Skip to content

ci: validate npm publish authentication before publishing#437

Draft
radist2s wants to merge 1 commit into
mainfrom
chore/add-npm-publish-debug
Draft

ci: validate npm publish authentication before publishing#437
radist2s wants to merge 1 commit into
mainfrom
chore/add-npm-publish-debug

Conversation

@radist2s
Copy link
Copy Markdown
Collaborator

@radist2s radist2s commented May 14, 2026

No description provided.

@changeset-bot
Copy link
Copy Markdown

changeset-bot Bot commented May 14, 2026

⚠️ No Changeset found

Latest commit: 15fd08c

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

github-advanced-security[bot]
github-advanced-security AI found potential problems May 14, 2026
View reviewed changes
Comment thread .changeset/publish.sh
echo "Checking npm publish authentication"

for scope in $NPM_PUBLISH_SCOPES; do
if ! yarn npm whoami --scope "$scope" --publish; then
Comment thread .changeset/publish.sh
publish_failed() {
echo "Error: npm publish failed." >&2
echo "If npm reports a two-factor authentication error, use a granular access token with write access and bypass 2FA enabled for the published packages." >&2
echo "The whoami preflight only verifies that the token is recognized by the publish registry; npm can still reject the actual package PUT for 2FA or package-level permission reasons." >&2
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 14, 2026

@check-spelling-bot Report

🔴 Please review

See the 📂 files view, the 📜action log, or 📝 job summary for details.

Unrecognized words (1)

whoami

To accept these unrecognized words as correct, you could run the following commands

... in a clone of the git@github.com:OpenAPI-Qraft/openapi-qraft.git repository
on the chore/add-npm-publish-debug branch (ℹ️ how do I use this?):

curl -s -S -L 'https://raw.githubusercontent.com/check-spelling/check-spelling/v0.0.24/apply.pl' |
perl - 'https://github.com/OpenAPI-Qraft/openapi-qraft/actions/runs/25860600524/attempts/1'

OR

To have the bot accept them for you, comment in the PR quoting the following line:
@check-spelling-bot apply updates.

If the flagged items are 🤯 false positives

If items relate to a ...

  • binary file (or some other file you wouldn't want to check at all).

    Please add a file path to the excludes.txt file matching the containing file.

    File paths are Perl 5 Regular Expressions - you can test yours before committing to verify it will match your files.

    ^ refers to the file's path from the root of the repository, so ^README\.md$ would exclude README.md (on whichever branch you're using).

  • well-formed pattern.

    If you can write a pattern that would match it,
    try adding it to the patterns.txt file.

    Patterns are Perl 5 Regular Expressions - you can test yours before committing to verify it will match your lines.

    Note that patterns can't match multiline strings.

🚂 If you're seeing this message and your PR is from a branch that doesn't have check-spelling,
please merge to your PR's base branch to get the version configured for your repository.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@github-advanced-security github-advanced-security[bot] github-advanced-security[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@radist2s @github-advanced-security