Skip to content

feat(TU-33149): Use an explicit --registry flag for jarvis install #712

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
tom-ridsdale merged 1 commit into from
Dec 10, 2025
Merged

feat(TU-33149): Use an explicit --registry flag for jarvis install #712

tom-ridsdale merged 1 commit into from
Dec 10, 2025

Conversation

@tom-ridsdale
Copy link
Contributor

@tom-ridsdale tom-ridsdale commented Dec 10, 2025
edited
Loading

The workflow was setting a global registry override for @Typeform scoped packages:
npm config set @typeform:registry https://npm.pkg.github.com/

Idea is that this stayed in effect during the release, causing semantic-release to check authentication against GitHub Packages instead of npmjs.org, resulting in the error.

https://typeform.slack.com/archives/C01HXMZGU9E/p1765375968262809?thread_ts=1765366708.689729&cid=C01HXMZGU9E

@tom-ridsdale tom-ridsdale marked this pull request as ready for review December 10, 2025 11:18
@tom-ridsdale tom-ridsdale requested a review from a team as a code owner December 10, 2025 11:18
@gitstream-cm
Copy link

gitstream-cm bot commented Dec 10, 2025

🥷 Code experts: tf-security

tf-security has most 👩‍💻 activity in the files.
tf-security has most 🧠 knowledge in the files.

See details

.github/workflows/release.yml

Activity based on git-commit:

tf-security
DEC
NOV
OCT
SEP
AUG
JUL 81 additions & 0 deletions

Knowledge based on git-blame:
tf-security: 95%

✨ Comment /gs review for LinearB AI review. Learn how to automate it here.

@tom-ridsdale
Copy link
Contributor Author

tom-ridsdale commented Dec 10, 2025

Sonarcloud issues un-related.

joycevherck
joycevherck previously approved these changes Dec 10, 2025
View reviewed changes
@tom-ridsdale tom-ridsdale changed the title feat(TU-33149): Remove NPM token from release workflow feat(TU-33149): Use an explicit --registry flag for jarvis install Dec 10, 2025
@sonarqubecloud
Copy link

sonarqubecloud bot commented Dec 10, 2025

Quality Gate Passed Quality Gate passed

Issues
60 New issues
0 Accepted issues

Measures
1 Security Hotspot
76.5% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@typeform-ops-gha
Copy link

typeform-ops-gha commented Dec 10, 2025

[BOT] Preview available with hash 908346f4042406e25bbc4dbaa80b4877ee8bd4ca here.

@tom-ridsdale tom-ridsdale merged commit 0d7c64a into main Dec 10, 2025
15 checks passed
@tom-ridsdale tom-ridsdale deleted the feat/TU-33149 branch December 10, 2025 14:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@promiseNwafor promiseNwafor promiseNwafor approved these changes

@joycevherck joycevherck joycevherck left review comments

Assignees

No one assigned

Labels

1 min review

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@tom-ridsdale @typeform-ops-gha @joycevherck @promiseNwafor