diff --git a/.github/workflows/npm-publish.yml b/.github/workflows/npm-publish.yml
index 3e06e7bdb..91b3b9a97 100644
--- a/.github/workflows/npm-publish.yml
+++ b/.github/workflows/npm-publish.yml
@@ -17,6 +17,8 @@ on:
 jobs:
   publish:
     runs-on: ubuntu-latest
+    permissions:
+      id-token: write
     steps:
       - uses: actions/checkout@v4
       - uses: actions/setup-node@v4
@@ -24,6 +26,6 @@ jobs:
           node-version: 18
           registry-url: https://registry.npmjs.org/
       - run: yarn install
-      - run: npm publish --tag ${{ inputs.tag }}
+      - run: npm publish --provenance --tag ${{ inputs.tag }}
         env:
           NODE_AUTH_TOKEN: ${{secrets.NPM_KEY}}
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 88a186b25..8e9637baf 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,10 @@
 
 ## Version 17
 
+### v17.7.0
+
+- Publishing with provenance statements to increase the supply-chain security.
+
 ### v17.6.1
 
 - Add missing `z.tuple().rest()` type to the generated client (Integration) when present.
diff --git a/example/example.documentation.yaml b/example/example.documentation.yaml
index 2ce3c2d61..ac56a04d0 100644
--- a/example/example.documentation.yaml
+++ b/example/example.documentation.yaml
@@ -1,7 +1,7 @@
 openapi: 3.1.0
 info:
   title: Example API
-  version: 17.6.1
+  version: 17.7.0-beta1
 paths:
   /v1/user/retrieve:
     get:
diff --git a/package.json b/package.json
index 6adbcaba4..cb85cd496 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "express-zod-api",
-  "version": "17.6.1",
+  "version": "17.7.0-beta1",
   "description": "A Typescript library to help you get an API server up and running with I/O schema validation and custom middlewares in minutes.",
   "license": "MIT",
   "repository": {