From e895c54e5c02afa3294c22a7d83eac4b58ed204c Mon Sep 17 00:00:00 2001
From: South Drifted <shiy2008@gmail.com>
Date: Sun, 29 Sep 2024 20:29:33 +0800
Subject: [PATCH] feat: enable NPM provenance

---
 .github/workflows/npm_publish.yml | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/npm_publish.yml b/.github/workflows/npm_publish.yml
index 70d7603..c91385d 100644
--- a/.github/workflows/npm_publish.yml
+++ b/.github/workflows/npm_publish.yml
@@ -7,6 +7,9 @@ on:
 jobs:
   build:
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      id-token: write
     steps:
       - uses: actions/checkout@v4
         with:
@@ -16,6 +19,6 @@ jobs:
           node-version: '20'
           registry-url: 'https://registry.npmjs.org'
       - run: npm ci
-      - run: npm publish
+      - run: npm publish --provenance --access public
         env:
           NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}