Scott Dickerson

Based on our testing, this is what APPEARS to be the case. It would be good if y'all can confirm on your side: If the package was originally published with...

this new document: is getting REALLY close to telling us this publish package permissions behavior: https://docs.github.com/en/rest/overview/permissions-required-for-fine-grained-personal-access-tokens But it is silent on those package permissions, and also doesn't cover initial package...

@bodograumann I think this might be getting close to the issue. We just created a new package as part of a npm publish running from a workflow in the skeletor...

yeah you're even closer I think to the issue, this one is also set false by default for that new repo AND I see an explicit grant that matches ME...

So ideally the new package would inherit access from the repo so that anyones PAT in the repo could publish. However, I still don't know if a GITHUB_TOKEN could really...

after we upgraded `@types/react` to 18, we also had to override this ProjectStorm type: ``` / @ts-ignore // eslint-disable-next-line implicit-dependencies/no-implicit import { TransformLayerWidgetProps } from '@projectstorm/react-canvas-core' // fixes an issue...

does anyone have any ideas about when this might make it in a build? @tsayen This is still showing up in our scans and causing us extra LICENSE remediation work.

same problem here for me thinking about using this library instead: https://html2canvas.hertzen.com/

@Abdullah0991 did you ever find a solution?

I put in this PR to fix the GPL libraries (since they were only being used during test time and not at runtime). @tsayen is it possible for you to...