Skip to content

fix(publish): align package metadata and harden npm publish flow#47

Merged
synsoftworksdev merged 1 commit intomainfrom
fix/npm-trusted-publishing-repo-metadata
Apr 15, 2026
Merged

fix(publish): align package metadata and harden npm publish flow#47
synsoftworksdev merged 1 commit intomainfrom
fix/npm-trusted-publishing-repo-metadata

Conversation

@synsoftworksdev
Copy link
Copy Markdown
Member

@synsoftworksdev synsoftworksdev commented Apr 15, 2026

Summary

Make the npm publish path more reliable by aligning package metadata with the
real GitHub repository and adding small publish workflow hardening.

Changed

  • update package.json to point at the real repo:
    • repository.url -> git+https://github.com/synsoftworksdev/gitrole.git
    • bugs.url -> https://github.com/synsoftworksdev/gitrole/issues
  • normalize bin.gitrole to dist/cli/index.js
  • harden .github/workflows/publish.yml without changing the release strategy
  • add a small diagnostics step that prints package name, version, and repository.url
  • add an npm preflight that checks whether the exact version is already published
  • skip npm publish cleanly when the version already exists
  • keep:
    • tag/version verification
    • npm run test:release
    • npm pack --dry-run
    • npm publish --provenance --access public
  • update test/e2e/package-smoke.test.ts so the assertion matches the normalized bin path

Verification

  • npm run build
  • npm test
  • npm run test:release
  • npm pack --dry-run

Notes

  • no CLI logic changes
  • local npm pack --dry-run needed a temporary npm cache because the default ~/.npm cache had a permissions issue
  • package packing itself completed cleanly

@synsoftworksdev
fix(publish): align package metadata and harden npm publish flow
8622d0c 
Make the npm publish path more reliable by aligning package metadata with the
real GitHub repository and adding small publish workflow safeguards.

Also:
- update `repository.url` to `git+https://github.com/synsoftworksdev/gitrole.git`
- update `bugs.url` to `https://github.com/synsoftworksdev/gitrole/issues`
- normalize `bin.gitrole` to `dist/cli/index.js`
- add publish diagnostics for package name, version, and repository URL
- add an npm preflight that skips publish when the exact version already exists
- keep tag/version verification, release-confidence tests, dry-run pack, and trusted publishing intact
- update package-smoke expectations for the normalized bin path

Verified with:
- npm run build
- npm test
- npm run test:release
- npm pack --dry-run
@synsoftworksdev synsoftworksdev self-assigned this Apr 15, 2026
@synsoftworksdev synsoftworksdev merged commit c03bbe7 into main Apr 15, 2026
4 checks passed
@synsoftworksdev synsoftworksdev deleted the fix/npm-trusted-publishing-repo-metadata branch April 15, 2026 19:09
@gitrole-release-bot gitrole-release-bot Bot mentioned this pull request Apr 15, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@synsoftworksdev synsoftworksdev

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@synsoftworksdev