Fail CI when dependencies in your lockfile lose npm provenance or trusted publisher status
-
Updated
Apr 3, 2026 - TypeScript
#
trusted-publishing
Here are 8 public repositories matching this topic...
[PoC] Trusted Publishing verifier for package URLs (purl)
-
Updated
Nov 15, 2025 - TypeScript
Get trusted publishing and build reproducibility insights for any Rust supply chain
-
Updated
Apr 5, 2026 - Rust
Checks if an npm package version was published via a Trusted Publisher (OIDC/Provenance)
-
Updated
Apr 5, 2026 - JavaScript
npm package starter with OIDC trusted publishing, provenance, and CI/CD baked in
nodejs template npm typescript npm-package starter ci-cd provenance oidc github-actions vibe-coding trusted-publishing
-
Updated
Mar 26, 2026 - JavaScript
an example of using a trusted publishing (OIDC) to publish a package
-
Updated
Oct 27, 2025
TypeScript hello world library with dual ES modules/CommonJS support. Features GitHub Actions trusted publishing to npmjs with Sigstore attestation.
-
Updated
Apr 3, 2026 - TypeScript
🔒 Fail CI if dependencies in your lockfile lose npm provenance or trusted publisher status, enhancing the security of your projects.
wordpress security machine-learning provenance software-supply-chain hacktoberfest system-security adversarial-examples adversarial-attacks github-action in-toto slsa supply-chain-security slsaprovenance gh-actions-repo slsa-provenance slsa-framework trusted-publishing
-
Updated
Apr 5, 2026 - TypeScript
Improve this page
Add a description, image, and links to the trusted-publishing topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the trusted-publishing topic, visit your repo's landing page and select "manage topics."