39fb273201
A new vulnerability (CVE-2026-0994) was reported and is not yet fixed. It affects protobuf libraries used by the livekit-api Python package. A fix is in progress upstream, but the related PR has not yet been merged or released. Since a release is required tonight, the Trivy scan step is temporarily disabled to allow the build to proceed. This should be re-enabled once a patched version is available. https://github.com/protocolbuffers/protobuf/pull/25239