@gowri48/npmpublish 1.3.9 → 1.4.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -1,34 +1,62 @@
|
|
|
1
1
|
name: testing_1477_oidc
|
|
2
|
+
|
|
2
3
|
on:
|
|
3
4
|
workflow_dispatch:
|
|
4
5
|
|
|
5
|
-
|
|
6
6
|
permissions:
|
|
7
|
-
id-token: write # Required for OIDC
|
|
8
7
|
contents: read
|
|
8
|
+
id-token: write # Required to trigger OIDC token exchange
|
|
9
9
|
|
|
10
10
|
jobs:
|
|
11
|
-
|
|
11
|
+
detect-oidc-precedence:
|
|
12
12
|
runs-on: ubuntu-latest
|
|
13
|
-
environment: release
|
|
14
13
|
steps:
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
14
|
+
- name: Checkout package to publish
|
|
15
|
+
uses: actions/checkout@v4
|
|
16
|
+
with:
|
|
17
|
+
path: package # ← your repro-setup-node-oidc package lives here
|
|
18
|
+
|
|
19
|
+
- name: Checkout custom npm-cli fork (for logging)
|
|
20
|
+
uses: actions/checkout@v4
|
|
21
|
+
with:
|
|
22
|
+
repository: chiranjib-swain/npm-cli
|
|
23
|
+
ref: envReplace
|
|
24
|
+
path: npm-cli # ← forked npm CLI lives here
|
|
25
|
+
|
|
26
|
+
- name: Set up Node.js 24 with registry-url
|
|
27
|
+
uses: actions/setup-node@v4
|
|
28
|
+
with:
|
|
29
|
+
node-version: '24'
|
|
30
|
+
registry-url: 'https://npm.pkg.github.com'
|
|
31
|
+
|
|
32
|
+
- name: Install & link custom npm CLI
|
|
33
|
+
run: |
|
|
34
|
+
cd npm-cli
|
|
35
|
+
npm install
|
|
36
|
+
npm install -g . # Link the custom npm CLI globally
|
|
37
|
+
- name: Show environment state before publish
|
|
38
|
+
run: |
|
|
39
|
+
echo "=== Token State ==="
|
|
40
|
+
echo "NODE_AUTH_TOKEN=${NODE_AUTH_TOKEN}"
|
|
41
|
+
echo "NPM_CONFIG_USERCONFIG=${NPM_CONFIG_USERCONFIG}"
|
|
42
|
+
echo ""
|
|
43
|
+
echo "=== .npmrc Contents ==="
|
|
44
|
+
cat "${NPM_CONFIG_USERCONFIG}"
|
|
45
|
+
echo ""
|
|
46
|
+
echo "=== OIDC Env Vars ==="
|
|
47
|
+
echo "ACTIONS_ID_TOKEN_REQUEST_URL=${ACTIONS_ID_TOKEN_REQUEST_URL:-(not set)}"
|
|
48
|
+
echo "ACTIONS_ID_TOKEN_REQUEST_TOKEN=${ACTIONS_ID_TOKEN_REQUEST_TOKEN:-(not set)}"
|
|
49
|
+
- name: Run npm publish with verbose logging # ← key fix here
|
|
50
|
+
working-directory: package
|
|
51
|
+
run: |
|
|
52
|
+
npm publish --access public --provenance --loglevel verbose 2>&1 | tee /tmp/publish.log || true
|
|
53
|
+
- name: Extract DETECT log lines only
|
|
54
|
+
run: |
|
|
55
|
+
echo "=== DETECTION LOG LINES ==="
|
|
56
|
+
grep "\[DETECT\]" /tmp/publish.log || echo "No [DETECT] lines found"
|
|
57
|
+
echo ""
|
|
58
|
+
echo "=== OIDC-related lines ==="
|
|
59
|
+
grep -i "oidc" /tmp/publish.log || echo "No OIDC lines found"
|
|
60
|
+
echo ""
|
|
61
|
+
echo "=== Auth error lines ==="
|
|
62
|
+
grep -E "E401|ENEEDAUTH|401 Unauthorized" /tmp/publish.log || echo "No auth errors found"
|
package/package.json
CHANGED
|
@@ -1,22 +1,22 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@gowri48/npmpublish",
|
|
3
|
-
"version": "1.
|
|
3
|
+
"version": "1.4.1",
|
|
4
4
|
"description": "Your package description",
|
|
5
5
|
"main": "index.js",
|
|
6
6
|
"repository": "github:gowridurgad/npm-publish",
|
|
7
7
|
"author": "gowridurgad",
|
|
8
8
|
"license": "ISC",
|
|
9
|
+
"scripts": {
|
|
10
|
+
"build": "node -e \"console.log('build ok')\"",
|
|
11
|
+
"test": "node -e \"console.log('ok')\""
|
|
12
|
+
},
|
|
9
13
|
"publishConfig": {
|
|
10
|
-
"access": "public"
|
|
14
|
+
"access": "public"
|
|
11
15
|
},
|
|
12
16
|
"dependencies": {
|
|
13
17
|
"axios": "^1.7.0"
|
|
14
18
|
},
|
|
15
19
|
"engines": {
|
|
16
20
|
"node": ">=12"
|
|
17
|
-
},
|
|
18
|
-
"scripts": {
|
|
19
|
-
"build": "node -e \"console.log('build ok')\"",
|
|
20
|
-
"test": "node -e \"console.log('ok')\""
|
|
21
21
|
}
|
|
22
|
-
}
|
|
22
|
+
}
|