github/awesome-cordova-plugins
3
0
Fork 1
mirror of https://github.com/danielsogl/awesome-cordova-plugins.git synced 2026-05-02 00:07:23 +08:00
Code Issues Projects Releases Wiki Activity

fix: add npm provenance and fix core peer dependency version

Browse Source 
Add --provenance flag to npm publish for supply chain security.
Add id-token: write permission to release workflow for OIDC-based
provenance attestation. Fix MIN_CORE_VERSION to dynamically use
current version instead of hardcoded ^8.0.2.
This commit is contained in:
Daniel Sogl
2026-03-21 16:04:30 -07:00
parent d45a4f766c
commit 6453f2ab78
2 changed files with 6 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
scripts/tasks/publish.ts
+2 -2
View File
@@ -11,7 +11,7 @@ import { Logger } from '../logger';
const MAIN_PACKAGE_JSON = JSON.parse(readFileSync(resolve(__dirname, '../../package.json'), 'utf-8'));
const VERSION = MAIN_PACKAGE_JSON.version;
const FLAGS = '--access public';
const FLAGS = '--access public --provenance';
const PACKAGE_JSON_BASE = {
description: 'Awesome Cordova Plugins - Native plugins for ionic apps',
@@ -44,7 +44,7 @@ const DIST = resolve(ROOT, 'dist/@awesome-cordova-plugins');
const PACKAGES = [];
const MIN_CORE_VERSION = '^8.0.2';
const MIN_CORE_VERSION = '^' + VERSION;
const RXJS_VERSION = '^5.5.0 || ^6.5.0 || ^7.3.0';
const PLUGIN_PEER_DEPENDENCIES = {