Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] npm publish --provenance conflicts with the repository.url field of package.json #8036

Open
2 tasks done
cloudcome opened this issue Jan 16, 2025 · 0 comments
Open
2 tasks done

[BUG] npm publish --provenance conflicts with the repository.url field of package.json #8036

cloudcome opened this issue Jan 16, 2025 · 0 comments
Labels
Bug thing that needs fixing Needs Triage needs review for next steps

Comments

@cloudcome
Copy link

cloudcome commented Jan 16, 2025
edited
Loading

Is there an existing issue for this?

  • I have searched the existing issues

This issue exists in the latest npm version

  • I am using the latest npm

Current Behavior

第一次尝试 first try

...
npm warn publish "repository.url" was normalized to "git+https://github.com/frontenddev-org/create-creator.git"
...
npm notice Publishing to https://registry.npmjs.org/ with tag latest and default access
npm notice publish Signed provenance statement with source and build information from GitHub Actions
npm notice publish Provenance statement published to transparency log: https://search.sigstore.dev/?logIndex=162784053
npm error code E422
npm error 422 Unprocessable Entity - PUT https://registry.npmjs.org/create-creator - Error verifying sigstore provenance bundle: Failed to validate repository information: package.json: "repository.url" is "git+https://github.com/frontenddev-org/create-creator.git", expected to match "https://github.com/FrontEndDev-org/create-creator" from provenance
npm error A complete log of this run can be found in: /home/runner/.npm/_logs/2025-01-16T01_23_18_715Z-debug-0.log
Error: Command failed: npm publish --provenance --tag=latest

第二次尝试 second try

...
npm notice Publishing to https://registry.npmjs.org/ with tag latest and default access
npm notice publish Signed provenance statement with source and build information from GitHub Actions
npm notice publish Provenance statement published to transparency log: https://search.sigstore.dev/?logIndex=1629461[74](https://github.com/FrontEndDev-org/create-creator/actions/runs/12809867334/job/35715622293#step:6:75)
npm error code E422
npm error 422 Unprocessable Entity - PUT https://registry.npmjs.org/create-creator - Error verifying sigstore provenance bundle: Failed to validate repository information: package.json: "repository.url" is "git+https://github.com/frontenddev-org/create-creator.git", expected to match "https://github.com/FrontEndDev-org/create-creator" from provenance
npm error A complete log of this run can be found in: /home/runner/.npm/_logs/2025-01-16T13_25_43_868Z-debug-0.log
Error: Command failed: npm publish --provenance --tag=latest

Expected Behavior

npm publish --provenance command was executed successfully

Steps To Reproduce

有问题的的 github action run ❌

没有问题的 github action run ✅

使用的是相同的 github action

Environment

  • npm: 10.9.0
  • Node.js: 22.12.0
  • OS Name: Ubuntu 24.04.1
  • System Model Name: Ubuntu
  • npm config: default
; copy and paste output from `npm config ls` here

run in github action environment
@cloudcome cloudcome added Bug thing that needs fixing Needs Triage needs review for next steps labels Jan 16, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Bug thing that needs fixing Needs Triage needs review for next steps
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@cloudcome