Closed bdehamer closed 8 months ago
Updates the releases workflow to publish npm packages with build provenance information.
releases
The build provenance attestation will be attached the package and can be verified with the npm audit signatures command.
npm audit signatures
Packages published with provenance also get a badge like this when viewed on the npmjs registry.
See https://docs.npmjs.com/generating-provenance-statements
Updates the
releasesworkflow to publish npm packages with build provenance information.The build provenance attestation will be attached the package and can be verified with the
npm audit signaturescommand.Packages published with provenance also get a badge like this when viewed on the npmjs registry.
See https://docs.npmjs.com/generating-provenance-statements