Skip to content

fix: removed release-it and performed npm audit#191

Merged
harshgarg18 merged 1 commit into
mainfrom
fix/npm-vulnerabilities
Jul 16, 2026
Merged

fix: removed release-it and performed npm audit#191
harshgarg18 merged 1 commit into
mainfrom
fix/npm-vulnerabilities

Conversation

@harshgarg18

@harshgarg18 harshgarg18 commented Jul 16, 2026

Copy link
Copy Markdown
Member
  • removed release-it from dev dependency
  • performed npm audit fix to fix auto-solvable vulnerabilities
  • allow bot PRs (like dependabot) to trigger a release. Releases will now be restricted if commit message contains 'chore(release)'

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Removes release-it tooling from the project configuration and adjusts the GitHub Actions release workflow’s trigger gating for pushes to main.

Changes:

  • Removed the release script, release-it dev dependency, and release-it config from package.json.
  • Updated .github/workflows/release.yml job condition to skip release commits based on commit message instead of skipping all bot actors.

Reviewed changes

Copilot reviewed 2 out of 4 changed files in this pull request and generated 1 comment.

File Description
package.json Removes release-it-related script/dependencies/config from the project metadata.
.github/workflows/release.yml Adjusts the release job if: condition to change when the release workflow runs on pushes to main.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread .github/workflows/release.yml
@harshgarg18
harshgarg18 merged commit d95e500 into main Jul 16, 2026
12 checks passed
@harshgarg18
harshgarg18 deleted the fix/npm-vulnerabilities branch July 16, 2026 06:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants