From f6edc1e6507cede4c6ee4acc734eec2eb62040d2 Mon Sep 17 00:00:00 2001
From: Giovanni Bassi <giggio@giggio.net>
Date: Mon, 16 Oct 2023 11:16:28 -0300
Subject: [PATCH] Add provenance

See:
https://docs.npmjs.com/generating-provenance-statements#publishing-packages-with-provenance-via-github-actions
https://github.blog/2023-04-19-introducing-npm-package-provenance/
---
 .github/workflows/build.yml | 5 ++++-
 package-lock.json           | 4 ++--
 package.json                | 2 +-
 3 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 76088c0..ac388b1 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -185,6 +185,9 @@ jobs:
         name: Verify install
 
   publish:
+    permissions:
+      contents: read
+      id-token: write
     name: Publish to npm
     runs-on: ubuntu-latest
     needs: [build, build_arm64, build_s390x, build_proxy]
@@ -195,6 +198,6 @@ jobs:
         with:
           node-version: 20.x
           registry-url: "https://registry.npmjs.org"
-      - run: npm publish
+      - run: npm publish --provenance --access public
         env:
           NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
diff --git a/package-lock.json b/package-lock.json
index bc163e9..8a9fa83 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,12 +1,12 @@
 {
   "name": "chromedriver",
-  "version": "118.0.0",
+  "version": "118.0.1",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "chromedriver",
-      "version": "118.0.0",
+      "version": "118.0.1",
       "hasInstallScript": true,
       "license": "Apache-2.0",
       "dependencies": {
diff --git a/package.json b/package.json
index db11b9d..83c803b 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "chromedriver",
-  "version": "118.0.0",
+  "version": "118.0.1",
   "keywords": [
     "chromedriver",
     "selenium"