chore: ignored snyk vulnerabilities without solutions

.github/workflows/npm-release.yml

@@ -32,17 +32,17 @@ jobs:
 
       # Get the version from the branch name
       - id: get_version
-        uses: ./get-version
+        uses: ./.github/actions/get-version
 
       # Get the prerelease flag from the branch name
       - id: get_prerelease
-        uses: ./get-prerelease
+        uses: ./.github/actions/get-prerelease
         with:
           version: ${{ steps.get_version.outputs.version }}
 
       # Get the release notes
       - id: get_release_notes
-        uses: ./get-release-notes
+        uses: ./.github/actions/get-release-notes
         with:
           token: ${{ secrets.github-token }}
           version: ${{ steps.get_version.outputs.version }}
@@ -51,7 +51,7 @@ jobs:
 
       # Check if the tag already exists
       - id: tag_exists
-        uses: ./tag-exists
+        uses: ./.github/actions/tag-exists
         with:
           tag: ${{ steps.get_version.outputs.version }}
           token: ${{ secrets.github-token }}
@@ -61,7 +61,7 @@ jobs:
         run: exit 1
 
       # Publish the release to our package manager
-      - uses: ./npm-publish
+      - uses: ./.github/actions/npm-publish
         with:
           node-version: ${{ inputs.node-version }}
           require-build: ${{ inputs.require-build }}
@@ -70,7 +70,7 @@ jobs:
           release-directory: ${{ inputs.release-directory }}
 
       # Create a release for the tag
-      - uses: ./release-create
+      - uses: ./.github/actions/release-create
         with:
           token: ${{ secrets.github-token }}
           name: ${{ steps.get_version.outputs.version }}

.github/workflows/release.yml

@@ -19,6 +19,7 @@ jobs:
     uses: ./.github/workflows/npm-release.yml
     with:
       node-version: 18
+      require-build: false
     secrets:
       npm-token: ${{ secrets.NPM_TOKEN }}
       github-token: ${{ secrets.GITHUB_TOKEN }}

.snyk

@@ -0,0 +1,15 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.25.0
+# ignores vulnerabilities until expiry date; change duration by modifying expiry date
+ignore:
+  SNYK-JS-SEMVER-3247795:
+    - '*':
+        reason: Latest version of expo (50.0.17) has this vulnerability
+        expires: 2024-06-06T07:21:25.131Z
+        created: 2024-05-07T07:21:25.134Z
+  SNYK-JS-INFLIGHT-6095116:
+    - '*':
+        reason: Latest version of expo (50.0.17) has this vulnerability
+        expires: 2024-06-06T07:22:09.438Z
+        created: 2024-05-07T07:22:09.445Z
+patch: {}

.version

@@ -1 +1 @@
-v3.1.0
+v3.2.0

A0Auth0.podspec

@@ -17,7 +17,7 @@ Pod::Spec.new do |s|
   s.requires_arc = true
 
   s.dependency 'React-Core'
-  s.dependency 'Auth0', '2.5.0'
+  s.dependency 'Auth0', '2.7.0'
   s.dependency 'JWTDecode', '3.1.0'
   s.dependency 'SimpleKeychain', '1.1.0'
 end

CHANGELOG.md

@@ -1,5 +1,15 @@
 # Change Log
 
+## [v3.2.0](https://github.com/auth0/react-native-auth0/tree/v3.2.0) (2024-04-26)
+
+[Full Changelog](https://github.com/auth0/react-native-auth0/compare/v3.1.0...v3.2.0)
+
+**Added**
+
+- Support for Apple's Privacy Manifest [\#887](https://github.com/auth0/react-native-auth0/pull/887) ([poovamraj](https://github.com/poovamraj))
+- chore(deps-dev): bump @types/react from 17.0.71 to 17.0.73 [\#831](https://github.com/auth0/react-native-auth0/pull/831) ([dependabot[bot]](https://github.com/apps/dependabot))
+- chore(deps-dev): bump react-native from 0.72.7 to 0.73.0 [\#823](https://github.com/auth0/react-native-auth0/pull/823) ([dependabot[bot]](https://github.com/apps/dependabot))
+
 ## [v3.1.0](https://github.com/auth0/react-native-auth0/tree/v3.1.0) (2023-12-05)
 
 [Full Changelog](https://github.com/auth0/react-native-auth0/compare/v3.0.2...v3.1.0)