Fix-semantic-release

[koblas]

No description provided.

[gemini-code-assist]

Summary of Changes

Hello @koblas, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request focuses on improving the project's publishing security and keeping its testing infrastructure up-to-date. It introduces a mechanism to verify the origin of published packages, which is a crucial step in enhancing supply chain integrity. Concurrently, it updates the core testing framework and its associated type definitions to leverage the latest features, performance improvements, and bug fixes available in their newest major releases.

Highlights

• NPM Package Provenance: Enabled provenance for published npm packages by adding "provenance": true to the publishConfig in package.json. This enhances supply chain security by allowing consumers to verify the origin of the package.
• Jest Dependency Updates: Updated the Jest testing framework and its type definitions to their latest major versions. Specifically, @types/jest was updated from ^29.5.0 to ^30.0.0, and jest was updated from ^29.5.0 to ^30.2.0.

Ignored Files

• Ignored by pattern: .github/workflows/** (1)
  • .github/workflows/release.yaml

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[Copilot]

Pull Request Overview

This PR fixes semantic-release configuration by adding npm provenance support and updating Jest-related dependencies to version 30, while pinning semantic-release to version 25.0.1 in the CI workflow.

• Added publishConfig with provenance enabled for npm package publishing
• Updated Jest and related type definitions from version 29 to version 30
• Pinned semantic-release to specific version 25.0.1 in the release workflow

Reviewed Changes

Copilot reviewed 2 out of 3 changed files in this pull request and generated no comments.

File	Description
package.json	Added publishConfig for provenance and updated Jest dependencies to v30
.github/workflows/release.yaml	Pinned semantic-release to version 25.0.1 during installation

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[gemini-code-assist]

Code Review

This pull request introduces a publishConfig to enable provenance on npm, which is a great security improvement for the release process. It also updates Jest dependencies. However, the primary goal of fixing semantic-release is not fully achieved. There is a significant issue with the semantic-release configuration being split and incorrect, which will prevent version bumps from being committed. My review provides a detailed comment on how to consolidate and correct the configuration to ensure the release process works as expected.