v2.0.0-alpha.1

Pre-release

mikebroberts released this 05 Nov 18:09

v2.0.0-alpha.1

a93028d

Switch to npm provenance (OIDC) for publishing

Replace long-lived npm token authentication with npm provenance
(OpenID Connect) for more secure publishing.

Changes:
- Remove NODE_AUTH_TOKEN environment variable
- Add --provenance flag to npm publish command
- Uses existing id-token: write permission for OIDC

This requires configuring the package on npm as a trusted publisher:
1. Go to package settings on npmjs.com
2. Add GitHub Actions as a trusted publisher
3. Configure: symphoniacloud/dynamodb-entity-store
4. Workflow: publish.yaml

Benefits:
- No need to manage/rotate long-lived tokens
- More secure: short-lived tokens
- Automatic attestation of package provenance
- npm recommended approach for CI/CD

Assets 2

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

v2.0.0-alpha.1

Choose a tag to compare

Sorry, something went wrong.

Sorry, something went wrong.

Uh oh!

No results found

Uh oh!