From 4f6d164f52c4b120dc2976fc172fc0cf49f165b7 Mon Sep 17 00:00:00 2001
From: Boshen <boshenc@gmail.com>
Date: Fri, 24 Jan 2025 12:18:46 +0800
Subject: [PATCH] ci: fix release napi scripts

---
 .github/workflows/release_napi_minify.yml    | 2 ++
 .github/workflows/release_napi_parser.yml    | 2 ++
 .github/workflows/release_napi_transform.yml | 2 ++
 3 files changed, 6 insertions(+)

diff --git a/.github/workflows/release_napi_minify.yml b/.github/workflows/release_napi_minify.yml
index d79466bd3..04310be1c 100644
--- a/.github/workflows/release_napi_minify.yml
+++ b/.github/workflows/release_napi_minify.yml
@@ -21,3 +21,5 @@ jobs:
       name: minify
     secrets:
       NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
+    permissions:
+      id-token: write # for `pnpm publish --provenance`
diff --git a/.github/workflows/release_napi_parser.yml b/.github/workflows/release_napi_parser.yml
index 20d64cb92..2e0c8eaa1 100644
--- a/.github/workflows/release_napi_parser.yml
+++ b/.github/workflows/release_napi_parser.yml
@@ -21,3 +21,5 @@ jobs:
       name: parser
     secrets:
       NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
+    permissions:
+      id-token: write # for `pnpm publish --provenance`
diff --git a/.github/workflows/release_napi_transform.yml b/.github/workflows/release_napi_transform.yml
index 8f53d7be6..02282b211 100644
--- a/.github/workflows/release_napi_transform.yml
+++ b/.github/workflows/release_napi_transform.yml
@@ -21,3 +21,5 @@ jobs:
       name: transform
     secrets:
       NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
+    permissions:
+      id-token: write # for `pnpm publish --provenance`