From 753c4c2a3de9731408887c0aa5cea9454c2bbcd7 Mon Sep 17 00:00:00 2001
From: Daniel Roe <daniel@roe.dev>
Date: Mon, 24 Apr 2023 23:55:57 +0100
Subject: [PATCH] ci: try releasing `nuxt-edge` with provenance

---
 .github/workflows/nuxt2-edge.yml | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/nuxt2-edge.yml b/.github/workflows/nuxt2-edge.yml
index 4a6701f9b0d3..ab5d660907cd 100644
--- a/.github/workflows/nuxt2-edge.yml
+++ b/.github/workflows/nuxt2-edge.yml
@@ -9,6 +9,8 @@ jobs:
   nightly:
     if: github.repository_owner == 'nuxt'
     runs-on: ubuntu-latest
+    permissions:
+      id-token: write
     steps:
       - uses: actions/checkout@v3
         with:
@@ -18,7 +20,7 @@ jobs:
         run: git fetch --depth=1 origin "+refs/tags/*:refs/tags/*"
       - uses: actions/setup-node@v3
         with:
-          node-version: 14
+          node-version: 18
           registry-url: 'https://registry.npmjs.org'
       - name: install
         run: yarn --check-files --frozen-lockfile --non-interactive
@@ -48,4 +50,5 @@ jobs:
         run: ./scripts/workspace-run npm publish -q
         env:
           NODE_AUTH_TOKEN: ${{secrets.NODE_AUTH_TOKEN}}
+          NPM_CONFIG_PROVENANCE: true