Skip to content

Commit

Permalink
Merge pull request #2904 from semantic-release/gitlab-provenance
Browse files Browse the repository at this point in the history
  • Loading branch information
travi authored Aug 24, 2023
2 parents c21a1ac + e40eecd commit c84d5d3
Showing 1 changed file with 5 additions and 0 deletions.
5 changes: 5 additions & 0 deletions docs/recipes/ci-configurations/gitlab-ci.md
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,11 @@ The [Authentication](../../usage/ci-configuration.md#authentication) environment

**Note**: Make sure to configure your release branch as [protected](https://docs.gitlab.com/ce/user/project/protected_branches.html) in order for the CI/CD build to access the protected variables.

## npm provenance

Since GitLab CI is a [supported provider](https://docs.npmjs.com/generating-provenance-statements#provenance-limitations) for [npm provenance](https://docs.npmjs.com/generating-provenance-statements), it is recommended to enable this to increase supply-chain security for your npm packages.
Find more detail about configuring npm to publish with provenance through semantic-release [in the documentation for our npm plugin](https://github.com/semantic-release/npm#npm-provenance).

## Node project configuration

GitLab CI supports [Pipelines](https://docs.gitlab.com/ee/ci/pipelines.html) allowing to test on multiple Node versions and publishing a release only when all test pass.
Expand Down

0 comments on commit c84d5d3

Please sign in to comment.