theoludwig/markdownlint-rule-relative-links
theoludwig/markdownlint-rule-relative-links
1
1
Fork 0
mirror of https://github.com/theoludwig/markdownlint-rule-relative-links.git synced 2024-12-08 00:45:32 +01:00
Code Issues Releases Activity

feat: add npm package provenance

Browse Source 
Ref: https://github.blog/2023-04-19-introducing-npm-package-provenance/
This commit is contained in:
Divlo 2023-05-13 16:05:01 +02:00
parent c65607bcc3
commit cbc6042bd5
No known key found for this signature in database
GPG Key ID: 8F9478F220CE65E9
3 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
.github/workflows/release.yml vendored
View File

@ -7,6 +7,11 @@ on:
jobs: jobs:
release: release:
runs-on: 'ubuntu-latest' runs-on: 'ubuntu-latest'
permissions:
contents: 'write'
issues: 'write'
pull-requests: 'write'
id-token: 'write'
steps: steps:
- uses: 'actions/checkout@v3.5.2' - uses: 'actions/checkout@v3.5.2'
with: with:
@ -22,6 +27,9 @@ jobs:
- name: 'Install dependencies' - name: 'Install dependencies'
run: 'npm clean-install' run: 'npm clean-install'
- name: 'Verify the integrity of provenance attestations and registry signatures for installed dependencies'
run: 'npm audit signatures'
- name: 'Release' - name: 'Release'
run: 'npm run release' run: 'npm run release'
env: env:

1
.npmrc
View File

@ -1 +1,2 @@
save-exact=true save-exact=true
provenance=true

4
package.json
View File

@ -21,6 +21,10 @@
"files": [ "files": [
"src" "src"
], ],
"publishConfig": {
"access": "public",
"provenance": true
},
"engines": { "engines": {
"node": ">=16.0.0", "node": ">=16.0.0",
"npm": ">=9.0.0" "npm": ">=9.0.0"