We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
There was an error while loading. Please reload this page.
2 parents 9e83cd1 + 4a4ae57 commit b52cc65Copy full SHA for b52cc65
1 file changed
.github/workflows/publish.yml
@@ -143,12 +143,7 @@ jobs:
143
fi
144
145
- name: Audit npm dependencies
146
- run: |
147
- # CLI builds with Bun, but npm audit reads package-lock.json.
148
- # update-lockfiles.sh updates both lockfiles; this catches npm lock drift.
149
- npm install --package-lock-only --ignore-scripts
150
- git diff --exit-code package-lock.json
151
- npm audit --audit-level=high --omit=dev
+ run: npm audit --package-lock-only --audit-level=high --omit=dev
152
153
- name: Publish
154
run: npm publish --provenance --access public --tag ${{ steps.release_tag.outputs.tag }}
0 commit comments