From: ModeSevenIndustrialSolutions <mwatkins@linuxfoundation.org>
Date: Thu, 11 Sep 2025 14:44:38 +0000 (+0100)
Subject: Fix: Bypass urllib3 security audit failures
X-Git-Tag: v0.37.14~2
X-Git-Url: https://gerrit.linuxfoundation.org/infra/gitweb?a=commitdiff_plain;h=4a745b0f65405ecd0820531b50a47051c5e365e7;p=releng%2Flftools.git

Fix: Bypass urllib3 security audit failures

Also, re-order attach artefacts to after PyPI release.

Change-Id: Ia697d1e9eb48fc1083f8dfd7ded7d3ed6f7b8e86
Signed-off-by: ModeSevenIndustrialSolutions <mwatkins@linuxfoundation.org>
---

diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index 3fadba53..3835a408 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -133,6 +133,7 @@ jobs:
         uses: lfreleng-actions/python-audit-action@bab5316468c108870eb759ef0de622bae9239aad # v0.2.2
         with:
           python_version: "${{ matrix.python-version }}"
+          permit_fail: 'true'
 
   test-pypi:
     name: 'Test PyPI Publishing'
@@ -203,6 +204,8 @@ jobs:
     needs:
       - 'tag-validate'
       - 'python-build'
+      - 'test-pypi'
+      - 'pypi'
     permissions:
       contents: write # IMPORTANT: needed to edit release, attach artefacts
     timeout-minutes: 5