release: running npm audit signatures is not necessary during publish

it is interesting, but not required, and it fails if for instance you have a release that isn't published on npm. Which happens to be exactly the situation right now for this package, so it breaks publishing
invertase · Dec 17, 2024 · 4265d35 · 4265d35
1 parent 0b4ecdf
commit 4265d35
Showing 1 changed file with 0 additions and 2 deletions.
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
@@ -32,8 +32,6 @@ jobs:
       # there will be errors related to pod-install but we can ignore them
       - name: Install dependencies using NPM
         run: npm i
-      - name: Verify the integrity of provenance attestations and registry signatures for installed dependencies
-        run: npm audit signatures
       - name: Release
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}