everkm-publish 0.17.0 → 0.17.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/README-MAINTAINERS.md +61 -0
  2. package/README.md +2 -32
  3. package/package.json +1 -1
  4. package/scripts/publish-npm-package.py +18 -3
package/README-MAINTAINERS.md ADDED
@@ -0,0 +1,61 @@
1
+ # Maintainers
2
+
3
+ 本仓库即 [`everkm/publish`](https://github.com/everkm/publish)(`everkm-publish-npm` 仅为本地/历史别名)。
4
+
5
+ ## Release
6
+
7
+ 1. **Binary Release** — tag 触发构建并发布 GitHub Release(含 notes):
8
+
9
+ ```bash
10
+ git tag everkm-publish@v0.17.0
11
+ git push origin everkm-publish@v0.17.0
12
+ ```
13
+
14
+ 等待构建完成,确认 Release 资产与 notes。
15
+
16
+ 2. **CDN + npm** — semver tag 触发 CDN 镜像与 npm publish:
17
+
18
+ ```bash
19
+ git tag v0.17.0
20
+ git push origin v0.17.0
21
+
22
+ # or via Makefile
23
+ make tag TAG=v0.17.0
24
+ ```
25
+
26
+ 3. Verify:
27
+
28
+ ```bash
29
+ curl -s https://ekmp-assets.everkm.com/pkgs/latest.json
30
+ npm view everkm-publish version
31
+ ```
32
+
33
+ Manual re-run: GitHub Actions → **Publish NPM Package** → `workflow_dispatch`.
34
+
35
+ ## GitHub Secrets
36
+
37
+ | Secret | 用途 |
38
+ |--------|------|
39
+ | `CF_S3_AK` / `CF_S3_SK` | Cloudflare R2 上传 |
40
+ | `QINIU_ACCESS_KEY` / `QINIU_SECRET_KEY` | 七牛上传与 CDN 刷新 |
41
+ | `GH_TOKEN` | 读取同仓 GitHub Release(未设置时回退 `GITHUB_TOKEN`) |
42
+ | `NPM_TOKEN` | npm publish(见下) |
43
+ | `NOTIFY_DAYU_ENDPOINT` | workflow 结束 Telegram 通知(可选) |
44
+
45
+ ### `NPM_TOKEN` 配置
46
+
47
+ CI 无法输入 authenticator 验证码;若账号启用了 2FA,token **必须**支持自动化发布,否则 `npm publish` 会报 `EOTP`。
48
+
49
+ 在 [npmjs.com](https://www.npmjs.com) → **Access Tokens** 创建 **Granular Access Token**(或 Classic **Automation** token):
50
+
51
+ 1. **Packages and scopes**:对 `everkm-publish` 授予 **Read and write**(或 all packages)
52
+ 2. **Security settings**:勾选 **Bypass two-factor authentication (2FA)**
53
+ 3. 若包归属 npm organization,还需在 **Organizations** 中授权对应 org
54
+
55
+ 将 token 写入仓库 **Settings → Secrets → Actions → `NPM_TOKEN`**。更新后重新跑 workflow 即可。
56
+
57
+ 本地验证 token:
58
+
59
+ ```bash
60
+ npm whoami --registry=https://registry.npmjs.org/ --//registry.npmjs.org/:_authToken=YOUR_TOKEN
61
+ ```
package/README.md CHANGED
@@ -14,36 +14,6 @@ pnpm add everkm-publish
14
14
 
15
15
  `postinstall` downloads the platform binary from CDN (`.com` → GitHub → `.cn`), with a 5s timeout per source.
16
16
 
17
- ## Release (maintainers)
17
+ ---
18
18
 
19
- 本仓库即 [`everkm/publish`](https://github.com/everkm/publish)(`everkm-publish-npm` 仅为本地/历史别名)。
20
-
21
- 1. **Binary Release** — tag 触发构建并发布 GitHub Release(含 notes):
22
-
23
- ```bash
24
- git tag everkm-publish@v0.17.0
25
- git push origin everkm-publish@v0.17.0
26
- ```
27
-
28
- 等待构建完成,确认 Release 资产与 notes。
29
-
30
- 2. **CDN + npm** — semver tag 触发 CDN 镜像与 npm publish:
31
-
32
- ```bash
33
- git tag v0.17.0
34
- git push origin v0.17.0
35
-
36
- # or via Makefile
37
- make tag TAG=v0.17.0
38
- ```
39
-
40
- 3. Verify:
41
-
42
- ```bash
43
- curl -s https://ekmp-assets.everkm.com/pkgs/latest.json
44
- npm view everkm-publish version
45
- ```
46
-
47
- Manual re-run: GitHub Actions → **Publish NPM Package** → `workflow_dispatch`.
48
-
49
- Required secrets: `CF_S3_AK`, `CF_S3_SK`, `QINIU_ACCESS_KEY`, `QINIU_SECRET_KEY`, `GH_TOKEN`, `NPM_TOKEN`, `NOTIFY_DAYU_ENDPOINT`。
19
+ Maintainers: see [README-MAINTAINERS.md](./README-MAINTAINERS.md).
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "everkm-publish",
3
- "version": "0.17.0",
3
+ "version": "0.17.2",
4
4
  "description": "Everkm Publish CLI — npm wrapper with platform binaries",
5
5
  "repository": {
6
6
  "type": "git",
package/scripts/publish-npm-package.py CHANGED
@@ -4,7 +4,7 @@
4
4
  publish-npm-package.py
5
5
 
6
6
  从 everkm/publish GitHub Release 拉取全部资产,镜像至 R2 / 七牛(pkgs/{ver}/),
7
- 生成 pkgs/latest.json(含上游 Release notes)。
7
+ 生成 pkgs/latest.json 与 pkgs/{ver}/meta.json(含上游 Release notes)。
8
8
 
9
9
  环境变量:
10
10
  - GH_TOKEN / GITHUB_TOKEN — 读 everkm/publish Release
@@ -241,6 +241,8 @@ def cdn_assets_complete(s3_client: Any, version: str, asset_names: list[str]) ->
241
241
  for name in asset_names:
242
242
  if not object_exists(s3_client, pkg_key(version, name)):
243
243
  return False
244
+ if not object_exists(s3_client, pkg_key(version, "meta.json")):
245
+ return False
244
246
  latest_key = "pkgs/latest.json"
245
247
  if not object_exists(s3_client, latest_key):
246
248
  return False
@@ -249,6 +251,7 @@ def cdn_assets_complete(s3_client: Any, version: str, asset_names: list[str]) ->
249
251
 
250
252
  def cdn_refresh_urls(version: str, asset_names: list[str]) -> None:
251
253
  urls = [f"{CDN_CN}/pkgs/{version}/{name}" for name in asset_names]
254
+ urls.append(f"{CDN_CN}/pkgs/{version}/meta.json")
252
255
  urls.append(f"{CDN_CN}/pkgs/latest.json")
253
256
  ak = os.environ.get("QINIU_ACCESS_KEY")
254
257
  sk = os.environ.get("QINIU_SECRET_KEY")
@@ -324,10 +327,22 @@ def publish(
324
327
  skip_if_exists=not force_cdn,
325
328
  )
326
329
 
327
- latest = build_latest_json(version, tag, notes, asset_names)
330
+ meta = build_latest_json(version, tag, notes, asset_names)
331
+
332
+ meta_path = work_dir / "meta.json"
333
+ with meta_path.open("w", encoding="utf-8") as f:
334
+ json.dump(meta, f, indent=2, ensure_ascii=False)
335
+ f.write("\n")
336
+ upload_file_both(
337
+ s3_client,
338
+ meta_path,
339
+ pkg_key(version, "meta.json"),
340
+ skip_if_exists=not force_cdn,
341
+ )
342
+
328
343
  latest_path = work_dir / "latest.json"
329
344
  with latest_path.open("w", encoding="utf-8") as f:
330
- json.dump(latest, f, indent=2, ensure_ascii=False)
345
+ json.dump(meta, f, indent=2, ensure_ascii=False)
331
346
  f.write("\n")
332
347
  upload_file_both(
333
348
  s3_client,