Skip to content

Fix workflow #69

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 12 commits into
base: master
Choose a base branch
from
Open
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
28 changes: 24 additions & 4 deletions .github/workflows/reviewing_changes.yml
Original file line number Diff line number Diff line change
Expand Up @@ -57,15 +57,35 @@ jobs:
with:
node-version: ${{ matrix.node }}

- name: Set up npm authentication
shell: bash
run: |
echo "//localhost:4873/:_auth=$(echo -n 'dummy:dummy' | base64)" >> ~/.npmrc
Copy link
Preview

Copilot AI Jul 18, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hard-coded credentials ('dummy:dummy') are being used for authentication. While this appears to be for testing purposes, consider using environment variables or GitHub secrets to avoid exposing credentials in the workflow file.

Suggested change
echo "//localhost:4873/:_auth=$(echo -n 'dummy:dummy' | base64)" >> ~/.npmrc
echo "//localhost:4873/:_auth=${{ secrets.VERDACCIO_AUTH }}" >> ~/.npmrc

Copilot uses AI. Check for mistakes.

echo "email=dummy@gmail.com" >> ~/.npmrc
echo "always-auth=true" >> ~/.npmrc
npx verdaccio@5.32.2 &
for i in {1..30}; do
if curl -sf http://localhost:4873/-/ping > /dev/null; then break; fi
echo "Waiting for Verdaccio to be ready..."; sleep 2;
done
Comment on lines +66 to +70
Copy link
Preview

Copilot AI Jul 18, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Running Verdaccio in the background without capturing its process ID makes it difficult to manage or terminate if needed. Consider storing the PID or using a more robust process management approach.

Suggested change
npx verdaccio@5.32.2 &
for i in {1..30}; do
if curl -sf http://localhost:4873/-/ping > /dev/null; then break; fi
echo "Waiting for Verdaccio to be ready..."; sleep 2;
done
npx verdaccio@5.32.2 & echo $! > verdaccio.pid
for i in {1..30}; do
if curl -sf http://localhost:4873/-/ping > /dev/null; then break; fi
echo "Waiting for Verdaccio to be ready..."; sleep 2;
done
echo "Verdaccio started with PID $(cat verdaccio.pid)"

Copilot uses AI. Check for mistakes.

npm config set registry http://localhost:4873

- name: Register user with Verdaccio
shell: bash
run: |
curl -X PUT http://localhost:4873/-/user/org.couchdb.user:dummy \
-H "Content-Type: application/json" \
-d '{
"name": "dummy",
"password": "dummy",
"email": "dummy@gmail.com"
}'
Comment on lines +76 to +82
Copy link
Preview

Copilot AI Jul 18, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The curl command for user registration lacks error handling. Consider adding '--fail' flag or checking the exit code to ensure the user registration succeeds before proceeding.

Suggested change
curl -X PUT http://localhost:4873/-/user/org.couchdb.user:dummy \
-H "Content-Type: application/json" \
-d '{
"name": "dummy",
"password": "dummy",
"email": "dummy@gmail.com"
}'
curl --fail -X PUT http://localhost:4873/-/user/org.couchdb.user:dummy \
-H "Content-Type: application/json" \
-d '{
"name": "dummy",
"password": "dummy",
"email": "dummy@gmail.com"
}' || { echo "User registration failed"; exit 1; }

Copilot uses AI. Check for mistakes.


- name: Setup staging npm package
if: ${{ github.event.inputs.package_url != '' }}
run: |
echo 'Publishing tar.gz to local registry'
curl -o staging_package.tgz "$PACKAGE_URL"
npm install verdaccio@5.32.2 -g
verdaccio &
npm config set registry http://localhost:4873
npm install -g npm-cli-adduser && npm-cli-adduser -u dummy -p dummy -e dummy@gmail.com -r http://localhost:4873
npm publish staging_package.tgz --registry http://localhost:4873/
shell: bash

Expand Down
Loading