@jaypie/mcp 0.8.42 → 0.8.44
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/suites/docs/index.js +1 -1
- package/package.json +1 -1
- package/release-notes/constructs/1.2.51.md +22 -0
- package/release-notes/mcp/0.8.43.md +9 -0
- package/release-notes/mcp/0.8.44.md +11 -0
- package/skills/cicd-actions.md +5 -5
- package/skills/cicd-deploy.md +9 -9
- package/skills/cicd.md +23 -8
|
@@ -9,7 +9,7 @@ import { gt } from 'semver';
|
|
|
9
9
|
/**
|
|
10
10
|
* Docs Suite - Documentation services (skill, version, release_notes)
|
|
11
11
|
*/
|
|
12
|
-
const BUILD_VERSION_STRING = "@jaypie/mcp@0.8.
|
|
12
|
+
const BUILD_VERSION_STRING = "@jaypie/mcp@0.8.44#b696c1bf"
|
|
13
13
|
;
|
|
14
14
|
const __filename$1 = fileURLToPath(import.meta.url);
|
|
15
15
|
const __dirname$1 = path.dirname(__filename$1);
|
package/package.json
CHANGED
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
---
|
|
2
|
+
version: 1.2.51
|
|
3
|
+
date: 2026-04-19
|
|
4
|
+
summary: JaypieGitHubDeployRole grants ECR auth and push by default, scoped to <sponsor>-* repositories
|
|
5
|
+
---
|
|
6
|
+
|
|
7
|
+
## Changes
|
|
8
|
+
|
|
9
|
+
- `JaypieGitHubDeployRole` grants `ecr:GetAuthorizationToken` on `*` and push actions (`ecr:BatchCheckLayerAvailability`, `ecr:BatchGetImage`, `ecr:CompleteLayerUpload`, `ecr:CreateRepository`, `ecr:DescribeRepositories`, `ecr:InitiateLayerUpload`, `ecr:PutImage`, `ecr:UploadLayerPart`) scoped to `arn:aws:ecr:*:<account>:repository/<sponsor>-*` by default.
|
|
10
|
+
- Sponsor is resolved from `sponsor` prop, `PROJECT_SPONSOR`, or the organization parsed from `CDK_ENV_REPO` / `PROJECT_REPO` (same parse that produces the `repoRestriction`), keeping ECR scope aligned with the OIDC `sub` condition.
|
|
11
|
+
- New `sponsor` and `ecr` props on `JaypieGitHubDeployRoleProps`. Set `ecr: false` to opt out.
|
|
12
|
+
|
|
13
|
+
## Motivation
|
|
14
|
+
|
|
15
|
+
Any project shipping a Docker artifact (ECS/Fargate, Lambda containers) needs ECR auth + push on the GitHub Actions deploy role. Previously every consumer had to extend the role downstream. Since `JaypieGitHubDeployRole` already constrains the OIDC `sub` to the organization's repos, granting ECR by default removes boilerplate without expanding the threat surface.
|
|
16
|
+
|
|
17
|
+
## Migration
|
|
18
|
+
|
|
19
|
+
- Consumers deploying from a sponsor-scoped monorepo (`<sponsor>-*`) see no change beyond new default permissions.
|
|
20
|
+
- Consumers who previously extended the role for ECR can remove the inline statements.
|
|
21
|
+
- To keep prior behavior with no ECR permissions, pass `ecr: false`.
|
|
22
|
+
- If no sponsor can be resolved (no `sponsor` prop, `PROJECT_SPONSOR`, `CDK_ENV_REPO`, or `PROJECT_REPO`), construction throws `ConfigurationError`; set `ecr: false` to skip the check.
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
---
|
|
2
|
+
version: 0.8.43
|
|
3
|
+
date: 2026-04-19
|
|
4
|
+
summary: Release notes for @jaypie/constructs 1.2.51 (ECR defaults on JaypieGitHubDeployRole)
|
|
5
|
+
---
|
|
6
|
+
|
|
7
|
+
## Changes
|
|
8
|
+
|
|
9
|
+
- Adds release notes for `@jaypie/constructs` 1.2.51, which grants ECR auth + push permissions by default on `JaypieGitHubDeployRole`, scoped to `<sponsor>-*` repositories.
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
---
|
|
2
|
+
version: 0.8.44
|
|
3
|
+
date: 2026-04-19
|
|
4
|
+
summary: Pin cicd skill GitHub Actions to Node 24-native majors
|
|
5
|
+
---
|
|
6
|
+
|
|
7
|
+
## Changes
|
|
8
|
+
|
|
9
|
+
- Documents the Node 24-native action majors (`actions/checkout@v6`, `actions/setup-node@v6`, `actions/cache@v5`, `actions/upload-artifact@v7`, `actions/download-artifact@v8`, `aws-actions/configure-aws-credentials@v6`) at the top of `skills/cicd.md`.
|
|
10
|
+
- Updates example workflows in `skills/cicd.md`, `skills/cicd-actions.md`, and `skills/cicd-deploy.md` so scaffolds land on Node 24-native actions on the first pass, avoiding the Node 20 deprecation warning and `FORCE_JAVASCRIPT_ACTIONS_TO_NODE24` opt-in.
|
|
11
|
+
- Updates `workspaces/documentation/docs/guides/cicd.md` to match.
|
package/skills/cicd-actions.md
CHANGED
|
@@ -176,13 +176,13 @@ runs:
|
|
|
176
176
|
using: 'composite'
|
|
177
177
|
steps:
|
|
178
178
|
- name: Setup Node.js
|
|
179
|
-
uses: actions/setup-node@
|
|
179
|
+
uses: actions/setup-node@v6
|
|
180
180
|
with:
|
|
181
181
|
node-version: ${{ inputs.node-version }}
|
|
182
182
|
cache: 'npm'
|
|
183
183
|
|
|
184
184
|
- name: Cache node_modules
|
|
185
|
-
uses: actions/cache@
|
|
185
|
+
uses: actions/cache@v5
|
|
186
186
|
with:
|
|
187
187
|
path: |
|
|
188
188
|
node_modules
|
|
@@ -194,7 +194,7 @@ runs:
|
|
|
194
194
|
|
|
195
195
|
- name: Cache build outputs
|
|
196
196
|
if: inputs.cache-builds == 'true'
|
|
197
|
-
uses: actions/cache@
|
|
197
|
+
uses: actions/cache@v5
|
|
198
198
|
with:
|
|
199
199
|
path: |
|
|
200
200
|
packages/*/dist
|
|
@@ -282,7 +282,7 @@ runs:
|
|
|
282
282
|
${{ inputs.extra-args }}
|
|
283
283
|
|
|
284
284
|
- name: Upload CDK outputs
|
|
285
|
-
uses: actions/upload-artifact@
|
|
285
|
+
uses: actions/upload-artifact@v7
|
|
286
286
|
with:
|
|
287
287
|
name: cdk-outputs
|
|
288
288
|
path: ${{ inputs.working-directory }}/cdk-outputs.json
|
|
@@ -302,7 +302,7 @@ jobs:
|
|
|
302
302
|
id-token: write
|
|
303
303
|
contents: read
|
|
304
304
|
steps:
|
|
305
|
-
- uses: actions/checkout@
|
|
305
|
+
- uses: actions/checkout@v6
|
|
306
306
|
|
|
307
307
|
- uses: ./.github/actions/setup-environment
|
|
308
308
|
with:
|
package/skills/cicd-deploy.md
CHANGED
|
@@ -30,7 +30,7 @@ jobs:
|
|
|
30
30
|
lint:
|
|
31
31
|
runs-on: ubuntu-latest
|
|
32
32
|
steps:
|
|
33
|
-
- uses: actions/checkout@
|
|
33
|
+
- uses: actions/checkout@v6
|
|
34
34
|
- uses: ./.github/actions/setup-node-and-cache
|
|
35
35
|
- uses: ./.github/actions/npm-install-build
|
|
36
36
|
with:
|
|
@@ -40,7 +40,7 @@ jobs:
|
|
|
40
40
|
typecheck:
|
|
41
41
|
runs-on: ubuntu-latest
|
|
42
42
|
steps:
|
|
43
|
-
- uses: actions/checkout@
|
|
43
|
+
- uses: actions/checkout@v6
|
|
44
44
|
- uses: ./.github/actions/setup-node-and-cache
|
|
45
45
|
- uses: ./.github/actions/npm-install-build
|
|
46
46
|
with:
|
|
@@ -53,7 +53,7 @@ jobs:
|
|
|
53
53
|
matrix:
|
|
54
54
|
node-version: [22, 24, 25]
|
|
55
55
|
steps:
|
|
56
|
-
- uses: actions/checkout@
|
|
56
|
+
- uses: actions/checkout@v6
|
|
57
57
|
- uses: ./.github/actions/setup-node-and-cache
|
|
58
58
|
with:
|
|
59
59
|
node-version: ${{ matrix.node-version }}
|
|
@@ -68,7 +68,7 @@ jobs:
|
|
|
68
68
|
id-token: write
|
|
69
69
|
contents: read
|
|
70
70
|
steps:
|
|
71
|
-
- uses: actions/checkout@
|
|
71
|
+
- uses: actions/checkout@v6
|
|
72
72
|
|
|
73
73
|
- uses: ./.github/actions/setup-environment
|
|
74
74
|
with:
|
|
@@ -112,7 +112,7 @@ jobs:
|
|
|
112
112
|
lint:
|
|
113
113
|
runs-on: ubuntu-latest
|
|
114
114
|
steps:
|
|
115
|
-
- uses: actions/checkout@
|
|
115
|
+
- uses: actions/checkout@v6
|
|
116
116
|
- uses: ./.github/actions/setup-node-and-cache
|
|
117
117
|
- uses: ./.github/actions/npm-install-build
|
|
118
118
|
with:
|
|
@@ -122,7 +122,7 @@ jobs:
|
|
|
122
122
|
typecheck:
|
|
123
123
|
runs-on: ubuntu-latest
|
|
124
124
|
steps:
|
|
125
|
-
- uses: actions/checkout@
|
|
125
|
+
- uses: actions/checkout@v6
|
|
126
126
|
- uses: ./.github/actions/setup-node-and-cache
|
|
127
127
|
- uses: ./.github/actions/npm-install-build
|
|
128
128
|
with:
|
|
@@ -135,7 +135,7 @@ jobs:
|
|
|
135
135
|
matrix:
|
|
136
136
|
node-version: [22, 24, 25]
|
|
137
137
|
steps:
|
|
138
|
-
- uses: actions/checkout@
|
|
138
|
+
- uses: actions/checkout@v6
|
|
139
139
|
- uses: ./.github/actions/setup-node-and-cache
|
|
140
140
|
with:
|
|
141
141
|
node-version: ${{ matrix.node-version }}
|
|
@@ -150,7 +150,7 @@ jobs:
|
|
|
150
150
|
id-token: write
|
|
151
151
|
contents: read
|
|
152
152
|
steps:
|
|
153
|
-
- uses: actions/checkout@
|
|
153
|
+
- uses: actions/checkout@v6
|
|
154
154
|
|
|
155
155
|
- uses: ./.github/actions/setup-environment
|
|
156
156
|
with:
|
|
@@ -200,7 +200,7 @@ jobs:
|
|
|
200
200
|
permissions:
|
|
201
201
|
contents: write
|
|
202
202
|
steps:
|
|
203
|
-
- uses: actions/checkout@
|
|
203
|
+
- uses: actions/checkout@v6
|
|
204
204
|
with:
|
|
205
205
|
token: ${{ secrets.GITHUB_TOKEN }}
|
|
206
206
|
|
package/skills/cicd.md
CHANGED
|
@@ -15,6 +15,21 @@ Jaypie projects use GitHub Actions for continuous integration and deployment.
|
|
|
15
15
|
| `cicd-deploy` | CDK deployment workflows (sandbox, production) |
|
|
16
16
|
| `cicd-environments` | GitHub Environments configuration |
|
|
17
17
|
|
|
18
|
+
## Action Versions
|
|
19
|
+
|
|
20
|
+
GitHub Actions deprecated Node 20 runners on 2025-09-19. Pin third-party actions to majors that natively run on Node 24 to avoid deprecation warnings and the `FORCE_JAVASCRIPT_ACTIONS_TO_NODE24` opt-in.
|
|
21
|
+
|
|
22
|
+
| Action | Tag |
|
|
23
|
+
|---|---|
|
|
24
|
+
| `actions/checkout` | `v6` |
|
|
25
|
+
| `actions/setup-node` | `v6` |
|
|
26
|
+
| `actions/cache` | `v5` |
|
|
27
|
+
| `actions/upload-artifact` | `v7` |
|
|
28
|
+
| `actions/download-artifact` | `v8` |
|
|
29
|
+
| `aws-actions/configure-aws-credentials` | `v6` |
|
|
30
|
+
|
|
31
|
+
Refresh this list against the [Node 20 deprecation changelog](https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/) when bumping action versions.
|
|
32
|
+
|
|
18
33
|
## Standard Workflows
|
|
19
34
|
|
|
20
35
|
### npm-check.yml
|
|
@@ -34,8 +49,8 @@ jobs:
|
|
|
34
49
|
lint:
|
|
35
50
|
runs-on: ubuntu-latest
|
|
36
51
|
steps:
|
|
37
|
-
- uses: actions/checkout@
|
|
38
|
-
- uses: actions/setup-node@
|
|
52
|
+
- uses: actions/checkout@v6
|
|
53
|
+
- uses: actions/setup-node@v6
|
|
39
54
|
with:
|
|
40
55
|
node-version: 24
|
|
41
56
|
- run: npm ci
|
|
@@ -44,8 +59,8 @@ jobs:
|
|
|
44
59
|
typecheck:
|
|
45
60
|
runs-on: ubuntu-latest
|
|
46
61
|
steps:
|
|
47
|
-
- uses: actions/checkout@
|
|
48
|
-
- uses: actions/setup-node@
|
|
62
|
+
- uses: actions/checkout@v6
|
|
63
|
+
- uses: actions/setup-node@v6
|
|
49
64
|
with:
|
|
50
65
|
node-version: 24
|
|
51
66
|
- run: npm ci
|
|
@@ -57,8 +72,8 @@ jobs:
|
|
|
57
72
|
matrix:
|
|
58
73
|
node-version: [22, 24, 25]
|
|
59
74
|
steps:
|
|
60
|
-
- uses: actions/checkout@
|
|
61
|
-
- uses: actions/setup-node@
|
|
75
|
+
- uses: actions/checkout@v6
|
|
76
|
+
- uses: actions/setup-node@v6
|
|
62
77
|
with:
|
|
63
78
|
node-version: ${{ matrix.node-version }}
|
|
64
79
|
- run: npm ci
|
|
@@ -87,8 +102,8 @@ jobs:
|
|
|
87
102
|
contents: read
|
|
88
103
|
id-token: write
|
|
89
104
|
steps:
|
|
90
|
-
- uses: actions/checkout@
|
|
91
|
-
- uses: actions/setup-node@
|
|
105
|
+
- uses: actions/checkout@v6
|
|
106
|
+
- uses: actions/setup-node@v6
|
|
92
107
|
with:
|
|
93
108
|
node-version: 24
|
|
94
109
|
registry-url: 'https://registry.npmjs.org'
|