Refactor removal policy and harden CI npm auth#21
Conversation
This comment has been minimized.
This comment has been minimized.
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
Jercik
force-pushed
the
refactor-policy
branch
2 times, most recently
from
76dc1fd to
eb9b3ae
Compare
This comment has been minimized.
This comment has been minimized.
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
Jercik
changed the title
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
Consolidate runtime removal flags into a shared policy module to simplify orchestration seams and improve maintainability. Configure the quality-checks workflow to inject NPM_TOKEN for npm.j4k.dev, then restore the managed oxlint-config-j4k setup used by this repository. Made-with: Cursor
This comment has been minimized.
This comment has been minimized.
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
| cache: "pnpm" | ||
|
|
||
| - name: Configure npm.j4k.dev auth | ||
| if: ${{ env.NPM_TOKEN != '' }} |
There was a problem hiding this comment.
ℹ️ Info: When NPM_TOKEN is missing/empty, this step silently skips and pnpm install --frozen-lockfile later fails with a cryptic registry auth error. The job-level if on line 13 already excludes fork PRs, so the only remaining case where NPM_TOKEN would be empty is a misconfigured repository secret — exactly when a fast, explicit failure helps the maintainer. release-npm.yml (lines 52–55) already does this with [ -z "${NPM_TOKEN}" ] && echo "NPM_TOKEN is required..." && exit 1. Consider matching that pattern here and in .github/workflows/dedupe-check.yml line 36 for consistency.
|
🎉 This PR is included in version 1.4.2 🎉 The release is available on: Your semantic-release bot 📦🚀 |
2 participants
Summary
RemovalPolicyand thread policy through CLI orchestration/removal flownpm.j4k.devauth in checks, release, and dedupe workflows while documenting fork PR secret constraintspublishConfigpackage.jsonenginesTest plan
pnpm format:checkpnpm lintpnpm typecheckpnpm testpnpm buildpnpm knippnpm fta