workflows: include provenance statement while publishing on npm

https://docs.npmjs.com/generating-provenance-statements
wikimedia-gadgets · Dec 28, 2024 · f649851 · f649851
1 parent 3540df1
commit f649851
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 2 deletions.
diff --git a/.github/workflows/npm-publish.yml b/.github/workflows/npm-publish.yml
@@ -7,13 +7,15 @@ on:
 jobs:
     publish-npm:
         runs-on: ubuntu-latest
+        permissions:
+            id-token: write
         steps:
             - uses: actions/checkout@v4
             - uses: actions/setup-node@v4
               with:
                   node-version: 20
                   registry-url: https://registry.npmjs.org/
             - run: npm ci
-            - run: npm publish
+            - run: npm publish --provenance
               env:
                   NODE_AUTH_TOKEN: ${{secrets.npm_token}}
diff --git a/package.json b/package.json
@@ -9,7 +9,7 @@
     },
     "repository": {
         "type": "git",
-        "url": "git+https://github.com/wikimedia-gadgets/types-mediawiki.git"
+        "url": "https://github.com/wikimedia-gadgets/types-mediawiki"
     },
     "files": [
         "mw",