How to sign a npm package in a build pipeline?
When installing a npm module I got the message:
This plugin is not digitally signed and its authenticity cannot be verified.
This scares the security guys. So I decided I want to sign the packages I deploy. I found PKSign for local command line use. The npm documentation mentions
sign-git-tag, but I'm lost, the package publish documentation doesn't mention signing.
How do I do that, when using a CI environment which kicks off on publishing to the