From f4e863a34d999538b6e0ddf55d7cb628dd7bdcfc Mon Sep 17 00:00:00 2001
From: Nathan Drezner <nathan@drezner.xyz>
Date: Thu, 10 Apr 2025 09:44:24 -0400
Subject: [PATCH 1/4] Fix NPM publish step

---
 .github/workflows/publish-to-pypi.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/publish-to-pypi.yml b/.github/workflows/publish-to-pypi.yml
index 3bfb03f..b4277ca 100644
--- a/.github/workflows/publish-to-pypi.yml
+++ b/.github/workflows/publish-to-pypi.yml
@@ -40,7 +40,8 @@ jobs:
           path: npm-dist/
       - name: Publish to npm
         run: |
-          npm publish npm-dist/*.tgz --access public
+          FILE=$(ls npm-dist/*.tgz)
+          npm publish "$FILE" --access public
         env:
           NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
         shell: bash
\ No newline at end of file

From 23127352c6083a5d41d93000a80aab206d014488 Mon Sep 17 00:00:00 2001
From: Nathan Drezner <nathan@drezner.xyz>
Date: Thu, 10 Apr 2025 10:06:52 -0400
Subject: [PATCH 2/4] Use pushd for path access

---
 .github/workflows/publish-to-pypi.yml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/publish-to-pypi.yml b/.github/workflows/publish-to-pypi.yml
index b4277ca..09eb581 100644
--- a/.github/workflows/publish-to-pypi.yml
+++ b/.github/workflows/publish-to-pypi.yml
@@ -40,8 +40,10 @@ jobs:
           path: npm-dist/
       - name: Publish to npm
         run: |
-          FILE=$(ls npm-dist/*.tgz)
+          pushd npm-dist
+          FILE=$(echo *.tgz)
           npm publish "$FILE" --access public
+          popd
         env:
           NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
         shell: bash
\ No newline at end of file

From 194f8c5b88da9347c4358385ddd593a911e0532e Mon Sep 17 00:00:00 2001
From: Nathan Drezner <nathan@drezner.xyz>
Date: Thu, 10 Apr 2025 10:08:49 -0400
Subject: [PATCH 3/4] Add provenance flag

---
 .github/workflows/publish-to-pypi.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/publish-to-pypi.yml b/.github/workflows/publish-to-pypi.yml
index 09eb581..3e9bc68 100644
--- a/.github/workflows/publish-to-pypi.yml
+++ b/.github/workflows/publish-to-pypi.yml
@@ -42,7 +42,7 @@ jobs:
         run: |
           pushd npm-dist
           FILE=$(echo *.tgz)
-          npm publish "$FILE" --access public
+          npm publish "$FILE" --provenance --access public
           popd
         env:
           NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

From 623d20f96bb21c369206afc71ecf9f988f908d41 Mon Sep 17 00:00:00 2001
From: Nathan Drezner <nathan@drezner.xyz>
Date: Thu, 10 Apr 2025 10:09:26 -0400
Subject: [PATCH 4/4] Rename workflow

---
 .github/workflows/{publish-to-pypi.yml => publish.yml} | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename .github/workflows/{publish-to-pypi.yml => publish.yml} (97%)

diff --git a/.github/workflows/publish-to-pypi.yml b/.github/workflows/publish.yml
similarity index 97%
rename from .github/workflows/publish-to-pypi.yml
rename to .github/workflows/publish.yml
index 3e9bc68..b0d4691 100644
--- a/.github/workflows/publish-to-pypi.yml
+++ b/.github/workflows/publish.yml
@@ -1,4 +1,4 @@
-name: Publish to PyPI
+name: Publish to PyPI & NPM
 
 on:
   release: