diff --git a/packages/edge-bundler/.github/workflows/github-packages-releaser.yml b/packages/edge-bundler/.github/workflows/github-packages-releaser.yml index ea9fc19d16..759130993e 100644 --- a/packages/edge-bundler/.github/workflows/github-packages-releaser.yml +++ b/packages/edge-bundler/.github/workflows/github-packages-releaser.yml @@ -6,6 +6,7 @@ jobs: build: runs-on: ubuntu-latest permissions: + id-token: write contents: read packages: write steps: @@ -15,6 +16,6 @@ jobs: node-version: '16.x' registry-url: 'https://npm.pkg.github.com' - run: npm ci - - run: npm publish + - run: npm publish --provenance env: NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/packages/edge-bundler/.github/workflows/release-please.yml b/packages/edge-bundler/.github/workflows/release-please.yml index ccc9e60908..5726cf73d5 100644 --- a/packages/edge-bundler/.github/workflows/release-please.yml +++ b/packages/edge-bundler/.github/workflows/release-please.yml @@ -6,6 +6,10 @@ on: jobs: release-please: runs-on: ubuntu-latest + permissions: + id-token: write + contents: write + pull-requests: write steps: - uses: navikt/github-app-token-generator@a3831f44404199df32d8f39f7c0ad9bb8fa18b1c id: get-token @@ -32,7 +36,7 @@ jobs: with: deno-version: v1.x if: ${{ steps.release.outputs.release_created }} - - run: npm publish + - run: npm publish --provenance if: ${{ steps.release.outputs.release_created }} env: NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}} diff --git a/packages/edge-bundler/package.json b/packages/edge-bundler/package.json index 9036faef3a..de265b9ec5 100644 --- a/packages/edge-bundler/package.json +++ b/packages/edge-bundler/package.json @@ -42,7 +42,7 @@ }, "keywords": [], "license": "MIT", - "repository": "netlify/edge-bundler", + "repository": "https://github.com/netlify/edge-bundler", "bugs": { "url": "https://github.com/netlify/edge-bundler/issues" },