mirror of
https://github.com/ether/etherpad-lite.git
synced 2026-07-17 16:47:05 +00:00
* fix: setup-trusted-publishers.sh works with real npm trust CLI Two issues found when running the script for the first time after #7490: 1. `npm trust github --file` wants ONLY the workflow filename basename (e.g. `test-and-release.yml`), not the full `.github/workflows/test-and-release.yml` path. npm errors out with "GitHub Actions workflow must be just a file not a path" otherwise. Constants updated. 2. `npm trust github` requires 2FA on accounts that have it enabled, and there is no way to disable that requirement. Add a `--otp <code>` pass-through flag and forward it to every call so a maintainer can batch-process multiple packages within a single TOTP window. Documented the limitation in the script header. Also reword the call site so the npm command line is built without shell-string round-tripping (passing $CMD through `$( $CMD )` was unrelated to this bug but was bad practice). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix: setup-trusted-publishers.sh recognizes 409 as already-configured When --skip-existing is set, treat HTTP 409 Conflict from POST /-/package/<name>/trust as 'already configured' so re-runs of the bulk script don't fail on packages that were configured in a previous run. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * test: cover setup-trusted-publishers.sh, harden against set -e, document --otp Addresses qodo review on #7491: - Add backend regression test that shims `npm` on PATH and asserts `--file` is given the workflow basename (never a path), `--otp` is forwarded to every `npm trust github` call when supplied, and the loop survives a non-zero exit so `--skip-existing` can absorb 409 Conflict responses from the registry. - Wrap the `npm trust github` invocation in `set +e` / `set -e`. The `if configure_one` already shields the function from errexit in practice, but a future refactor moving the call site out of an `if` would silently reintroduce the bug — the explicit shim makes intent obvious and survives such refactors. - Document `--otp` and the 2FA / TOTP-expiry workflow in doc/npm-trusted-publishing.md so maintainers don't follow the docs and hit EOTP. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| deb-src | ||
| nsis | ||
| plugins | ||
| buildDebian.sh | ||
| buildForWindows.sh | ||
| checkAllPads.ts | ||
| checkPad.ts | ||
| cleanRun.sh | ||
| commonPlugins.ts | ||
| convertSettings.json.template | ||
| createRelease.sh | ||
| createUserSession.ts | ||
| debugRun.sh | ||
| deleteAllGroupSessions.ts | ||
| deletePad.ts | ||
| extractPadData.ts | ||
| fastRun.sh | ||
| functions.sh | ||
| generateReleaseNotes.ts | ||
| importSqlFile.ts | ||
| installDeps.sh | ||
| installer.ps1 | ||
| installer.sh | ||
| installLocalPlugins.sh | ||
| installOnWindows.bat | ||
| make_docs.ts | ||
| migrateDB.ts | ||
| migrateDirtyDBtoRealDB.ts | ||
| package.json | ||
| plugins.ts | ||
| push-after-release.sh | ||
| rebuildPad.ts | ||
| release.ts | ||
| repairPad.ts | ||
| run.sh | ||
| safeRun.sh | ||
| setup-trusted-publishers.sh | ||
| tsconfig.json | ||
| updatePlugins.sh | ||