fix(ci): upgrade npm for trusted publishing#42
Conversation
|
Warning Rate limit exceeded
Your organization is not enrolled in usage-based pricing. Contact your admin to enable usage-based pricing to continue reviews beyond the rate limit, or try again in 8 minutes and 27 seconds. ⌛ How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. Please see our FAQ for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (1)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
commit: |
There was a problem hiding this comment.
Pull request overview
Follow-up PR that adjusts the release workflow to ensure npm is new enough to support npm “trusted publishing” / provenance during publish.
Changes:
- Adds a step in the
publish-npmjob to upgrade npm before installing dependencies and runningnpm publish --provenance.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| cache: pnpm | ||
|
|
||
| - name: Upgrade npm for trusted publishing | ||
| run: npm install --global npm@^11.10.0 |
There was a problem hiding this comment.
npm@^11.10.0 makes the release workflow non-deterministic (it can change over time as new 11.x versions are published), which can lead to unexpected publish failures or behavior changes. Consider pinning to an exact npm version (or documenting why a floating range is acceptable for releases).
| run: npm install --global npm@^11.10.0 | |
| run: npm install --global npm@11.10.0 |
Summary
No known vulnerabilities found
ℹ Building docs-cache
ℹ Cleaning dist directory: ./dist
✔ Build succeeded for docs-cache
dist/esm (total size: 173 kB)
└─ dist/esm/cli/types.mjs
└─ dist/esm/cache/cache-layout.mjs (444 B)
└─ dist/esm/api.d.ts (804 B)
└─ dist/esm/commands/add.d.ts (422 B)
└─ dist/esm/cli/exit-code.d.ts (268 B)
└─ dist/esm/git/cache-dir.d.ts (497 B)
└─ dist/esm/types/sync.d.ts (619 B)
└─ dist/esm/gitignore.d.ts (460 B)
└─ dist/esm/config/index.mjs (6.32 kB)
└─ dist/esm/errors.mjs (322 B)
└─ dist/esm/api.mjs (804 B)
└─ dist/esm/paths.d.ts (438 B)
└─ dist/esm/gitignore.mjs (2.58 kB)
└─ dist/esm/types/sync.mjs
└─ dist/esm/paths.mjs (1.26 kB)
└─ dist/esm/errors.d.ts (211 B)
└─ dist/esm/source-id.mjs (1.34 kB)
└─ dist/esm/source-id.d.ts (84 B)
└─ dist/esm/cache/cache-layout.d.ts (98 B)
└─ dist/esm/is-record.mjs (105 B)
└─ dist/esm/cache/materialize.mjs (13.5 kB)
└─ dist/esm/cache/manifest.mjs (2.07 kB)
└─ dist/esm/cache/targets.mjs (2.51 kB)
└─ dist/esm/is-record.d.ts (85 B)
└─ dist/esm/cache/targets.d.ts (530 B)
└─ dist/esm/cache/manifest.d.ts (434 B)
└─ dist/esm/cache/lock.mjs (2.87 kB)
└─ dist/esm/cache/toc.mjs (5.2 kB)
└─ dist/esm/cache/toc.d.ts (384 B)
└─ dist/esm/cli/live-output.d.ts (335 B)
└─ dist/esm/cli/index.d.ts (136 B)
└─ dist/esm/cache/lock.d.ts (693 B)
└─ dist/esm/cli/live-output.mjs (909 B)
└─ dist/esm/cache/materialize.d.ts (710 B)
└─ dist/esm/cli/run.d.ts (11 B)
└─ dist/esm/cli/parse-args.d.ts (483 B)
└─ dist/esm/cli/run.mjs (43 B)
└─ dist/esm/cli/task-reporter.mjs (3.75 kB)
└─ dist/esm/cli/task-reporter.d.ts (982 B)
└─ dist/esm/cli/parse-args.mjs (11.2 kB)
└─ dist/esm/cli/ui.d.ts (777 B)
└─ dist/esm/cli/types.d.ts (1.19 kB)
└─ dist/esm/cli/exit-code.mjs (81 B)
└─ dist/esm/cli/ui.mjs (1.77 kB)
└─ dist/esm/cli/index.mjs (13.6 kB)
└─ dist/esm/commands/clean.d.ts (226 B)
└─ dist/esm/commands/add.mjs (2.56 kB)
└─ dist/esm/commands/clean.mjs (720 B)
└─ dist/esm/commands/pin.d.ts (612 B)
└─ dist/esm/commands/init.d.ts (576 B)
└─ dist/esm/commands/prune.mjs (1.33 kB)
└─ dist/esm/commands/pin.mjs (3.46 kB)
└─ dist/esm/commands/prune.d.ts (242 B)
└─ dist/esm/commands/remove.d.ts (251 B)
└─ dist/esm/commands/init.mjs (5.66 kB)
└─ dist/esm/commands/status.d.ts (432 B)
└─ dist/esm/commands/status.mjs (2.51 kB)
└─ dist/esm/commands/remove.mjs (2.82 kB)
└─ dist/esm/commands/sync.mjs (22.8 kB)
└─ dist/esm/commands/sync.d.ts (1.05 kB)
└─ dist/esm/commands/verify.d.ts (318 B)
└─ dist/esm/commands/update.d.ts (813 B)
└─ dist/esm/commands/update.mjs (1.57 kB)
└─ dist/esm/commands/verify.mjs (3.57 kB)
└─ dist/esm/commands/clean-git-cache.d.ts (264 B)
└─ dist/esm/commands/clean-git-cache.mjs (1.23 kB)
└─ dist/esm/config/index.d.ts (1.06 kB)
└─ dist/esm/config/schema.d.ts (6.26 kB)
└─ dist/esm/config/io.mjs (3.22 kB)
└─ dist/esm/config/schema.mjs (2.4 kB)
└─ dist/esm/git/cache-dir.mjs (715 B)
└─ dist/esm/config/io.d.ts (1.02 kB)
└─ dist/esm/git/git-env.mjs (1.15 kB)
└─ dist/esm/git/redact.mjs (141 B)
└─ dist/esm/git/git-env.d.ts (142 B)
└─ dist/esm/git/redact.d.ts (62 B)
└─ dist/esm/git/resolve-remote.d.ts (480 B)
└─ dist/esm/git/fetch-source.d.ts (485 B)
└─ dist/esm/git/resolve-remote.mjs (2.5 kB)
└─ dist/esm/git/resolve-repo.d.ts (148 B)
└─ dist/esm/git/resolve-repo.mjs (2.03 kB)
└─ dist/esm/git/fetch-source.mjs (16.7 kB)
dist/api.mjs (total size: 740 B, chunk size: 740 B, exports: DEFAULT_LOCK_FILENAME, applyTargetDir, cleanCache, cleanGitCache, enforceHostAllowlist, initConfig, loadConfig, parseArgs, parseLsRemote, pinSources, printSyncPlan, pruneCache, redactRepoUrl, removeSources, resolveRepoInput, runSync, updateSources, verifyCache)
dist/cli.mjs (total size: 8.79 kB, chunk size: 8.79 kB, exports: CLI_NAME, main)
dist/lock.mjs (total size: 1.76 kB, chunk size: 1.76 kB, exports: DEFAULT_LOCK_FILENAME, readLock, resolveLockPath, validateLock, writeLock)
Σ Total dist size (byte size): 218 kB
Size limit: 10 kB
Size: 2.26 kB brotlied
[INFO] Successfully set the pre-commit with command: pnpm lint && pnpm lint-staged && pnpm typecheck
[INFO] Successfully set the pre-push with command: pnpm lint
[INFO] Successfully set all git hooks) unchanged