From 15cc614a1564e5f5e40b6fb7e5bdc99b419fd243 Mon Sep 17 00:00:00 2001
From: Vedant K <gamemaker0042@gmail.com>
Date: Sun, 8 Oct 2023 23:19:07 +0530
Subject: [PATCH] ci: enable provenance statement generation

- https://github.com/express-rate-limit/express-rate-limit/discussions/406
---
 .github/workflows/ci.yaml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index d7c7e20..b066d1e 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -47,6 +47,8 @@ jobs:
     needs: [lint, test-library]
     if: startsWith(github.ref, 'refs/tags/v')
     runs-on: ubuntu-latest
+    permissions:
+      id-token: write
     steps:
       - name: Checkout the repository
         uses: actions/checkout@v3
@@ -57,7 +59,7 @@ jobs:
       - name: Install dependencies
         run: npm ci
       - name: Publish package to NPM
-        run: npm publish
+        run: npm publish --provenance
         env:
           NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
       - name: Build package to upload to GitHub releases