From 07be26c95b846d809bbcf617652800bb85ce1701 Mon Sep 17 00:00:00 2001
From: Philip Sampaio <philip.sampaio@gmail.com>
Date: Wed, 15 May 2024 20:28:05 -0300
Subject: [PATCH] Add Artifact Attestations (#151)

This new feature from GitHub Actions is going to make more explicit that
no artifact was modified after the build.
---
 .github/workflows/release.yml | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 7427c02..5a713c9 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -1,5 +1,9 @@
 name: Build precompiled NIFs
 
+permissions:
+  id-token: write
+  attestations: write
+
 on:
   push:
     branches:
@@ -66,6 +70,11 @@ jobs:
         use-cross: ${{ matrix.job.use-cross }}
         project-dir: "native/html5ever_nif"
 
+    - name: Artifact attestation
+      uses: actions/attest-build-provenance@v1
+      with:
+        subject-path: ${{ steps.build-crate.outputs.file-path }}
+
     - name: Artifact upload
       uses: actions/upload-artifact@v4
       with: