From 88fbf50841d2c449492086cdc22ed2410c2fd153 Mon Sep 17 00:00:00 2001 From: Max Schmitt Date: Sat, 29 Mar 2025 19:17:54 +0100 Subject: [PATCH] devops: use `--provenance` when publishing to NPM (#83) Similar to how we do it upstream: https://github.com/microsoft/playwright/blob/e2c8163b145d4a34f4585fc11a8a2643b9c94f98/utils/publish_all_packages.sh#L97 Reference: https://docs.npmjs.com/generating-provenance-statements --- .github/workflows/publish.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 2a8fc4a..7e6b02f 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -15,6 +15,6 @@ jobs: - run: npm run build - run: npm run lint - run: npm run test - - run: npm publish + - run: npm publish --provenance env: NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}}