: yarn test
- name: Update npm
run: npm install -g npm
- name: Publish latest - name: Publish latest
if: "!contains(github.ref, '-')" if: "!contains(github.ref, '-')"
run: npm publish --tag latest run: npm publish --tag latest --provenance
env: env:
NODE_AUTH_TOKEN: ${{ secrets.NODE_AUTH_TOKEN }} NODE_AUTH_TOKEN: ${{ secrets.NODE_AUTH_TOKEN }}
- name: Publish next - name: Publish next
if: contains(github.ref, '-') if: contains(github.ref, '-')
run: npm publish --tag next run: npm publish --tag next --provenance
env: env:
NODE_AUTH_TOKEN: ${{ secrets.NODE_AUTH_TOKEN }} NODE_AUTH_TOKEN: ${{ secrets.NODE_AUTH_TOKEN }}