Enable supply chain security through npm provenance attestation

[pupapaik]

Acknowledgement

• [x] I acknowledge that issues using this template may be closed without further explanation at the maintainer's discretion.

Comment

Following the recent Lottie-Player supply chain attack, it's crucial to enhance package security. NPM provenance provides cryptographic proof that this package was built from this repository using GitHub Actions, making supply chain attacks significantly harder. More info in my blog post https://medium.com/exaforce/npm-provenance-the-missing-security-layer-in-popular-javascript-libraries-b50107927008

[IllusionMH]

Duplicate of #59028

[typescript-bot]

This issue has been marked as "Duplicate" and has seen no recent activity. It has been automatically closed for house-keeping purposes.