add wasm-pack back with omittign dev dependencies in npm audit (#6)

mateuszJS · web-flow · commit 2bdb1b19b8ef · 2025-03-12T01:09:56.000+01:00
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -23,7 +23,7 @@ jobs:
           registry-url: "https://registry.npmjs.org"
       - run: npm ci
       - run: npm run build
-      - run: npm audit singatures
+      - run: npm audit singatures --omit=dev # --omit-dev because of axios vulneraiblity used by wasm-pack, not in prod, vulnerability is active only when user input is provided
       - name: Release
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -45,6 +45,7 @@
     "ts-node": "^10.9.2",
     "typescript": "^5.8.2",
     "typescript-eslint": "^8.26.0",
+    "wasm-pack": "^0.13.1",
     "webpack": "^5.97.1",
     "webpack-bundle-analyzer": "^4.10.2",
     "webpack-cli": "^6.0.1",
