Skip to content

fix(ci): replace company registry URLs in lockfile, pin public registry; fix token-validation tests#267

Merged
davidruzicka merged 2 commits into
mainfrom
fix/ci-registry-lockfile
May 6, 2026
Merged

fix(ci): replace company registry URLs in lockfile, pin public registry; fix token-validation tests#267
davidruzicka merged 2 commits into
mainfrom
fix/ci-registry-lockfile

Conversation

@davidruzicka
Copy link
Copy Markdown
Owner

@davidruzicka davidruzicka commented May 6, 2026
edited
Loading

Agent authored:

Summary

  • 12 packages in package-lock.json had resolved URLs pointing to npm.repo.ops.iszn.cz (company-internal registry, unreachable from GitHub Actions runners)
  • Root cause: npm audit fix run locally with company registry configured globally rewrote lockfile resolved URLs
  • Add .npmrc with registry=https://registry.npmjs.org so future local npm install/npm audit fix always uses the public registry
  • Fix pre-existing test failures in token-validation.test.ts: commit 2fa6fd8 intentionally changed invalid-token rejection from HTTP 401 to JSON-RPC HTTP 200 (to avoid triggering OAuth flow in degraded OAuth state), but tests were not updated

Test plan

  • CI npm ci passes (no more ENOTFOUND for npm.repo.ops.iszn.cz)
  • token-validation tests pass (8/8)
  • All other tests pass

@davidruzicka @claude
fix(ci): replace company registry URLs in lockfile, pin public registry
ab0a753 
12 packages had resolved URLs pointing to npm.repo.ops.iszn.cz which is
unreachable from GitHub Actions runners. Caused by running npm audit fix
locally with company registry configured globally.

- Replace all npm.repo.ops.iszn.cz URLs with registry.npmjs.org in lockfile
- Add .npmrc with registry=https://registry.npmjs.org to prevent recurrence

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@codecov
Copy link
Copy Markdown

codecov Bot commented May 6, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ All tests successful. No failed tests found.

📢 Thoughts on this report? Let us know!

@davidruzicka @claude
fix(tests): update token-validation tests to expect JSON-RPC error
d85ec74 
Commit 2fa6fd8 intentionally changed invalid-token rejection from
HTTP 401 to JSON-RPC HTTP 200 to avoid triggering OAuth flow in
clients when OAuth is degraded; tests were not updated at that time.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@davidruzicka davidruzicka changed the title fix(ci): replace company registry URLs in lockfile, pin public registry fix(ci): replace company registry URLs in lockfile, pin public registry; fix token-validation tests May 6, 2026
@davidruzicka davidruzicka merged commit b68b6a0 into main May 6, 2026
12 checks passed
@davidruzicka davidruzicka deleted the fix/ci-registry-lockfile branch May 6, 2026 14:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@davidruzicka