Publish to npm with provenance

Ref: https://github.blog/changelog/2023-04-19-npm-provenance-public-beta/
This commit is contained in:
Pavel Djundik 2023-04-23 11:44:18 +03:00
parent 21d1dbaad6
commit 3cd0a75ac2
2 changed files with 12 additions and 2 deletions

View File

@ -1,5 +1,8 @@
name: Build
permissions:
contents: read
on: [push, pull_request]
jobs:

View File

@ -1,5 +1,9 @@
name: Release
permissions:
contents: read
id-token: write
on:
push:
tags: v*
@ -29,15 +33,18 @@ jobs:
- name: Test
run: yarn test
- name: Update npm
run: npm install -g npm
- name: Publish latest
if: "!contains(github.ref, '-')"
run: npm publish --tag latest
run: npm publish --tag latest --provenance
env:
NODE_AUTH_TOKEN: ${{ secrets.NODE_AUTH_TOKEN }}
- name: Publish next
if: contains(github.ref, '-')
run: npm publish --tag next
run: npm publish --tag next --provenance
env:
NODE_AUTH_TOKEN: ${{ secrets.NODE_AUTH_TOKEN }}