From 584cf79777fbb15147e929c7eeea6f7a56c485b5 Mon Sep 17 00:00:00 2001
From: Percy Ma <kecrily@gmail.com>
Date: Sat, 15 Jul 2023 17:52:46 +0800
Subject: [PATCH] ci: generate provenance statements when release (#119)

---
 .github/workflows/release-please.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml
index b525c35..c60c453 100644
--- a/.github/workflows/release-please.yml
+++ b/.github/workflows/release-please.yml
@@ -9,6 +9,7 @@ jobs:
     permissions:
       contents: write
       pull-requests: write
+      id-token: write
     steps:
       - uses: google-github-actions/release-please-action@v3
         id: release
@@ -37,7 +38,7 @@ jobs:
         if: ${{ steps.release.outputs.release_created }}
       - run: npm install
         if: ${{ steps.release.outputs.release_created }}
-      - run: npm publish
+      - run: npm publish --provenance
         env:
           NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
         if: ${{ steps.release.outputs.release_created }}