chore: update publish workflow filters and improve security documentation

devbyray · devbyray · commit d613df2b1546 · 2025-03-28T15:23:07.000+01:00
diff --git a/.github/workflows/publish-packages.yml b/.github/workflows/publish-packages.yml
@@ -63,6 +63,6 @@ jobs:
           fi
       
       - name: Publish packages
-        run: pnpm -r --filter "!core" --filter "!vite" --filter "!apps" publish --no-git-checks
+        run: pnpm -r --filter "[!core]" --filter "[!vite]" --filter "[!apps/**]" publish --no-git-checks
         env:
           NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/README.md b/README.md
@@ -42,6 +42,9 @@ The packages are also available on GitHub Packages. To use them:
 export GITHUB_TOKEN=your_github_token
 ```
 
+> You can create a token on your [Github Profile settings](https://github.com/settings/tokens). You should have `read:packages` scope selected.
+![alt text](./assets/github-token-screenshot.png)
+
 3. Install the packages:
 
 ```bash
@@ -178,4 +181,4 @@ The publishing workflow:
 4. Publishes packages to GitHub Packages
 
 ## License
-MIT
+EUPL-1.2
diff --git a/SECURITY.md b/SECURITY.md
@@ -6,15 +6,15 @@ Use this section to tell people about which versions of your project are current
 
 | Version | Supported          |
 | ------- | ------------------ |
-| 1.0.x   | :white_check_mark: |
-| < 1.0   | :x:                |
+| 0.0.7   | :white_check_mark: |
+| < 0.0   | :x:                |
 
 ## Reporting a Vulnerability
 
 We take the security of our project seriously. If you believe you've found a security vulnerability, please follow these steps:
 
 1. **Do not disclose the vulnerability publicly**
-2. Email us at [security@example.com](mailto:security@example.com) with details about the vulnerability
+2. Email us at [security@dbyrayray.dev](mailto:security@dbyrayray.dev) with details about the vulnerability
 3. Include steps to reproduce the issue if possible
 4. We will acknowledge your email within 48 hours
 5. We will send you regular updates about our progress
diff --git a/assets/github-token-screenshot.png b/assets/github-token-screenshot.png
diff --git a/package.json b/package.json
@@ -2,7 +2,7 @@
   "name": "@devbyray/vue-wc-library",
   "version": "0.0.7",
   "description": "A Vue-based accessible design system with headless web components",
-  "private": true,
+  "private": false,
   "scripts": {
     "build": "pnpm -r build",
     "dev": "pnpm -r dev",
