Add prepublish checks to block releases of non-snapshot versionsfirst one #2037
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
npm Snapshot: PublishedGood news!! We've packaged up the latest commit from this PR (165f468) and published it to npm. You Example: yarn add @khanacademy/perseus@PR2037If you are working in Khan Academy's webapp, you can run: ./dev/tools/bump_perseus_version.sh -t PR2037 |
|
Size Change: 0 B Total Size: 1.27 MB ℹ️ View Unchanged
|
…eset per package and I don't know how to do an infrastructure update like this and pass that check
jeremywiebe
approved these changes
Dec 19, 2024
Comment on lines
+31
to
+40
| // check that we are running our pre-publish check for this package | ||
| if ( | ||
| !scripts.prepublishOnly || | ||
| !scripts.prepublishOnly.includes("utils/package-pre-publish-check.sh") | ||
| ) { | ||
| console.error( | ||
| `ERROR: ${name} must have a "prepublishOnly" script that runs "utils/package-pre-publish-check.sh".`, | ||
| ); | ||
| returnCode = false; | ||
| } |
There was a problem hiding this comment.
Yay. Thanks for adding this check here too!
| @@ -30,4 +31,4 @@ | |||
| }, | |||
| "peerDependencies": {}, | |||
| "keywords": [] | |||
| } | |||
| } | |||
There was a problem hiding this comment.
OCD-level 10 comment: looks like all the package.json lost their newline at end of file. I'm not sure if that matters, but Github flags it so... 🤷♂️
There was a problem hiding this comment.
It doesn't make a difference. I just saved like usual - no idea why this means it doesn't get a newline.
Comment on lines
+31
to
+40
| // check that we are running our pre-publish check for this package | ||
| if ( | ||
| !scripts.prepublishOnly || | ||
| !scripts.prepublishOnly.includes("utils/package-pre-publish-check.sh") | ||
| ) { | ||
| console.error( | ||
| `ERROR: ${name} must have a "prepublishOnly" script that runs "utils/package-pre-publish-check.sh".`, | ||
| ); | ||
| returnCode = false; | ||
| } |
There was a problem hiding this comment.
note: New check to make sure all the packages we publish are running our prepublish check to avoid snapshot releases usurping real releases.
| } | ||
| } else if (pkgJson[field] !== value) { |
There was a problem hiding this comment.
note: I just changed that nested if in an else to an else if.
Comment on lines
+25
to
+38
| if ( | ||
| !checkPrivate(pkgJson) && | ||
| !checkPublishConfig(pkgJson) && | ||
| !checkEntrypoints(pkgJson) && | ||
| !checkSource(pkgJson) | ||
| ) { | ||
| allPassed = false; | ||
| } | ||
| } | ||
|
|
||
| // Exit only after we've processed all the packages. | ||
| if (!allPassed) { | ||
| process.exit(1); | ||
| } |
There was a problem hiding this comment.
note: This means we check all the packages for all the things before we quit, rather than quitting on the first error. Makes it easier to do changes to the overall checks and ensure compliance.
Merged
somewhatabstract
added a commit
that referenced
this pull request
Dec 19, 2024
This PR was opened by the [Changesets release](https://github.com/changesets/action) GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated. # Releases ## @khanacademy/[email protected] ### Patch Changes - [#2037](#2037) [`b80e7882b`](b80e788) Thanks [@somewhatabstract](https://github.com/somewhatabstract)! - Nothing has changed, but our action requires a changeset per package and I don't know how to do an infrastructure update like this and pass that check - Updated dependencies \[[`b80e7882b`](b80e788)]: - @khanacademy/[email protected] ## @khanacademy/[email protected] ### Patch Changes - [#2037](#2037) [`b80e7882b`](b80e788) Thanks [@somewhatabstract](https://github.com/somewhatabstract)! - Nothing has changed, but our action requires a changeset per package and I don't know how to do an infrastructure update like this and pass that check - Updated dependencies \[[`b80e7882b`](b80e788)]: - @khanacademy/[email protected] ## @khanacademy/[email protected] ### Patch Changes - [#2037](#2037) [`b80e7882b`](b80e788) Thanks [@somewhatabstract](https://github.com/somewhatabstract)! - Nothing has changed, but our action requires a changeset per package and I don't know how to do an infrastructure update like this and pass that check - Updated dependencies \[[`b80e7882b`](b80e788)]: - @khanacademy/[email protected] ## @khanacademy/[email protected] ### Patch Changes - [#2037](#2037) [`b80e7882b`](b80e788) Thanks [@somewhatabstract](https://github.com/somewhatabstract)! - Nothing has changed, but our action requires a changeset per package and I don't know how to do an infrastructure update like this and pass that check - Updated dependencies \[[`b80e7882b`](b80e788)]: - @khanacademy/[email protected] - @khanacademy/[email protected] ## @khanacademy/[email protected] ### Patch Changes - [#2034](#2034) [`8e9b2395d`](8e9b239) Thanks [@catandthemachines](https://github.com/catandthemachines)! - Removing final usage of createReactClass. - [#2025](#2025) [`b52310d1b`](b52310d) Thanks [@nishasy](https://github.com/nishasy)! - [SR] Linear graph - add grab handle description and aria lives - [#2037](#2037) [`b80e7882b`](b80e788) Thanks [@somewhatabstract](https://github.com/somewhatabstract)! - Nothing has changed, but our action requires a changeset per package and I don't know how to do an infrastructure update like this and pass that check - [#2033](#2033) [`881c0aac3`](881c0aa) Thanks [@nishasy](https://github.com/nishasy)! - [Interactive Graph][axis labels] Make default x & y axis labels TeX on load - Updated dependencies \[[`b80e7882b`](b80e788)]: - @khanacademy/[email protected] - @khanacademy/[email protected] - @khanacademy/[email protected] - @khanacademy/[email protected] - @khanacademy/[email protected] - @khanacademy/[email protected] - @khanacademy/[email protected] - @khanacademy/[email protected] ## @khanacademy/[email protected] ### Patch Changes - [#2037](#2037) [`b80e7882b`](b80e788) Thanks [@somewhatabstract](https://github.com/somewhatabstract)! - Nothing has changed, but our action requires a changeset per package and I don't know how to do an infrastructure update like this and pass that check ## @khanacademy/[email protected] ### Patch Changes - [#2034](#2034) [`8e9b2395d`](8e9b239) Thanks [@catandthemachines](https://github.com/catandthemachines)! - Removing final usage of createReactClass. - [#2037](#2037) [`b80e7882b`](b80e788) Thanks [@somewhatabstract](https://github.com/somewhatabstract)! - Nothing has changed, but our action requires a changeset per package and I don't know how to do an infrastructure update like this and pass that check - [#2033](#2033) [`881c0aac3`](881c0aa) Thanks [@nishasy](https://github.com/nishasy)! - [Interactive Graph][axis labels] Make default x & y axis labels TeX on load - Updated dependencies \[[`8e9b2395d`](8e9b239), [`b52310d1b`](b52310d), [`b80e7882b`](b80e788), [`881c0aac3`](881c0aa)]: - @khanacademy/[email protected] - @khanacademy/[email protected] - @khanacademy/[email protected] - @khanacademy/[email protected] - @khanacademy/[email protected] - @khanacademy/[email protected] - @khanacademy/[email protected] ## @khanacademy/[email protected] ### Patch Changes - [#2037](#2037) [`b80e7882b`](b80e788) Thanks [@somewhatabstract](https://github.com/somewhatabstract)! - Nothing has changed, but our action requires a changeset per package and I don't know how to do an infrastructure update like this and pass that check - Updated dependencies \[[`b80e7882b`](b80e788)]: - @khanacademy/[email protected] ## @khanacademy/[email protected] ### Patch Changes - [#2037](#2037) [`b80e7882b`](b80e788) Thanks [@somewhatabstract](https://github.com/somewhatabstract)! - Nothing has changed, but our action requires a changeset per package and I don't know how to do an infrastructure update like this and pass that check - Updated dependencies \[[`b80e7882b`](b80e788)]: - @khanacademy/[email protected] - @khanacademy/[email protected] ## @khanacademy/[email protected] ### Patch Changes - [#2037](#2037) [`b80e7882b`](b80e788) Thanks [@somewhatabstract](https://github.com/somewhatabstract)! - Nothing has changed, but our action requires a changeset per package and I don't know how to do an infrastructure update like this and pass that check - Updated dependencies \[[`b80e7882b`](b80e788)]: - @khanacademy/[email protected] ## @khanacademy/[email protected] ### Patch Changes - Updated dependencies \[[`b80e7882b`](b80e788)]: - @khanacademy/[email protected] - @khanacademy/[email protected] - @khanacademy/[email protected] - @khanacademy/[email protected] - @khanacademy/[email protected] - @khanacademy/[email protected] - @khanacademy/[email protected]
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary:
This PR implements a simple preventative measure for the race condition described by https://khanacademy.atlassian.net/wiki/spaces/ENG/pages/3571646568/Race+condition+breaks+Perseus+release whereby an in progress release triggered via merging a changesets PR and a snapshot release triggered by a PR update can lead to a snapshot releasing an actual versioned release.
The events that cause this look something like:
mainmain, updating its versions to the ones inmainthat are not yet publishedThis change should prevent that last step; failing the snapshot release.
We could look at trying other ways to prevent this, such as making the `release.yml`` workflow responsible for snapshot releases too and limit concurrency. However, even that won't fully prevent this since the merge of the "Version Packages" PR does not guarantee the run order of the release workflow and the snapshot workflow.
So, this helps prevent the incorrect publish occurring without impacting the official release process - only PR snapshot releases get affected in the cases where this might occur (which seem to be rare, for now).
This update also modifies our pre-publish checks to look for all errors before quitting, instead of quitting on the first one. This is a quality of life change for devs that modify this script and need to check all packages are passing without having to run, then fix, then run, then fix, repeatedly.
Issue: XXX-XXXX
Test plan:
I ran
SNAPSHOT_RELEASE=1 npm publish --dry-runon a package that had a non-snapshot release version, and it failed as expected. I also ran it on a package that had the correct0.0.0-PR...format, and it succeeded. I also ran anpm publish --dry-runon a package without theSNAPSHOT_RELEASEenv var, and it succeeded.