Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Changesets doesn't detect NPM packages in GitLab reliably

See original GitHub issue

Affected Packages

I believe it’s the cli package.

Problem

I set up changesets in GitLab CI (one job on master that allows to create an MR with the changeset version changes and another one to actually publish those changes) but when I went to test it, I found that in some cases existing packages are not picked up correctly.

In my example I have two packages, A and B. A@latest is 0.3.0, B@latest is at 0.4.3. I add a changeset for a major version for A, create the MR, merge it and hit publish. The logs look like this:

🦋  info npm info @example/A
🦋  info npm info @example/B
🦋  warn Received 404 for npm info "@example/B"
🦋  warn Received 404 for npm info "@example/A"
🦋  info @example/A is being published because our local version (1.0.0) has not been published on npm
🦋  info @example/B is being published because our local version (0.4.3) has not been published on npm
🦋  info Publishing "@example/A" at "1.0.0"
🦋  info Publishing "@example/B" at "0.4.3"
🦋  error an error occurred while publishing @example/B: E403 403 Forbidden - PUT https://gitlab.redacted/api/v4/projects/123/packages/npm/@example%2fB
🦋  error In most cases, you or one of your dependencies are requesting
🦋  error a package version that is forbidden by your security policy.
🦋  success packages published successfully:
🦋  @example/A@1.0.0
🦋  Creating git tag...
🦋  New tag:  @example/A@1.0.0
🦋  error packages failed to publish:
🦋  @example/B@0.4.3

So while @example/B is already published at 0.4.3, changesets sees it as not-published. I don’t know whether that is an issue with the GitLab API returning incorrect values or changesets picking it up (could also be something similar to https://github.com/atlassian/changesets/issues/338#issuecomment-706369237 where GitLab returns other weird values in special cases?).

I unfortunately didn’t have time to investigate this so far but will update this issue with more information if I get around to playing with this some more.

Proposed solution

None so far, because I am not sure what the underlying issue is.

Issue Analytics

State:
Created 3 years ago
Comments:18 (8 by maintainers)

Top GitHub Comments

1reaction

geisterfurz007commented, Nov 24, 2021

Our CI script writes three lines into the .npmrc file in the project root before calling yarn changeset publish:

    echo "@example:registry=https://gitlab.redacted/api/v4/packages/npm" >> .npmrc
    echo "//gitlab.redacted/api/v4/packages/npm/:_authToken=${CI_JOB_TOKEN}" >> .npmrc
    echo "//gitlab.redacted/api/v4/projects/123/packages/npm/:_authToken=${CI_JOB_TOKEN}" >> .npmrc

1reaction

Andaristcommented, Mar 7, 2021

@fubhy Please reach out to me using Twitter’s DM ( https://twitter.com/AndaristRake ) so we can schedule something.