From e578e136c11de1b06cc794a8e7a8f225db107e57 Mon Sep 17 00:00:00 2001
From: what1s1ove <zubko.2007@gmail.com>
Date: Thu, 20 Jun 2024 11:22:06 +0300
Subject: [PATCH 1/2] fix: add provenance statement to npm publish fp-136

---
 .github/workflows/cd.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml
index 9739eb6..719c7a3 100644
--- a/.github/workflows/cd.yml
+++ b/.github/workflows/cd.yml
@@ -109,7 +109,7 @@ jobs:
 
       - name: Publish
         working-directory: ${{ env.ARTIFACT_PATH }}
-        run: npm publish
+        run: npm publish --provenance --access public
         env:
           NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
 

From d16bbc13bb4faeca9a0c2fb9c1794f378528ada3 Mon Sep 17 00:00:00 2001
From: what1s1ove <zubko.2007@gmail.com>
Date: Thu, 20 Jun 2024 11:24:17 +0300
Subject: [PATCH 2/2] fix: add id permissiono to npm publish fp-136

---
 .github/workflows/cd.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml
index 719c7a3..e7a0cec 100644
--- a/.github/workflows/cd.yml
+++ b/.github/workflows/cd.yml
@@ -91,6 +91,8 @@ jobs:
     name: NPM Publish
     needs: build
     runs-on: ubuntu-latest
+    permissions:
+      id-token: write
     steps:
       - name: Code Checkout
         uses: actions/checkout@v4