Skip to content

Fix: [AEA-5986] - Fix publish fame library #77

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
originalphil merged 8 commits into from
Mar 5, 2026
Merged

Fix: [AEA-5986] - Fix publish fame library #77

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
641fc9b
AEA-5986 Conditionally add pypi plugin.
originalphil Mar 4, 2026
f217aaa
AEA-5986 Use spread operator for elegance.
originalphil Mar 4, 2026
8b033e4
AEA-5986 Remove plugin from config to test.
originalphil Mar 5, 2026
d142f72
AEA-5986 Re-add plugin to config.
originalphil Mar 5, 2026
49a9a3a
AEA-5986 Re-add ref to config checkout step.
originalphil Mar 5, 2026
858b5c7
AEA-5986 Remove ref from config checkout step.
originalphil Mar 5, 2026
7d55ea8
AEA-5986 Add tar to trivy ignore.
originalphil Mar 5, 2026
658fec4
AEA-5986 Remove old entries from trivy ignore.
originalphil Mar 5, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 3 additions & 9 deletions .trivyignore.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,15 +4,6 @@ vulnerabilities:
- "package-lock.json"
statement: downstream dependency for tar - waiting for new npm release
expired_at: 2026-06-01
- id: CVE-2026-25128
statement: fast-xml-parser vulnerability accepted as risk - dependency of aws-sdk/client-dynamodb
expired_at: 2026-03-01
- id: CVE-2026-25547
statement: isaacs/brace-expansion vulnerability accepted as risk - dependency of semantic-release
expired_at: 2026-03-01
- id: CVE-2026-0775
statement: npm vulnerability accepted as risk - dependency of semantic-release
expired_at: 2026-03-01
- id: CVE-2026-26996
statement: minimatch vulnerability accepted as risk
expired_at: 2026-06-01
Expand All @@ -25,3 +16,6 @@ vulnerabilities:
- id: CVE-2026-26960
statement: tar vulnerability accepted as risk
expired_at: 2026-06-01
- id: GHSA-qffp-2rhf-9h96
statement: tar vulnerability accepted as risk - dependency of npm (multiple)
expired_at: 2026-06-01
15 changes: 8 additions & 7 deletions release.config.cjs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -76,13 +76,14 @@ module.exports = {
pkgRoot: subpackage
}
]),
[
"semantic-release-pypi",
{
pypiPublish: pypiPublish,
repoToken: pypiToken
}
],
...(pypiPublish ? [
[
"semantic-release-pypi",
{
repoToken: pypiToken
}
]
] : []),
[
"@semantic-release/github",
{
Expand Down