Open ramonpetgrave64 opened 1 month ago
My implementation turns out to be very similar to another earlier draft in #706
@laurentsimon @ianlewis @haydentherapper
@slugclub
I think this looks good. It'd be nice to see an actual npm provenance included in here for documentation (instead of having to go parse the dsse envelope)
I added some docs in a new commit
@laurentsimon @ianlewis
Fixes #614, #450, #449, #515
Adds support for NPM CLIs build provenances, generated when running
npm publish --provenance --access public
from a GitHub Actions workflow.Testing
Future work
--print-provenance