From b3746cf20907634f6dd12c9981f9b5cc6c1745b3 Mon Sep 17 00:00:00 2001
From: Dusty Greif <dustin.greif@gmail.com>
Date: Mon, 14 Oct 2024 14:22:43 +0000
Subject: [PATCH 1/3] Use node 22 in devcontainer

---
 .devcontainer/devcontainer.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json
index 36531856..17a0167f 100644
--- a/.devcontainer/devcontainer.json
+++ b/.devcontainer/devcontainer.json
@@ -7,7 +7,7 @@
     // Update 'VARIANT' to pick a Node version: 16, 14, 12.
     // Append -bullseye or -buster to pin to an OS version.
     // Use -bullseye variants on local arm64/Apple Silicon.
-    "args": {"VARIANT": "16"}
+    "args": {"VARIANT": "22"}
   },
 
   // Set *default* container specific settings.json values on container create.

From 133d4b6dd463240f6c8b59bc81ed259734c057ff Mon Sep 17 00:00:00 2001
From: Dusty Greif <dustin.greif@gmail.com>
Date: Mon, 14 Oct 2024 14:24:14 +0000
Subject: [PATCH 2/3] Use node 22 in actions

---
 .github/workflows/nodejs.yml  | 2 +-
 .github/workflows/publish.yml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/nodejs.yml b/.github/workflows/nodejs.yml
index 56d95857..74010d03 100644
--- a/.github/workflows/nodejs.yml
+++ b/.github/workflows/nodejs.yml
@@ -12,7 +12,7 @@ jobs:
 
     strategy:
       matrix:
-        node-version: [18, 20]
+        node-version: [20, 22]
 
     steps:
       - uses: actions/checkout@v4
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index 510c01c7..8eaab10f 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -11,7 +11,7 @@ jobs:
       - uses: actions/checkout@v4
       - uses: actions/setup-node@v4
         with:
-          node-version: 18
+          node-version: 22
           registry-url: https://registry.npmjs.org/
           cache: npm
       - run: npm ci

From 1a88fd28fb8a8154ef7a103c576c2fa4c8c11703 Mon Sep 17 00:00:00 2001
From: Dusty Greif <dustin.greif@gmail.com>
Date: Mon, 14 Oct 2024 14:24:51 +0000
Subject: [PATCH 3/3] Publish with provenance

---
 .github/workflows/publish.yml | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index 8eaab10f..4ec5765c 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -4,6 +4,10 @@ on:
   release:
     types: [created]
 
+permissions:
+  contents: read
+  id-token: write
+
 jobs:
   publish-npm:
     runs-on: ubuntu-latest
@@ -19,6 +23,6 @@ jobs:
       - run: npm version ${TAG_NAME} --git-tag-version=false
         env:
           TAG_NAME: ${{ github.event.release.tag_name }}
-      - run: npm whoami; npm --ignore-scripts publish
+      - run: npm whoami; npm --ignore-scripts publish --provenance
         env:
           NODE_AUTH_TOKEN: ${{secrets.npm_token}}