diff --git a/.github/workflows/pages.yml b/.github/workflows/pages.yml index 6ec49ad..a049d02 100644 --- a/.github/workflows/pages.yml +++ b/.github/workflows/pages.yml @@ -24,6 +24,8 @@ jobs: steps: - uses: actions/checkout@v4 - uses: actions/configure-pages@v5 + with: + enablement: true - uses: actions/upload-pages-artifact@v3 with: path: site diff --git a/.gitignore b/.gitignore index 2bd7980..ac779d9 100644 --- a/.gitignore +++ b/.gitignore @@ -8,3 +8,5 @@ coverage *.tsbuildinfo .omo plans +.omc +.claude diff --git a/docs/RELEASE.md b/docs/RELEASE.md index a5d4295..bcc6577 100644 --- a/docs/RELEASE.md +++ b/docs/RELEASE.md @@ -92,13 +92,12 @@ Cleanup policy: ## npm Trusted Publishing -The package metadata is configured for public npm publishing with provenance: +The package metadata is configured for public npm publishing: ```json { "publishConfig": { - "access": "public", - "provenance": true + "access": "public" } } ``` @@ -129,7 +128,8 @@ permissions: The release job should run `corepack pnpm check`, `corepack pnpm test`, `corepack pnpm build`, `corepack pnpm pack:dry-run`, and then `npm publish --access public` only from a `v*` tag-gated release path. -Trusted publishing automatically uses OIDC for authentication and provenance. +Trusted publishing automatically uses OIDC for authentication and provenance in +GitHub Actions. Official reference: https://docs.npmjs.com/trusted-publishers/ ## GitHub Release diff --git a/package.json b/package.json index 3e67030..e7c4b0e 100644 --- a/package.json +++ b/package.json @@ -61,8 +61,7 @@ }, "license": "MIT", "publishConfig": { - "access": "public", - "provenance": true + "access": "public" }, "repository": { "type": "git", diff --git a/tests/package-metadata.test.ts b/tests/package-metadata.test.ts index a76f535..b9889db 100644 --- a/tests/package-metadata.test.ts +++ b/tests/package-metadata.test.ts @@ -16,7 +16,7 @@ describe("npm publish metadata", () => { expect(metadata.homepage).toBe("https://3x-haust.github.io/gitdb/") expect(metadata.bin).toEqual({ gitdb: "dist/src/cli/main.js" }) expect(metadata.files).toEqual(["dist/src", "README.md", "docs", "examples"]) - expect(metadata.publishConfig).toEqual({ access: "public", provenance: true }) + expect(metadata.publishConfig).toEqual({ access: "public" }) expect(metadata.repository.url).toBe("git+https://github.com/3x-haust/gitdb.git") expect(rootExport).toEqual({ import: "./dist/src/index.js",