fix(ci): set NPM_CONFIG_PROVENANCE to true

2024-11-24 04:03:52 +03:00 · 2024-08-17 00:15:00 -03:00 · 2024-08-17 00:15:00 -03:00 · 85c2d6302e
commit 85c2d6302e
parent 07a5f505d9
3 changed files with 5 additions and 3 deletions
--- a/.changes/config.json
+++ b/.changes/config.json
@ -113,8 +113,8 @@
          "pipe": true
        },
        {
-          "command": "pnpm publish --access public --loglevel silly --tag next --provenance --no-git-checks",
-          "dryRunCommand": "npm publish --dry-run --access public --provenance --no-git-checks",
+          "command": "pnpm publish --access public --loglevel silly --tag next --no-git-checks",
+          "dryRunCommand": "npm publish --dry-run --access public --no-git-checks",
          "pipe": true
        },
        {
--- a/.github/workflows/covector-version-or-publish.yml
+++ b/.github/workflows/covector-version-or-publish.yml
@ -92,6 +92,7 @@ jobs:
        env:
          NODE_AUTH_TOKEN: ${{ secrets.ORG_NPM_TOKEN }}
          CARGO_AUDIT_OPTIONS: ${{ secrets.CARGO_AUDIT_OPTIONS }}
+          NPM_CONFIG_PROVENANCE: true
        with:
          command: 'version-or-publish'
          token: ${{ secrets.GITHUB_TOKEN }}
--- a/.github/workflows/publish-cli-js.yml
+++ b/.github/workflows/publish-cli-js.yml
@ -390,8 +390,9 @@ jobs:
      - name: Publish
        run: |
          echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" >> ~/.npmrc
-          npm publish --tag next --provenance
+          npm publish --tag next
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          NPM_TOKEN: ${{ secrets.ORG_NPM_TOKEN }}
          RELEASE_ID: ${{ github.event.client_payload.releaseId || inputs.releaseId }}
+          NPM_CONFIG_PROVENANCE: true