Skip to content

Commit 4240347

Browse files
jdaltonjdalton
committed
Use npm 11 for publishing in provenance workflow
Switch from pnpm to npm for publishing to leverage npm 11's improved provenance support while maintaining pnpm for builds.
1 parent a67f517 commit 4240347

File tree

1 file changed

+4
-3
lines changed

1 file changed

+4
-3
lines changed

.github/workflows/provenance.yml

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -29,25 +29,26 @@ jobs:
2929
- uses: SocketDev/socket-registry/.github/actions/setup@1543e937143cf84e5161ad18c04cbd99c8a4c6d8
3030
with:
3131
scope: '@socketsecurity'
32+
- run: npm install -g npm@latest
3233
- run: pnpm install
3334
- run: INLINED_SOCKET_CLI_PUBLISHED_BUILD=1 pnpm run build:dist
34-
- run: pnpm publish --provenance --access public --no-git-checks --tag ${{ inputs.dist-tag }}
35+
- run: npm publish --provenance --access public --tag ${{ inputs.dist-tag }}
3536
continue-on-error: true
3637
env:
3738
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
3839
SOCKET_CLI_DEBUG: ${{ inputs.debug }}
3940
- run: INLINED_SOCKET_CLI_PUBLISHED_BUILD=1 INLINED_SOCKET_CLI_LEGACY_BUILD=1 pnpm run build:dist
4041
env:
4142
SOCKET_CLI_DEBUG: ${{ inputs.debug }}
42-
- run: pnpm publish --provenance --access public --no-git-checks --tag ${{ inputs.dist-tag }}
43+
- run: npm publish --provenance --access public --tag ${{ inputs.dist-tag }}
4344
continue-on-error: true
4445
env:
4546
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
4647
SOCKET_CLI_DEBUG: ${{ inputs.debug }}
4748
- run: INLINED_SOCKET_CLI_PUBLISHED_BUILD=1 INLINED_SOCKET_CLI_SENTRY_BUILD=1 pnpm run build:dist
4849
env:
4950
SOCKET_CLI_DEBUG: ${{ inputs.debug }}
50-
- run: pnpm publish --provenance --access public --no-git-checks --tag ${{ inputs.dist-tag }}
51+
- run: npm publish --provenance --access public --tag ${{ inputs.dist-tag }}
5152
continue-on-error: true
5253
env:
5354
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

0 commit comments

Comments
 (0)