npm - patchrelay - Versions diffs - 0.35.8 → 0.35.9 - Mend

patchrelay 0.35.8 → 0.35.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/build-info.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "service": "patchrelay",
-  "version": "0.35.8",
-  "commit": "727fa6d1f476",
-  "builtAt": "2026-04-03T23:33:50.106Z"
+  "version": "0.35.9",
+  "commit": "26b4d319fde3",
+  "builtAt": "2026-04-03T23:53:54.564Z"
 }

package/dist/github-app-token.js CHANGED Viewed

@@ -203,8 +203,10 @@ async function resolveBotIdentity(jwt) {
         throw new Error(`Failed to fetch bot user ${botLogin} (${userResponse.status}): ${body}`);
     }
     const user = await userResponse.json();
+    const { tokenFile } = getGitHubAppPaths();
     return {
         name: user.login,
         email: `${user.id}+${user.login}@users.noreply.github.com`,
+        tokenFile,
     };
 }

package/dist/run-orchestrator.js CHANGED Viewed

@@ -220,11 +220,17 @@ export class RunOrchestrator {
         try {
             // Ensure worktree
             await this.worktreeManager.ensureIssueWorktree(project.repoPath, project.worktreeRoot, worktreePath, branchName, { allowExistingOutsideRoot: issue.branchName !== undefined });
-            // Set bot git identity when GitHub App is configured
+            // Set bot git identity and push credentials when GitHub App is configured.
+            // This ensures commits are authored by and pushes are authenticated as
+            // patchrelay[bot], not the system user.
             if (this.botIdentity) {
                 const gitBin = this.config.runner.gitBin;
                 await execCommand(gitBin, ["-C", worktreePath, "config", "user.name", this.botIdentity.name], { timeoutMs: 5_000 });
                 await execCommand(gitBin, ["-C", worktreePath, "config", "user.email", this.botIdentity.email], { timeoutMs: 5_000 });
+                // Override credential helper to use the App installation token for git push.
+                // The helper script reads the token file and returns it as the password.
+                const credentialHelper = `!f() { echo "username=x-access-token"; echo "password=$(cat ${this.botIdentity.tokenFile})"; }; f`;
+                await execCommand(gitBin, ["-C", worktreePath, "config", "credential.helper", credentialHelper], { timeoutMs: 5_000 });
             }
             // Freshen the worktree: fetch + rebase onto latest base branch.
             // This prevents branch contamination when local main has drifted

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "patchrelay",
-  "version": "0.35.8",
+  "version": "0.35.9",
   "license": "MIT",
   "type": "module",
   "repository": {