Fix npm trusted publishing release workflow#57
Merged
Conversation
Adding .gitkeep for PR creation (default mode). This file will be removed when the task is complete. Issue: #56
konard
changed the title
Member
Author
Working session summaryImplemented and pushed the fix to PR #57: #57 What changed:
Verification:
PR #57 is now marked ready for review, merge state is clean, and the working tree is clean. This summary was automatically extracted from the AI working session output. |
Member
Author
🤖 Solution Draft LogThis log file contains the complete execution trace of the AI solution draft process. 💰 Cost estimation:
📊 Context and tokens usage:
Total: (756.2K + 7.2M cached) input tokens, 45.8K output tokens, $16.831863 cost 🤖 Models used:
📎 Log file uploaded as Repository (44986KB)Now working session is ended, feel free to review and add any feedback on the solution draft. |
Member
Author
✅ Ready to mergeThis pull request is now ready to be merged:
Monitored by hive-mind with --auto-restart-until-mergeable flag |
This reverts commit c32ac0f.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixes #56
Summary
deploy.ymlandtest.ymlsetup with one.github/workflows/release.ymlthat matches the npm trusted publisher configuration.secrets.NPM_TOKENto GitHub OIDC trusted publishing withid-token: write, Node 24, npm^11.5.1, andnpm publish --access public --provenance.bin.useorrepository.url; the existingUnlicensepackage metadata will publish with8.13.8.tests/release-workflow-policy.test.mjsto prevent regressions in workflow filename, token-free publishing, action versions, job timeouts, Deno retry behavior, and npm metadata.esm.sh522 failures while preserving the final failure status if all attempts fail.docs/case-studies/issue-56.Verification
npm test -- tests/release-workflow-policy.test.mjs --runInBandnpm test -- --runInBand(38 suites, 257 tests)bun test(257 tests)deno test --allow-net --allow-env --allow-run --allow-read --allow-write --allow-sys(24 modules, 128 steps)npm publish --dry-run --access publicruby -e 'require "yaml"; YAML.load_file(".github/workflows/release.yml"); puts "yaml_ok"'Evidence
esm.sh522 failure: https://github.com/link-foundation/use-m/blob/issue-56-fe0c27a4113b/docs/case-studies/issue-56/ci-logs/pr-run-27417997956.logNotes
github.ref == 'refs/heads/main'andgithub.event_name == 'push', so PR CI validates the workflow and tests without attempting an npm publish.Create Release on Tagged Commitin parts of the Actions UI because the path.github/workflows/release.ymlexisted with that older workflow name, but this branch's workflow file is namedCI/CDand the jobs are from the newrelease.yml.npm run test:exampleswas probed but is not used as a release gate because it runs publisheduse-m@latestexamples and depends on the examples harness resolvingzxthrough its shebang, which does not validate this branch's unpublished changes.