Fail CI when dependencies in your lockfile lose npm provenance or trusted publisher status
-
Updated
Apr 22, 2026 - TypeScript
#
trusted-publishing
Here are 11 public repositories matching this topic...
Trusted Publishing for Docker registries using GitHub Actions OIDC.
-
Updated
Apr 22, 2026 - TypeScript
Indexing support for Trusted Publishing on PyPI
-
Updated
Apr 14, 2026 - Python
Get trusted publishing and build reproducibility insights for any Rust supply chain
-
Updated
Apr 22, 2026 - Rust
[PoC] Trusted Publishing verifier for package URLs (purl)
-
Updated
Nov 15, 2025 - TypeScript
Checks if an npm package version was published via a Trusted Publisher (OIDC/Provenance)
-
Updated
Apr 5, 2026 - JavaScript
npm package starter with OIDC trusted publishing, provenance, and CI/CD baked in
nodejs template npm typescript npm-package starter ci-cd provenance oidc github-actions vibe-coding trusted-publishing
-
Updated
Apr 16, 2026 - JavaScript
an example of using a trusted publishing (OIDC) to publish a package
-
Updated
Oct 27, 2025
Supply-chain-hardened release tool for JS/TS libraries. Multi-runner reproducible-build attestation, OIDC trusted publishing, hard pre-publish gates. Pure bash, zero dependencies.
bash npm provenance release release-automation oidc reproducible-builds npm-publish github-actions slsa secret-scanning supply-chain-security composite-action reusable-workflow trusted-publishing action-pinning hardened-release
-
Updated
Apr 18, 2026 - Shell
TypeScript hello world library with dual ES modules/CommonJS support. Features GitHub Actions trusted publishing to npmjs with Sigstore attestation.
-
Updated
Apr 10, 2026 - TypeScript
🔒 Fail CI if dependencies in your lockfile lose npm provenance or trusted publisher status, enhancing the security of your projects.
wordpress security machine-learning provenance software-supply-chain hacktoberfest system-security adversarial-examples adversarial-attacks github-action in-toto slsa supply-chain-security slsaprovenance gh-actions-repo slsa-provenance slsa-framework trusted-publishing
-
Updated
Apr 22, 2026 - TypeScript
Improve this page
Add a description, image, and links to the trusted-publishing topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the trusted-publishing topic, visit your repo's landing page and select "manage topics."