From 2978962662f444d20652ddc91657e06fbfb77b80 Mon Sep 17 00:00:00 2001
From: Gonzalo D'elia <gonzalo@hemi.xyz>
Date: Fri, 3 Jan 2025 17:25:31 -0300
Subject: [PATCH] Add provenance support

---
 .github/workflows/npm-publish.yml | 15 +++++++++++++--
 .npmrc                            |  1 +
 2 files changed, 14 insertions(+), 2 deletions(-)
 create mode 100644 .npmrc

diff --git a/.github/workflows/npm-publish.yml b/.github/workflows/npm-publish.yml
index 5b9bebc..af9766f 100644
--- a/.github/workflows/npm-publish.yml
+++ b/.github/workflows/npm-publish.yml
@@ -7,5 +7,16 @@ on:
 
 jobs:
   npm-publish:
-    uses: hemilabs/actions/.github/workflows/npm-publish.yml@main
-    secrets: inherit
+    permissions:
+      contents: read
+      id-token: write
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: ${{ inputs.fetch-depth }}
+      - uses: hemilabs/actions/setup-node-env@main
+      - run: npm run --if-present prepublishOnly
+      - uses: JS-DevTools/npm-publish@9ff4ebfbe48473265867fb9608c047e7995edfa3 # v3.1.1
+        with:
+          token: ${{ secrets.NPM_TOKEN }}
diff --git a/.npmrc b/.npmrc
new file mode 100644
index 0000000..16919e7
--- /dev/null
+++ b/.npmrc
@@ -0,0 +1 @@
+provenance=true
\ No newline at end of file