diff --git a/.github/workflows/02-publish.yml b/.github/workflows/02-publish.yml index b011c25..ee74a7f 100644 --- a/.github/workflows/02-publish.yml +++ b/.github/workflows/02-publish.yml @@ -34,4 +34,4 @@ jobs: npm version --no-git-tag-version "$SEMVER_VERSION" npm config set registry https://registry.npmjs.org/ npm set //registry.npmjs.org/:_authToken "$NPM_TOKEN" - npm publish + npm publish --provenance diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index fff94d1..378da99 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -27,3 +27,5 @@ jobs: uses: ./.github/workflows/02-publish.yml needs: [build, lint, test] secrets: inherit + permissions: + id-token: write