From df208e787be03807f1011ccb42e50545e170373e Mon Sep 17 00:00:00 2001 From: Justin Hernandez Date: Fri, 6 Feb 2026 13:27:20 -0800 Subject: [PATCH] chore: fix staging pipelines for 2.9.15 (#1715) * fix versions * update publish logic --- .github/workflows/npm-publish.yml | 159 ++++++++++++++++++++++++++ packages/mobile-sdk-demo/package.json | 2 +- yarn.lock | 16 +-- 3 files changed, 161 insertions(+), 16 deletions(-) diff --git a/.github/workflows/npm-publish.yml b/.github/workflows/npm-publish.yml index 3ae0a3a19..d714e07dc 100644 --- a/.github/workflows/npm-publish.yml +++ b/.github/workflows/npm-publish.yml @@ -12,11 +12,26 @@ on: - "sdk/qrcode-angular/package.json" - "contracts/package.json" workflow_dispatch: + inputs: + strict_mode: + description: "Fail workflow on publish errors (false = continue on error)" + required: false + type: boolean + default: false permissions: id-token: write # Required for OIDC contents: read +# Error Handling Strategy: +# - STRICT_PUBLISH_MODE controls whether publish failures stop the workflow +# - Current (false): continue-on-error=true, workflow always succeeds +# - Target (true): continue-on-error=false, fail on real errors (expired tokens, network issues) +# - Manual override: Use workflow_dispatch with strict_mode input to test +# TODO: Set STRICT_PUBLISH_MODE=true once NPM token is rotated and verified +env: + STRICT_PUBLISH_MODE: false + jobs: detect-changes: runs-on: ubuntu-latest @@ -86,8 +101,21 @@ jobs: run: | yarn workspace @selfxyz/core build:deps + - name: Check NPM Token + id: check-token + run: | + if [ -z "${{ secrets.NPM_TOKEN }}" ]; then + echo "⚠️ Warning: NPM_TOKEN is not set. Skipping publish." + echo "token_available=false" >> $GITHUB_OUTPUT + else + echo "token_available=true" >> $GITHUB_OUTPUT + fi + - name: Publish to npm + if: steps.check-token.outputs.token_available == 'true' working-directory: sdk/core + continue-on-error: ${{ github.event.inputs.strict_mode != 'true' && env.STRICT_PUBLISH_MODE != 'true' }} + id: publish run: | yarn config set npmPublishAccess public yarn npm publish --access public @@ -95,6 +123,17 @@ jobs: NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} NPM_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + - name: Publish result + if: always() + run: | + if [ "${{ steps.check-token.outputs.token_available }}" != "true" ]; then + echo "::warning::NPM publish skipped - NPM_TOKEN not configured. Please rotate the token in repository secrets." + elif [ "${{ steps.publish.outcome }}" != "success" ]; then + echo "::warning::NPM publish failed - This may be due to an expired or invalid NPM_TOKEN. Please check and rotate the token." + else + echo "✅ Package published successfully" + fi + publish-qrcode: needs: detect-changes if: needs.detect-changes.outputs.qrcode_changed == 'true' @@ -114,8 +153,21 @@ jobs: run: | yarn workspace @selfxyz/qrcode build:deps + - name: Check NPM Token + id: check-token + run: | + if [ -z "${{ secrets.NPM_TOKEN }}" ]; then + echo "⚠️ Warning: NPM_TOKEN is not set. Skipping publish." + echo "token_available=false" >> $GITHUB_OUTPUT + else + echo "token_available=true" >> $GITHUB_OUTPUT + fi + - name: Publish to npm + if: steps.check-token.outputs.token_available == 'true' working-directory: sdk/qrcode + continue-on-error: ${{ github.event.inputs.strict_mode != 'true' && env.STRICT_PUBLISH_MODE != 'true' }} + id: publish run: | yarn config set npmPublishAccess public yarn npm publish --access public @@ -123,6 +175,17 @@ jobs: NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} NPM_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + - name: Publish result + if: always() + run: | + if [ "${{ steps.check-token.outputs.token_available }}" != "true" ]; then + echo "::warning::NPM publish skipped - NPM_TOKEN not configured. Please rotate the token in repository secrets." + elif [ "${{ steps.publish.outcome }}" != "success" ]; then + echo "::warning::NPM publish failed - This may be due to an expired or invalid NPM_TOKEN. Please check and rotate the token." + else + echo "✅ Package published successfully" + fi + publish-common: needs: detect-changes if: needs.detect-changes.outputs.common_changed == 'true' @@ -141,14 +204,38 @@ jobs: run: | yarn workspace @selfxyz/common build + - name: Check NPM Token + id: check-token + run: | + if [ -z "${{ secrets.NPM_TOKEN }}" ]; then + echo "⚠️ Warning: NPM_TOKEN is not set. Skipping publish." + echo "token_available=false" >> $GITHUB_OUTPUT + else + echo "token_available=true" >> $GITHUB_OUTPUT + fi + - name: Publish to npm + if: steps.check-token.outputs.token_available == 'true' working-directory: common + continue-on-error: ${{ github.event.inputs.strict_mode != 'true' && env.STRICT_PUBLISH_MODE != 'true' }} + id: publish run: | yarn config set npmPublishAccess public yarn npm publish --access public env: NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} NPM_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + + - name: Publish result + if: always() + run: | + if [ "${{ steps.check-token.outputs.token_available }}" != "true" ]; then + echo "::warning::NPM publish skipped - NPM_TOKEN not configured. Please rotate the token in repository secrets." + elif [ "${{ steps.publish.outcome }}" != "success" ]; then + echo "::warning::NPM publish failed - This may be due to an expired or invalid NPM_TOKEN. Please check and rotate the token." + else + echo "✅ Package published successfully" + fi publish-contracts: needs: detect-changes if: needs.detect-changes.outputs.contracts_changed == 'true' @@ -165,14 +252,38 @@ jobs: - name: Build package run: | yarn workspace @selfxyz/contracts build + - name: Check NPM Token + id: check-token + run: | + if [ -z "${{ secrets.NPM_TOKEN }}" ]; then + echo "⚠️ Warning: NPM_TOKEN is not set. Skipping publish." + echo "token_available=false" >> $GITHUB_OUTPUT + else + echo "token_available=true" >> $GITHUB_OUTPUT + fi + - name: Publish to npm + if: steps.check-token.outputs.token_available == 'true' working-directory: contracts + continue-on-error: ${{ github.event.inputs.strict_mode != 'true' && env.STRICT_PUBLISH_MODE != 'true' }} + id: publish run: | yarn config set npmPublishAccess public yarn npm publish --access public env: NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} NPM_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + + - name: Publish result + if: always() + run: | + if [ "${{ steps.check-token.outputs.token_available }}" != "true" ]; then + echo "::warning::NPM publish skipped - NPM_TOKEN not configured. Please rotate the token in repository secrets." + elif [ "${{ steps.publish.outcome }}" != "success" ]; then + echo "::warning::NPM publish failed - This may be due to an expired or invalid NPM_TOKEN. Please check and rotate the token." + else + echo "✅ Package published successfully" + fi publish-qrcode-angular: needs: detect-changes if: needs.detect-changes.outputs.qrcode_angular_changed == 'true' @@ -192,8 +303,21 @@ jobs: run: | yarn workspace @selfxyz/qrcode-angular build:deps + - name: Check NPM Token + id: check-token + run: | + if [ -z "${{ secrets.NPM_TOKEN }}" ]; then + echo "⚠️ Warning: NPM_TOKEN is not set. Skipping publish." + echo "token_available=false" >> $GITHUB_OUTPUT + else + echo "token_available=true" >> $GITHUB_OUTPUT + fi + - name: Publish to npm + if: steps.check-token.outputs.token_available == 'true' working-directory: sdk/qrcode-angular + continue-on-error: ${{ github.event.inputs.strict_mode != 'true' && env.STRICT_PUBLISH_MODE != 'true' }} + id: publish run: | yarn config set npmPublishAccess public yarn npm publish --access public @@ -201,6 +325,17 @@ jobs: NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} NPM_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + - name: Publish result + if: always() + run: | + if [ "${{ steps.check-token.outputs.token_available }}" != "true" ]; then + echo "::warning::NPM publish skipped - NPM_TOKEN not configured. Please rotate the token in repository secrets." + elif [ "${{ steps.publish.outcome }}" != "success" ]; then + echo "::warning::NPM publish failed - This may be due to an expired or invalid NPM_TOKEN. Please check and rotate the token." + else + echo "✅ Package published successfully" + fi + publish-msdk: needs: detect-changes if: needs.detect-changes.outputs.msdk_changed == 'true' @@ -221,11 +356,35 @@ jobs: yarn workspace @selfxyz/common build yarn workspace @selfxyz/mobile-sdk-alpha build + - name: Check NPM Token + id: check-token + run: | + if [ -z "${{ secrets.NPM_TOKEN }}" ]; then + echo "⚠️ Warning: NPM_TOKEN is not set. Skipping publish." + echo "token_available=false" >> $GITHUB_OUTPUT + else + echo "token_available=true" >> $GITHUB_OUTPUT + fi + - name: Publish to npm + if: steps.check-token.outputs.token_available == 'true' working-directory: packages/mobile-sdk-alpha + continue-on-error: ${{ github.event.inputs.strict_mode != 'true' && env.STRICT_PUBLISH_MODE != 'true' }} + id: publish run: | yarn config set npmPublishAccess restricted yarn npm publish --access restricted --tag alpha env: NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} NPM_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + + - name: Publish result + if: always() + run: | + if [ "${{ steps.check-token.outputs.token_available }}" != "true" ]; then + echo "::warning::NPM publish skipped - NPM_TOKEN not configured. Please rotate the token in repository secrets." + elif [ "${{ steps.publish.outcome }}" != "success" ]; then + echo "::warning::NPM publish failed - This may be due to an expired or invalid NPM_TOKEN. Please check and rotate the token." + else + echo "✅ Package published successfully" + fi diff --git a/packages/mobile-sdk-demo/package.json b/packages/mobile-sdk-demo/package.json index dce8518ec..f14794f80 100644 --- a/packages/mobile-sdk-demo/package.json +++ b/packages/mobile-sdk-demo/package.json @@ -49,7 +49,7 @@ "react-native-keychain": "^10.0.0", "react-native-localize": "^3.6.1", "react-native-safe-area-context": "^5.6.2", - "react-native-svg": "15.15.1", + "react-native-svg": "15.12.1", "react-native-vector-icons": "^10.3.0", "react-native-webview": "13.16.0", "stream-browserify": "^3.0.0", diff --git a/yarn.lock b/yarn.lock index 72a61dcbd..a6d3701ae 100644 --- a/yarn.lock +++ b/yarn.lock @@ -27347,7 +27347,7 @@ __metadata: react-native-keychain: "npm:^10.0.0" react-native-localize: "npm:^3.6.1" react-native-safe-area-context: "npm:^5.6.2" - react-native-svg: "npm:15.15.1" + react-native-svg: "npm:15.12.1" react-native-svg-transformer: "npm:^1.5.2" react-native-vector-icons: "npm:^10.3.0" react-native-webview: "npm:13.16.0" @@ -30329,20 +30329,6 @@ __metadata: languageName: node linkType: hard -"react-native-svg@npm:15.15.1": - version: 15.15.1 - resolution: "react-native-svg@npm:15.15.1" - dependencies: - css-select: "npm:^5.1.0" - css-tree: "npm:^1.1.3" - warn-once: "npm:0.1.1" - peerDependencies: - react: "*" - react-native: "*" - checksum: 10c0/9e047e8afdd5121296a3402c5c37363b9b37fbddc41f7b0b49b923ac4d2898954c8b57a6784a625321236987e494ee54f594e22f9de815f807e03a3433d7fefd - languageName: node - linkType: hard - "react-native-url-polyfill@npm:2.0.0": version: 2.0.0 resolution: "react-native-url-polyfill@npm:2.0.0"