Contribution

• I'd be willing to implement this feature (contributing guide)

Describe the user story

Rspack recently encountered a token theft attack where it seems that the npm classic token they used on CI is leaked and attackers are using this to publish a malicious version of the package. See web-infra-dev/rspack#8767

Rspack uses npm provenance when publishing new versions using the CI. When the attacker is trying to publish the malicious version of the package, he/she/it doesn't have access to the CI, so the attacker publishes the package locally, resulting in this version not having attestation.

Update

On Aug 28, 2025, nx's publish token was compromised. Since the attackers have no access to the CI/CD infra, the malicious versions were published without provenance.

This once again shows how important this feature is.

Describe the solution you'd like

Forbidding an already attested package from upgrading to an unattested version can reduce this kind of risk since the attackers need to have access to both the npm and the GitHub in order to publish an attested malicious version.

Describe the drawbacks of your solution

It is possible that a maintainer deliberately disables npm provenance.

Describe alternatives you've considered

No response