diff --git a/.github/workflows/kmp-ci.yml b/.github/workflows/kmp-ci.yml index edd6ebec0..b2cd1c9d6 100644 --- a/.github/workflows/kmp-ci.yml +++ b/.github/workflows/kmp-ci.yml @@ -1,5 +1,8 @@ name: KMP CI +permissions: + contents: read + on: pull_request: paths: ["packages/kmp-sdk/**", "packages/kmp-test-app/**"] diff --git a/.github/workflows/npm-publish.yml b/.github/workflows/npm-publish.yml index d714e07dc..22a467492 100644 --- a/.github/workflows/npm-publish.yml +++ b/.github/workflows/npm-publish.yml @@ -13,8 +13,8 @@ on: - "contracts/package.json" workflow_dispatch: inputs: - strict_mode: - description: "Fail workflow on publish errors (false = continue on error)" + dry_run: + description: "Run publish with --dry-run" required: false type: boolean default: false @@ -23,18 +23,9 @@ permissions: id-token: write # Required for OIDC contents: read -# Error Handling Strategy: -# - STRICT_PUBLISH_MODE controls whether publish failures stop the workflow -# - Current (false): continue-on-error=true, workflow always succeeds -# - Target (true): continue-on-error=false, fail on real errors (expired tokens, network issues) -# - Manual override: Use workflow_dispatch with strict_mode input to test -# TODO: Set STRICT_PUBLISH_MODE=true once NPM token is rotated and verified -env: - STRICT_PUBLISH_MODE: false - jobs: detect-changes: - runs-on: ubuntu-latest + runs-on: ubuntu-slim outputs: core_changed: ${{ steps.check-version.outputs.core_changed }} qrcode_changed: ${{ steps.check-version.outputs.qrcode_changed }} @@ -101,37 +92,50 @@ jobs: run: | yarn workspace @selfxyz/core build:deps - - name: Check NPM Token - id: check-token + - name: Check version not already published + id: check_version + working-directory: sdk/core run: | - if [ -z "${{ secrets.NPM_TOKEN }}" ]; then - echo "⚠️ Warning: NPM_TOKEN is not set. Skipping publish." - echo "token_available=false" >> $GITHUB_OUTPUT - else - echo "token_available=true" >> $GITHUB_OUTPUT + NAME=$(node -p "require('./package.json').name") + VERSION=$(node -p "require('./package.json').version") + if npm view "$NAME@$VERSION" version 2>/dev/null; then + echo "::error::Version $VERSION of $NAME is already published on npm. Bump the version in package.json to publish." + exit 1 fi - - name: Publish to npm - if: steps.check-token.outputs.token_available == 'true' + - name: "Pack with yarn (resolves workspace: protocol)" + working-directory: sdk/core + run: yarn pack --out package.tgz + + - name: Publish to npm working-directory: sdk/core - continue-on-error: ${{ github.event.inputs.strict_mode != 'true' && env.STRICT_PUBLISH_MODE != 'true' }} id: publish run: | - yarn config set npmPublishAccess public - yarn npm publish --access public - env: - NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} - NPM_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + DRY_RUN="${{ github.event.inputs.dry_run == 'true' && '--dry-run' || '' }}" + VERSION=$(node -p "require('./package.json').version") + TAG=$([[ "$VERSION" == *-* ]] && echo "--tag beta" || echo "") + npx npm@latest publish package.tgz --access public $TAG $DRY_RUN - name: Publish result if: always() run: | - if [ "${{ steps.check-token.outputs.token_available }}" != "true" ]; then - echo "::warning::NPM publish skipped - NPM_TOKEN not configured. Please rotate the token in repository secrets." - elif [ "${{ steps.publish.outcome }}" != "success" ]; then - echo "::warning::NPM publish failed - This may be due to an expired or invalid NPM_TOKEN. Please check and rotate the token." + OUTCOME="${{ steps.publish.outcome }}" + DRY_RUN="${{ github.event.inputs.dry_run }}" + CHECK_OUTCOME="${{ steps.check_version.outcome }}" + if [ "$OUTCOME" = "success" ]; then + if [ "$DRY_RUN" = "true" ]; then + echo "✅ Dry run completed (no package uploaded)" + else + echo "✅ Package published successfully" + fi + elif [ "$OUTCOME" = "skipped" ]; then + if [ "$CHECK_OUTCOME" = "failure" ]; then + echo "::warning::Publish skipped: this version is already published on npm. Bump the version in package.json to publish." + else + echo "::warning::Publish step was skipped (e.g. an earlier step failed)." + fi else - echo "✅ Package published successfully" + echo "::warning::NPM publish failed. For @selfxyz/core we use Trusted Publishers (OIDC); check workflow and npm package settings." fi publish-qrcode: @@ -153,37 +157,50 @@ jobs: run: | yarn workspace @selfxyz/qrcode build:deps - - name: Check NPM Token - id: check-token + - name: Check version not already published + id: check_version + working-directory: sdk/qrcode run: | - if [ -z "${{ secrets.NPM_TOKEN }}" ]; then - echo "⚠️ Warning: NPM_TOKEN is not set. Skipping publish." - echo "token_available=false" >> $GITHUB_OUTPUT - else - echo "token_available=true" >> $GITHUB_OUTPUT + NAME=$(node -p "require('./package.json').name") + VERSION=$(node -p "require('./package.json').version") + if npm view "$NAME@$VERSION" version 2>/dev/null; then + echo "::error::Version $VERSION of $NAME is already published on npm. Bump the version in package.json to publish." + exit 1 fi - - name: Publish to npm - if: steps.check-token.outputs.token_available == 'true' + - name: "Pack with yarn (resolves workspace: protocol)" + working-directory: sdk/qrcode + run: yarn pack --out package.tgz + + - name: Publish to npm working-directory: sdk/qrcode - continue-on-error: ${{ github.event.inputs.strict_mode != 'true' && env.STRICT_PUBLISH_MODE != 'true' }} id: publish run: | - yarn config set npmPublishAccess public - yarn npm publish --access public - env: - NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} - NPM_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + DRY_RUN="${{ github.event.inputs.dry_run == 'true' && '--dry-run' || '' }}" + VERSION=$(node -p "require('./package.json').version") + TAG=$([[ "$VERSION" == *-* ]] && echo "--tag beta" || echo "") + npx npm@latest publish package.tgz --access public $TAG $DRY_RUN - name: Publish result if: always() run: | - if [ "${{ steps.check-token.outputs.token_available }}" != "true" ]; then - echo "::warning::NPM publish skipped - NPM_TOKEN not configured. Please rotate the token in repository secrets." - elif [ "${{ steps.publish.outcome }}" != "success" ]; then - echo "::warning::NPM publish failed - This may be due to an expired or invalid NPM_TOKEN. Please check and rotate the token." + OUTCOME="${{ steps.publish.outcome }}" + DRY_RUN="${{ github.event.inputs.dry_run }}" + CHECK_OUTCOME="${{ steps.check_version.outcome }}" + if [ "$OUTCOME" = "success" ]; then + if [ "$DRY_RUN" = "true" ]; then + echo "✅ Dry run completed (no package uploaded)" + else + echo "✅ Package published successfully" + fi + elif [ "$OUTCOME" = "skipped" ]; then + if [ "$CHECK_OUTCOME" = "failure" ]; then + echo "::warning::Publish skipped: this version is already published on npm. Bump the version in package.json to publish." + else + echo "::warning::Publish step was skipped (e.g. an earlier step failed)." + fi else - echo "✅ Package published successfully" + echo "::warning::NPM publish failed. For @selfxyz/qrcode we use Trusted Publishers (OIDC); check workflow and npm package settings." fi publish-common: @@ -204,37 +221,50 @@ jobs: run: | yarn workspace @selfxyz/common build - - name: Check NPM Token - id: check-token + - name: Check version not already published + id: check_version + working-directory: common run: | - if [ -z "${{ secrets.NPM_TOKEN }}" ]; then - echo "⚠️ Warning: NPM_TOKEN is not set. Skipping publish." - echo "token_available=false" >> $GITHUB_OUTPUT - else - echo "token_available=true" >> $GITHUB_OUTPUT + NAME=$(node -p "require('./package.json').name") + VERSION=$(node -p "require('./package.json').version") + if npm view "$NAME@$VERSION" version 2>/dev/null; then + echo "::error::Version $VERSION of $NAME is already published on npm. Bump the version in package.json to publish." + exit 1 fi - - name: Publish to npm - if: steps.check-token.outputs.token_available == 'true' + - name: "Pack with yarn (resolves workspace: protocol)" + working-directory: common + run: yarn pack --out package.tgz + + - name: Publish to npm working-directory: common - continue-on-error: ${{ github.event.inputs.strict_mode != 'true' && env.STRICT_PUBLISH_MODE != 'true' }} id: publish run: | - yarn config set npmPublishAccess public - yarn npm publish --access public - env: - NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} - NPM_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + DRY_RUN="${{ github.event.inputs.dry_run == 'true' && '--dry-run' || '' }}" + VERSION=$(node -p "require('./package.json').version") + TAG=$([[ "$VERSION" == *-* ]] && echo "--tag beta" || echo "") + npx npm@latest publish package.tgz --access public $TAG $DRY_RUN - name: Publish result if: always() run: | - if [ "${{ steps.check-token.outputs.token_available }}" != "true" ]; then - echo "::warning::NPM publish skipped - NPM_TOKEN not configured. Please rotate the token in repository secrets." - elif [ "${{ steps.publish.outcome }}" != "success" ]; then - echo "::warning::NPM publish failed - This may be due to an expired or invalid NPM_TOKEN. Please check and rotate the token." + OUTCOME="${{ steps.publish.outcome }}" + DRY_RUN="${{ github.event.inputs.dry_run }}" + CHECK_OUTCOME="${{ steps.check_version.outcome }}" + if [ "$OUTCOME" = "success" ]; then + if [ "$DRY_RUN" = "true" ]; then + echo "✅ Dry run completed (no package uploaded)" + else + echo "✅ Package published successfully" + fi + elif [ "$OUTCOME" = "skipped" ]; then + if [ "$CHECK_OUTCOME" = "failure" ]; then + echo "::warning::Publish skipped: this version is already published on npm. Bump the version in package.json to publish." + else + echo "::warning::Publish step was skipped (e.g. an earlier step failed)." + fi else - echo "✅ Package published successfully" + echo "::warning::NPM publish failed. For @selfxyz/common we use Trusted Publishers (OIDC); check workflow and npm package settings." fi publish-contracts: needs: detect-changes @@ -252,37 +282,51 @@ jobs: - name: Build package run: | yarn workspace @selfxyz/contracts build - - name: Check NPM Token - id: check-token + + - name: Check version not already published + id: check_version + working-directory: contracts run: | - if [ -z "${{ secrets.NPM_TOKEN }}" ]; then - echo "⚠️ Warning: NPM_TOKEN is not set. Skipping publish." - echo "token_available=false" >> $GITHUB_OUTPUT - else - echo "token_available=true" >> $GITHUB_OUTPUT + NAME=$(node -p "require('./package.json').name") + VERSION=$(node -p "require('./package.json').version") + if npm view "$NAME@$VERSION" version 2>/dev/null; then + echo "::error::Version $VERSION of $NAME is already published on npm. Bump the version in package.json to publish." + exit 1 fi - - name: Publish to npm - if: steps.check-token.outputs.token_available == 'true' + - name: "Pack with yarn (resolves workspace: protocol)" + working-directory: contracts + run: yarn pack --out package.tgz + + - name: Publish to npm working-directory: contracts - continue-on-error: ${{ github.event.inputs.strict_mode != 'true' && env.STRICT_PUBLISH_MODE != 'true' }} id: publish run: | - yarn config set npmPublishAccess public - yarn npm publish --access public - env: - NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} - NPM_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + DRY_RUN="${{ github.event.inputs.dry_run == 'true' && '--dry-run' || '' }}" + VERSION=$(node -p "require('./package.json').version") + TAG=$([[ "$VERSION" == *-* ]] && echo "--tag beta" || echo "") + npx npm@latest publish package.tgz --access public $TAG $DRY_RUN - name: Publish result if: always() run: | - if [ "${{ steps.check-token.outputs.token_available }}" != "true" ]; then - echo "::warning::NPM publish skipped - NPM_TOKEN not configured. Please rotate the token in repository secrets." - elif [ "${{ steps.publish.outcome }}" != "success" ]; then - echo "::warning::NPM publish failed - This may be due to an expired or invalid NPM_TOKEN. Please check and rotate the token." + OUTCOME="${{ steps.publish.outcome }}" + DRY_RUN="${{ github.event.inputs.dry_run }}" + CHECK_OUTCOME="${{ steps.check_version.outcome }}" + if [ "$OUTCOME" = "success" ]; then + if [ "$DRY_RUN" = "true" ]; then + echo "✅ Dry run completed (no package uploaded)" + else + echo "✅ Package published successfully" + fi + elif [ "$OUTCOME" = "skipped" ]; then + if [ "$CHECK_OUTCOME" = "failure" ]; then + echo "::warning::Publish skipped: this version is already published on npm. Bump the version in package.json to publish." + else + echo "::warning::Publish step was skipped (e.g. an earlier step failed)." + fi else - echo "✅ Package published successfully" + echo "::warning::NPM publish failed. For @selfxyz/contracts we use Trusted Publishers (OIDC); check workflow and npm package settings." fi publish-qrcode-angular: needs: detect-changes @@ -303,37 +347,50 @@ jobs: run: | yarn workspace @selfxyz/qrcode-angular build:deps - - name: Check NPM Token - id: check-token + - name: Check version not already published + id: check_version + working-directory: sdk/qrcode-angular run: | - if [ -z "${{ secrets.NPM_TOKEN }}" ]; then - echo "⚠️ Warning: NPM_TOKEN is not set. Skipping publish." - echo "token_available=false" >> $GITHUB_OUTPUT - else - echo "token_available=true" >> $GITHUB_OUTPUT + NAME=$(node -p "require('./package.json').name") + VERSION=$(node -p "require('./package.json').version") + if npm view "$NAME@$VERSION" version 2>/dev/null; then + echo "::error::Version $VERSION of $NAME is already published on npm. Bump the version in package.json to publish." + exit 1 fi - - name: Publish to npm - if: steps.check-token.outputs.token_available == 'true' + - name: "Pack with yarn (resolves workspace: protocol)" + working-directory: sdk/qrcode-angular + run: yarn pack --out package.tgz + + - name: Publish to npm working-directory: sdk/qrcode-angular - continue-on-error: ${{ github.event.inputs.strict_mode != 'true' && env.STRICT_PUBLISH_MODE != 'true' }} id: publish run: | - yarn config set npmPublishAccess public - yarn npm publish --access public - env: - NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} - NPM_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + DRY_RUN="${{ github.event.inputs.dry_run == 'true' && '--dry-run' || '' }}" + VERSION=$(node -p "require('./package.json').version") + TAG=$([[ "$VERSION" == *-* ]] && echo "--tag beta" || echo "") + npx npm@latest publish package.tgz --access public $TAG $DRY_RUN - name: Publish result if: always() run: | - if [ "${{ steps.check-token.outputs.token_available }}" != "true" ]; then - echo "::warning::NPM publish skipped - NPM_TOKEN not configured. Please rotate the token in repository secrets." - elif [ "${{ steps.publish.outcome }}" != "success" ]; then - echo "::warning::NPM publish failed - This may be due to an expired or invalid NPM_TOKEN. Please check and rotate the token." + OUTCOME="${{ steps.publish.outcome }}" + DRY_RUN="${{ github.event.inputs.dry_run }}" + CHECK_OUTCOME="${{ steps.check_version.outcome }}" + if [ "$OUTCOME" = "success" ]; then + if [ "$DRY_RUN" = "true" ]; then + echo "✅ Dry run completed (no package uploaded)" + else + echo "✅ Package published successfully" + fi + elif [ "$OUTCOME" = "skipped" ]; then + if [ "$CHECK_OUTCOME" = "failure" ]; then + echo "::warning::Publish skipped: this version is already published on npm. Bump the version in package.json to publish." + else + echo "::warning::Publish step was skipped (e.g. an earlier step failed)." + fi else - echo "✅ Package published successfully" + echo "::warning::NPM publish failed. For @selfxyz/qrcode-angular we use Trusted Publishers (OIDC); check workflow and npm package settings." fi publish-msdk: @@ -356,35 +413,30 @@ jobs: yarn workspace @selfxyz/common build yarn workspace @selfxyz/mobile-sdk-alpha build - - name: Check NPM Token - id: check-token - run: | - if [ -z "${{ secrets.NPM_TOKEN }}" ]; then - echo "⚠️ Warning: NPM_TOKEN is not set. Skipping publish." - echo "token_available=false" >> $GITHUB_OUTPUT - else - echo "token_available=true" >> $GITHUB_OUTPUT - fi + - name: "Pack with yarn (resolves workspace: protocol)" + working-directory: packages/mobile-sdk-alpha + run: yarn pack --out package.tgz - name: Publish to npm - if: steps.check-token.outputs.token_available == 'true' working-directory: packages/mobile-sdk-alpha - continue-on-error: ${{ github.event.inputs.strict_mode != 'true' && env.STRICT_PUBLISH_MODE != 'true' }} id: publish run: | - yarn config set npmPublishAccess restricted - yarn npm publish --access restricted --tag alpha - env: - NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} - NPM_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + DRY_RUN="${{ github.event.inputs.dry_run == 'true' && '--dry-run' || '' }}" + npx npm@latest publish package.tgz --access restricted --tag alpha $DRY_RUN - name: Publish result if: always() run: | - if [ "${{ steps.check-token.outputs.token_available }}" != "true" ]; then - echo "::warning::NPM publish skipped - NPM_TOKEN not configured. Please rotate the token in repository secrets." - elif [ "${{ steps.publish.outcome }}" != "success" ]; then - echo "::warning::NPM publish failed - This may be due to an expired or invalid NPM_TOKEN. Please check and rotate the token." + OUTCOME="${{ steps.publish.outcome }}" + DRY_RUN="${{ github.event.inputs.dry_run }}" + if [ "$OUTCOME" = "success" ]; then + if [ "$DRY_RUN" = "true" ]; then + echo "✅ Dry run completed (no package uploaded)" + else + echo "✅ Package published successfully" + fi + elif [ "$OUTCOME" = "skipped" ]; then + echo "::warning::Publish step was skipped (e.g. an earlier step failed)." else - echo "✅ Package published successfully" + echo "::warning::NPM publish failed. For @selfxyz/mobile-sdk-alpha we use Trusted Publishers (OIDC); check workflow and npm package settings." fi diff --git a/contracts/package.json b/contracts/package.json index ac7815e38..4dcb1c0c5 100644 --- a/contracts/package.json +++ b/contracts/package.json @@ -38,7 +38,6 @@ "format": "yarn prettier:write", "prettier:check": "prettier --plugin-search-dir . --list-different '**/*.{json,md,yml,sol,ts}'", "prettier:write": "prettier --plugin-search-dir . --write '**/*.{json,md,yml,sol,ts}'", - "publish": "npm publish --access public", "set:hub:v2": "npx dotenv-cli -- bash -c 'NETWORK=${NETWORK} npx tsx scripts/setHubV2.ts'", "set:registry": "npx dotenv-cli -- bash -c 'NETWORK=${NETWORK} npx tsx scripts/setRegistry.ts'", "set:registry:hub:v2": "npx dotenv-cli -- bash -c 'yarn hardhat ignition deploy ignition/modules/scripts/updateRegistryHubV2.ts --network ${NETWORK:-localhost} ${VERIFY:+--verify}'", diff --git a/packages/mobile-sdk-alpha/src/mock/generator.ts b/packages/mobile-sdk-alpha/src/mock/generator.ts index 0d78706c2..dba8113b2 100644 --- a/packages/mobile-sdk-alpha/src/mock/generator.ts +++ b/packages/mobile-sdk-alpha/src/mock/generator.ts @@ -54,11 +54,12 @@ export async function generateMockDocument({ lastName, }: GenerateMockDocumentOptions): Promise { console.log('generateMockDocument received names:', { firstName, lastName, isInOfacList }); - const randomPassportNumber = Math.random() - .toString(36) - .substring(2, 11) - .replace(/[^a-z0-9]/gi, '') - .toUpperCase(); + const ALPHANUMERIC = '0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ'; + const randomBytes = new Uint8Array(9); + crypto.getRandomValues(randomBytes); + const randomPassportNumber = Array.from(randomBytes) + .map(b => ALPHANUMERIC[b % ALPHANUMERIC.length]) + .join(''); const [dgHashAlgo, eContentHashAlgo, signatureTypeForGeneration] = signatureAlgorithmToStrictSignatureAlgorithm[ selectedAlgorithm as keyof typeof signatureAlgorithmToStrictSignatureAlgorithm diff --git a/packages/mobile-sdk-alpha/src/processing/mrz.ts b/packages/mobile-sdk-alpha/src/processing/mrz.ts index b55b62398..344662d56 100644 --- a/packages/mobile-sdk-alpha/src/processing/mrz.ts +++ b/packages/mobile-sdk-alpha/src/processing/mrz.ts @@ -308,11 +308,11 @@ export function extractNameFromMRZ(mrzString: string): { firstName: string; last const parts = namePart.split('<<').filter(Boolean); if (parts.length >= 2) { - const lastName = parts[0].replace(/<+$/, '').replace(/= 2) { - const lastName = parts[0].replace(/<+$/, '').replace(/ => { localStorage.setItem(SECRET_VERSION_KEY, JSON.stringify(metadata)); console.log('[SecureStorage] Loaded existing secret from localStorage'); - return existingSecret; + return existingSecret; // lgtm[js/clear-text-storage-of-sensitive-data] } - // Generate new secret - const newSecret = generateSecret(); + // Generate new secret (intentionally stored in localStorage for demo purposes only) + const newSecret = generateSecret(); // lgtm[js/clear-text-storage-of-sensitive-data] const metadata: SecretMetadata = { version: CURRENT_VERSION, createdAt: new Date().toISOString(), diff --git a/scripts/tests/checkLicenseHeaders.test.mjs b/scripts/tests/checkLicenseHeaders.test.mjs index dc67a1278..cf15a5f91 100644 --- a/scripts/tests/checkLicenseHeaders.test.mjs +++ b/scripts/tests/checkLicenseHeaders.test.mjs @@ -12,7 +12,7 @@ import { strict as assert } from 'assert'; import { existsSync, rmSync, mkdirSync, writeFileSync, readFileSync } from 'fs'; import path from 'path'; import { fileURLToPath } from 'url'; -import { execSync } from 'child_process'; +import { execFileSync } from 'child_process'; const __filename = fileURLToPath(import.meta.url); const __dirname = path.dirname(__filename); @@ -100,11 +100,15 @@ class TestRunner { // Helper to run the script and capture output function runScript(args, cwd = null) { try { - const result = execSync(`node ${SCRIPT_PATH} ${args}`, { - cwd: cwd || process.cwd(), - encoding: 'utf8', - stdio: 'pipe', - }); + const result = execFileSync( + 'node', + [SCRIPT_PATH, ...args.split(/\s+/).filter(Boolean)], + { + cwd: cwd || process.cwd(), + encoding: 'utf8', + stdio: 'pipe', + }, + ); return { stdout: result, stderr: '', exitCode: 0 }; } catch (error) { return { diff --git a/sdk/core/package.json b/sdk/core/package.json index e66a92628..6d7dfb4ce 100644 --- a/sdk/core/package.json +++ b/sdk/core/package.json @@ -41,7 +41,6 @@ "install-sdk": "yarn workspaces focus @selfxyz/core", "lint": "prettier --check .", "prepublishOnly": "npm run build", - "publish": "yarn npm publish --access public", "test": "node --loader ts-node/esm --test tests/*.test.ts", "types": "yarn build" }, diff --git a/sdk/qrcode-angular/package.json b/sdk/qrcode-angular/package.json index 79881e045..0f5850249 100644 --- a/sdk/qrcode-angular/package.json +++ b/sdk/qrcode-angular/package.json @@ -32,7 +32,6 @@ "lint:fix": "ng lint --fix", "nice": "yarn format && yarn lint", "prepublishOnly": "yarn build", - "publish": "yarn npm publish --access public", "test": "ng test" }, "dependencies": { diff --git a/sdk/qrcode/package.json b/sdk/qrcode/package.json index 921a4c687..247e3034b 100644 --- a/sdk/qrcode/package.json +++ b/sdk/qrcode/package.json @@ -62,7 +62,6 @@ "nice": "yarn format && yarn lint:imports", "nice:check": "yarn lint && yarn lint:imports:check", "prepublishOnly": "yarn build", - "publish": "yarn npm publish --access public", "test": "echo 'no tests found'", "types": "yarn workspace @selfxyz/sdk-common build && tsc -p tsconfig.json --noEmit" },