Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Reset npm token before yarn install to fix npm publish script #902

Closed
wants to merge 1 commit into from
Closed

Reset npm token before yarn install to fix npm publish script #902

wants to merge 1 commit into from

Conversation

jacdebug
Copy link
Contributor

@jacdebug jacdebug commented Dec 1, 2022

Summary

Issue:
Last two release of metro is not published to npm v0.73.5 and v0.73.4, npm still have v0.73.3.

Reason:
In circle CI the job publish-to-npm is failing because of a preinstall validation which checks for presence of NPM_TOKEN while running yarn install.

Fix:
From file blame I see previously NPM_TOKEN were reset just before yarn install. I am restoring the fix with a comment to make it clear.

Test plan

ssh into circle-ci and ran NPM_TOKEN= yarn --frozen-lockfile --non-interactive and can see yarn install working as expected.

Before:

circleci@host:~/project$ yarn --frozen-lockfile --non-interactive
yarn install v1.22.18
$ node ./scripts/preinstall.js
yarn has been executed with a NPM_TOKEN environment variable set.
This poses a risk since that token can be leaked to external libraries.
Please make sure that any token gets deleted before running yarn.
error Command failed with exit code 1.
info Visit https://yarnpkg.com/en/docs/cli/install for documentation about this command.

After:

circleci@host:~/project$ NPM_TOKEN= yarn --frozen-lockfile --non-interactive
yarn install v1.22.18
$ node ./scripts/preinstall.js
[1/4] Resolving packages...
[2/4] Fetching packages...
[3/4] Linking dependencies...
warning " > eslint-plugin-ft-flow@2.0.1" has unmet peer dependency "@babel/eslint-parser@^7.12.0".
warning "eslint-plugin-jest > @typescript-eslint/utils > @typescript-eslint/typescript-estree > tsutils@3.21.0" has unmet peer dependency "typescript@>=2.8.0 || >= 3.2.0-dev || >= 3.3.0-dev || >= 3.4.0-dev || >= 3.5.0-dev || >= 3.6.0-dev || >= 3.6.0-beta || >= 3.7.0-dev || >= 3.7.0-beta".
[4/4] Building fresh packages...
$ node ./scripts/build.js
Building packages (using Babel v7.14.0)
buck-worker-tool...............................................................[  OK  ]
metro..........................................................................[  OK  ]
metro-babel-register...........................................................[  OK  ]
metro-babel-transformer........................................................[  OK  ]
metro-cache....................................................................[  OK  ]
metro-cache-key................................................................[  OK  ]
metro-config...................................................................[  OK  ]
metro-core.....................................................................[  OK  ]
metro-file-map.................................................................[  OK  ]
metro-hermes-compiler..........................................................[BABEL] Note: The code generator has deoptimised the styling of /home/circleci/project/packages/metro-hermes-compiler/src/emhermesc.js as it exceeds the max of 500KB.
[  OK  ]
metro-inspector-proxy..........................................................[  OK  ]
metro-memory-fs................................................................[  OK  ]
metro-minify-terser............................................................[  OK  ]
metro-minify-uglify............................................................[  OK  ]
metro-react-native-babel-preset................................................[  OK  ]
metro-react-native-babel-transformer...........................................[  OK  ]
metro-react-native-interop-tools...............................................[  OK  ]
metro-resolver.................................................................[  OK  ]
metro-runtime..................................................................[  OK  ]
metro-source-map...............................................................[  OK  ]
metro-symbolicate..............................................................[  OK  ]
metro-transform-plugins........................................................[  OK  ]
metro-transform-worker.........................................................[  OK  ]
ob1............................................................................[  OK  ]

Done in 23.03s.

@facebook-github-bot facebook-github-bot added the CLA Signed This label is managed by the Facebook bot. Authors need to sign the CLA before a PR can be reviewed. label Dec 1, 2022
@facebook-github-bot
Copy link
Contributor

@jacdebug has imported this pull request. If you are a Meta employee, you can view this diff on Phabricator.

@huntie huntie self-requested a review December 1, 2022 09:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@huntie huntie Awaiting requested review from huntie

Assignees
No one assigned
Labels
CLA Signed This label is managed by the Facebook bot. Authors need to sign the CLA before a PR can be reviewed.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@jacdebug @facebook-github-bot