From b6348fd4fe93817b2e78d09fb4924bfaac23ec3b Mon Sep 17 00:00:00 2001 From: saravanakumardb1 Date: Thu, 26 Mar 2026 21:51:05 -0700 Subject: [PATCH] =?UTF-8?q?fix(security):=20harden=20npm=20publish=20?= =?UTF-8?q?=E2=80=94=20add=20.npmrc=20+=20publishConfig=20to=20all=2057=20?= =?UTF-8?q?packages?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Created .npmrc with @bytelyst scoped registry pointing to local Gitea - Added publishConfig.registry to all 57 @bytelyst/* package.json files - Created scripts/harden-publish-config.sh for future re-runs - Prevents accidental publish to npmjs.org or corporate JFrog registry --- .npmrc | 3 + packages/accessibility/package.json | 3 + packages/api-client/package.json | 3 + packages/auth-client/package.json | 3 + packages/auth-ui/package.json | 3 + packages/auth/package.json | 3 + packages/backend-config/package.json | 5 +- packages/backend-flags/package.json | 5 +- packages/backend-telemetry/package.json | 5 +- packages/blob-client/package.json | 3 + packages/blob/package.json | 3 + packages/broadcast-client/package.json | 3 + packages/celebrations/package.json | 3 + packages/client-encrypt/package.json | 3 + packages/config/package.json | 3 + packages/cosmos/package.json | 3 + packages/create-app/package.json | 3 + packages/dashboard-components/package.json | 3 + packages/dashboard-shell/package.json | 3 + packages/datastore/package.json | 3 + packages/design-tokens/package.json | 3 + packages/diagnostics-client/package.json | 3 + packages/errors/package.json | 3 + packages/event-store/package.json | 3 + packages/events/package.json | 3 + packages/extraction/package.json | 3 + packages/fastify-auth/package.json | 5 +- packages/fastify-core/package.json | 3 + packages/fastify-sse/package.json | 3 + packages/feature-flag-client/package.json | 3 + packages/feedback-client/package.json | 3 + packages/field-encrypt/package.json | 3 + packages/gentle-notifications/package.json | 3 + packages/kill-switch-client/package.json | 3 + packages/llm-router/package.json | 3 + packages/llm/package.json | 3 + packages/logger/package.json | 3 + packages/marketplace-client/package.json | 3 + packages/monitoring/package.json | 3 + packages/offline-queue/package.json | 3 + packages/org-client/package.json | 3 + packages/platform-client/package.json | 3 + packages/push/package.json | 3 + packages/queue/package.json | 3 + packages/quick-actions/package.json | 3 + packages/react-auth/package.json | 3 + .../react-native-platform-sdk/package.json | 5 +- packages/referral-client/package.json | 3 + packages/secure-storage-web/package.json | 3 + packages/speech/package.json | 3 + packages/storage/package.json | 3 + packages/subscription-client/package.json | 3 + packages/survey-client/package.json | 3 + packages/sync/package.json | 3 + packages/telemetry-client/package.json | 3 + packages/testing/package.json | 3 + packages/time-references/package.json | 3 + packages/webhook-dispatch/package.json | 3 + scripts/harden-publish-config.sh | 72 +++++++++++++++++++ 59 files changed, 251 insertions(+), 5 deletions(-) create mode 100644 .npmrc create mode 100755 scripts/harden-publish-config.sh diff --git a/.npmrc b/.npmrc new file mode 100644 index 00000000..ddd6c8c9 --- /dev/null +++ b/.npmrc @@ -0,0 +1,3 @@ +@bytelyst:registry=http://localhost:3300/api/packages/bytelyst/npm/ +//localhost:3300/api/packages/bytelyst/npm/:_authToken=${GITEA_NPM_TOKEN} +strict-ssl=false diff --git a/packages/accessibility/package.json b/packages/accessibility/package.json index 9b6c06b9..14e21917 100644 --- a/packages/accessibility/package.json +++ b/packages/accessibility/package.json @@ -17,5 +17,8 @@ "scripts": { "build": "tsc", "test": "vitest run" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/api-client/package.json b/packages/api-client/package.json index b30be692..00d41901 100644 --- a/packages/api-client/package.json +++ b/packages/api-client/package.json @@ -16,5 +16,8 @@ "scripts": { "build": "tsc", "test": "vitest run" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/auth-client/package.json b/packages/auth-client/package.json index b393f536..150f722e 100644 --- a/packages/auth-client/package.json +++ b/packages/auth-client/package.json @@ -17,5 +17,8 @@ "scripts": { "build": "tsc", "test": "vitest run" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/auth-ui/package.json b/packages/auth-ui/package.json index afbb9362..8ac7ca94 100644 --- a/packages/auth-ui/package.json +++ b/packages/auth-ui/package.json @@ -29,5 +29,8 @@ "happy-dom": "^18.0.1", "react": "^19.2.4", "react-dom": "^19.2.4" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/auth/package.json b/packages/auth/package.json index 34a64f52..b511848c 100644 --- a/packages/auth/package.json +++ b/packages/auth/package.json @@ -23,5 +23,8 @@ "peerDependencies": { "jose": ">=5.0.0", "bcryptjs": ">=2.4.0" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/backend-config/package.json b/packages/backend-config/package.json index c03fdcb3..bfec4918 100644 --- a/packages/backend-config/package.json +++ b/packages/backend-config/package.json @@ -26,5 +26,8 @@ }, "files": [ "dist" - ] + ], + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" + } } diff --git a/packages/backend-flags/package.json b/packages/backend-flags/package.json index 1427a68a..3cd0ffd3 100644 --- a/packages/backend-flags/package.json +++ b/packages/backend-flags/package.json @@ -23,5 +23,8 @@ }, "files": [ "dist" - ] + ], + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" + } } diff --git a/packages/backend-telemetry/package.json b/packages/backend-telemetry/package.json index 6b64d26c..f55d38d8 100644 --- a/packages/backend-telemetry/package.json +++ b/packages/backend-telemetry/package.json @@ -23,5 +23,8 @@ }, "files": [ "dist" - ] + ], + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" + } } diff --git a/packages/blob-client/package.json b/packages/blob-client/package.json index 6b8d4135..4fb6acc0 100644 --- a/packages/blob-client/package.json +++ b/packages/blob-client/package.json @@ -17,5 +17,8 @@ "scripts": { "build": "tsc", "test": "vitest run" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/blob/package.json b/packages/blob/package.json index 42496004..ee8d5b68 100644 --- a/packages/blob/package.json +++ b/packages/blob/package.json @@ -20,5 +20,8 @@ }, "dependencies": { "@bytelyst/storage": "workspace:*" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/broadcast-client/package.json b/packages/broadcast-client/package.json index 0c8f5b6c..05847463 100644 --- a/packages/broadcast-client/package.json +++ b/packages/broadcast-client/package.json @@ -17,5 +17,8 @@ "scripts": { "build": "tsc", "test": "vitest run" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/celebrations/package.json b/packages/celebrations/package.json index 14997169..f0924e78 100644 --- a/packages/celebrations/package.json +++ b/packages/celebrations/package.json @@ -17,5 +17,8 @@ "scripts": { "build": "tsc", "test": "vitest run" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/client-encrypt/package.json b/packages/client-encrypt/package.json index dad3c837..f554370e 100644 --- a/packages/client-encrypt/package.json +++ b/packages/client-encrypt/package.json @@ -19,5 +19,8 @@ }, "devDependencies": { "vitest": "^3.0.0" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/config/package.json b/packages/config/package.json index 0acb53d5..53bf0584 100644 --- a/packages/config/package.json +++ b/packages/config/package.json @@ -41,5 +41,8 @@ "devDependencies": { "@azure/identity": "^4.13.0", "@azure/keyvault-secrets": "^4.10.0" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/cosmos/package.json b/packages/cosmos/package.json index 9b744993..da8fe8ea 100644 --- a/packages/cosmos/package.json +++ b/packages/cosmos/package.json @@ -19,5 +19,8 @@ }, "peerDependencies": { "@azure/cosmos": ">=4.0.0" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/create-app/package.json b/packages/create-app/package.json index ecdedd92..7ad2fb32 100644 --- a/packages/create-app/package.json +++ b/packages/create-app/package.json @@ -20,5 +20,8 @@ "tsx": "^4.19.2", "typescript": "^5.7.3", "vitest": "^3.0.5" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/dashboard-components/package.json b/packages/dashboard-components/package.json index 943eabef..45e26994 100644 --- a/packages/dashboard-components/package.json +++ b/packages/dashboard-components/package.json @@ -32,5 +32,8 @@ "react-dom": "^19.2.4", "typescript": "^5.7.3", "vitest": "^4.0.18" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/dashboard-shell/package.json b/packages/dashboard-shell/package.json index 8098dfe1..bd15b4bf 100644 --- a/packages/dashboard-shell/package.json +++ b/packages/dashboard-shell/package.json @@ -32,5 +32,8 @@ "react-dom": "^19.2.4", "typescript": "^5.7.3", "vitest": "^4.0.18" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/datastore/package.json b/packages/datastore/package.json index 637fb508..6188eedf 100644 --- a/packages/datastore/package.json +++ b/packages/datastore/package.json @@ -31,5 +31,8 @@ }, "devDependencies": { "vitest": "^3.0.0" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/design-tokens/package.json b/packages/design-tokens/package.json index 1434f719..f6403299 100644 --- a/packages/design-tokens/package.json +++ b/packages/design-tokens/package.json @@ -26,5 +26,8 @@ }, "devDependencies": { "tsx": "^4.0.0" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/diagnostics-client/package.json b/packages/diagnostics-client/package.json index f4573b98..eb9eef92 100644 --- a/packages/diagnostics-client/package.json +++ b/packages/diagnostics-client/package.json @@ -28,5 +28,8 @@ "@types/node": "^22.0.0", "typescript": "^5.7.0", "vitest": "^3.0.0" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/errors/package.json b/packages/errors/package.json index 260ffc5e..76c90205 100644 --- a/packages/errors/package.json +++ b/packages/errors/package.json @@ -16,5 +16,8 @@ "scripts": { "build": "tsc", "test": "vitest run" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/event-store/package.json b/packages/event-store/package.json index 77f5b8e3..a4f35c50 100644 --- a/packages/event-store/package.json +++ b/packages/event-store/package.json @@ -17,5 +17,8 @@ "scripts": { "build": "tsc", "test": "vitest run" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/events/package.json b/packages/events/package.json index d055de5a..810debac 100644 --- a/packages/events/package.json +++ b/packages/events/package.json @@ -26,5 +26,8 @@ }, "peerDependencies": { "zod": "^3.0.0" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/extraction/package.json b/packages/extraction/package.json index 2a78bd4d..248668d5 100644 --- a/packages/extraction/package.json +++ b/packages/extraction/package.json @@ -20,5 +20,8 @@ }, "peerDependencies": { "@bytelyst/api-client": "workspace:*" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/fastify-auth/package.json b/packages/fastify-auth/package.json index 87df84cd..cd9362fc 100644 --- a/packages/fastify-auth/package.json +++ b/packages/fastify-auth/package.json @@ -32,5 +32,8 @@ }, "files": [ "dist" - ] + ], + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" + } } diff --git a/packages/fastify-core/package.json b/packages/fastify-core/package.json index f0602294..8255c190 100644 --- a/packages/fastify-core/package.json +++ b/packages/fastify-core/package.json @@ -38,5 +38,8 @@ "@fastify/swagger": "^9.7.0", "@fastify/swagger-ui": "^5.2.5", "fastify-metrics": "^10.6.0" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/fastify-sse/package.json b/packages/fastify-sse/package.json index fee48d16..0959a8b3 100644 --- a/packages/fastify-sse/package.json +++ b/packages/fastify-sse/package.json @@ -20,5 +20,8 @@ }, "peerDependencies": { "fastify": "^5.0.0" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/feature-flag-client/package.json b/packages/feature-flag-client/package.json index f56eb138..66bee63a 100644 --- a/packages/feature-flag-client/package.json +++ b/packages/feature-flag-client/package.json @@ -17,5 +17,8 @@ "scripts": { "build": "tsc", "test": "vitest run" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/feedback-client/package.json b/packages/feedback-client/package.json index 39132d5f..a9b4b1ea 100644 --- a/packages/feedback-client/package.json +++ b/packages/feedback-client/package.json @@ -27,5 +27,8 @@ "devDependencies": { "typescript": "^5.7.0", "vitest": "^3.0.0" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/field-encrypt/package.json b/packages/field-encrypt/package.json index 92fed44c..e368cdb1 100644 --- a/packages/field-encrypt/package.json +++ b/packages/field-encrypt/package.json @@ -36,5 +36,8 @@ "devDependencies": { "vitest": "^3.0.0", "zod": "^3.24.0" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/gentle-notifications/package.json b/packages/gentle-notifications/package.json index 7b00fa02..9e820e59 100644 --- a/packages/gentle-notifications/package.json +++ b/packages/gentle-notifications/package.json @@ -17,5 +17,8 @@ "scripts": { "build": "tsc", "test": "vitest run" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/kill-switch-client/package.json b/packages/kill-switch-client/package.json index d240cc8e..e7df29bd 100644 --- a/packages/kill-switch-client/package.json +++ b/packages/kill-switch-client/package.json @@ -17,5 +17,8 @@ "scripts": { "build": "tsc", "test": "vitest run" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/llm-router/package.json b/packages/llm-router/package.json index a3b65e32..e4f04014 100644 --- a/packages/llm-router/package.json +++ b/packages/llm-router/package.json @@ -22,5 +22,8 @@ "devDependencies": { "vitest": "^3.0.0", "typescript": "^5.7.0" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/llm/package.json b/packages/llm/package.json index ae8f148e..441b3df8 100644 --- a/packages/llm/package.json +++ b/packages/llm/package.json @@ -23,5 +23,8 @@ }, "devDependencies": { "vitest": "^3.0.0" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/logger/package.json b/packages/logger/package.json index 41d86519..ede5db8a 100644 --- a/packages/logger/package.json +++ b/packages/logger/package.json @@ -17,5 +17,8 @@ "scripts": { "build": "tsc", "test": "vitest run" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/marketplace-client/package.json b/packages/marketplace-client/package.json index 5a4f2ecc..fb2ee143 100644 --- a/packages/marketplace-client/package.json +++ b/packages/marketplace-client/package.json @@ -17,5 +17,8 @@ "scripts": { "build": "tsc", "test": "vitest run" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/monitoring/package.json b/packages/monitoring/package.json index 99883e46..79dfee0c 100644 --- a/packages/monitoring/package.json +++ b/packages/monitoring/package.json @@ -17,5 +17,8 @@ "scripts": { "build": "tsc", "test": "vitest run" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/offline-queue/package.json b/packages/offline-queue/package.json index 7af0c3bd..830e598e 100644 --- a/packages/offline-queue/package.json +++ b/packages/offline-queue/package.json @@ -17,5 +17,8 @@ "scripts": { "build": "tsc", "test": "vitest run" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/org-client/package.json b/packages/org-client/package.json index bfa78144..900eec19 100644 --- a/packages/org-client/package.json +++ b/packages/org-client/package.json @@ -17,5 +17,8 @@ "scripts": { "build": "tsc", "test": "vitest run" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/platform-client/package.json b/packages/platform-client/package.json index 8f5855b7..19bf6b11 100644 --- a/packages/platform-client/package.json +++ b/packages/platform-client/package.json @@ -17,5 +17,8 @@ "scripts": { "build": "tsc", "test": "vitest run" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/push/package.json b/packages/push/package.json index c701b5a5..90ff8aab 100644 --- a/packages/push/package.json +++ b/packages/push/package.json @@ -23,5 +23,8 @@ }, "devDependencies": { "vitest": "^3.0.0" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/queue/package.json b/packages/queue/package.json index a638b7aa..8cf91e82 100644 --- a/packages/queue/package.json +++ b/packages/queue/package.json @@ -21,5 +21,8 @@ "devDependencies": { "@types/node": "^22.12.0", "vitest": "^3.0.5" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/quick-actions/package.json b/packages/quick-actions/package.json index 5ee95d11..f50dc360 100644 --- a/packages/quick-actions/package.json +++ b/packages/quick-actions/package.json @@ -17,5 +17,8 @@ "scripts": { "build": "tsc", "test": "vitest run" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/react-auth/package.json b/packages/react-auth/package.json index 8afe759a..fe50f111 100644 --- a/packages/react-auth/package.json +++ b/packages/react-auth/package.json @@ -30,5 +30,8 @@ "happy-dom": "^18.0.1", "react": "^19.2.4", "react-dom": "^19.2.4" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/react-native-platform-sdk/package.json b/packages/react-native-platform-sdk/package.json index 51821ee6..e4f04dce 100644 --- a/packages/react-native-platform-sdk/package.json +++ b/packages/react-native-platform-sdk/package.json @@ -59,5 +59,8 @@ "expo", "mobile" ], - "license": "MIT" + "license": "MIT", + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" + } } diff --git a/packages/referral-client/package.json b/packages/referral-client/package.json index 6f134814..a6ece0d5 100644 --- a/packages/referral-client/package.json +++ b/packages/referral-client/package.json @@ -17,5 +17,8 @@ "scripts": { "build": "tsc", "test": "vitest run" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/secure-storage-web/package.json b/packages/secure-storage-web/package.json index baa64329..2f73000b 100644 --- a/packages/secure-storage-web/package.json +++ b/packages/secure-storage-web/package.json @@ -20,5 +20,8 @@ "devDependencies": { "vitest": "^3.0.0", "fake-indexeddb": "^6.0.0" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/speech/package.json b/packages/speech/package.json index 78e4f29d..348cd08b 100644 --- a/packages/speech/package.json +++ b/packages/speech/package.json @@ -20,5 +20,8 @@ "devDependencies": { "typescript": "^5.7.0", "vitest": "^3.0.0" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/storage/package.json b/packages/storage/package.json index bca26f2d..824c9808 100644 --- a/packages/storage/package.json +++ b/packages/storage/package.json @@ -26,5 +26,8 @@ }, "devDependencies": { "vitest": "^3.0.0" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/subscription-client/package.json b/packages/subscription-client/package.json index f4b7a06b..8effb4ca 100644 --- a/packages/subscription-client/package.json +++ b/packages/subscription-client/package.json @@ -17,5 +17,8 @@ "scripts": { "build": "tsc", "test": "vitest run" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/survey-client/package.json b/packages/survey-client/package.json index 6927ca0d..9951f257 100644 --- a/packages/survey-client/package.json +++ b/packages/survey-client/package.json @@ -17,5 +17,8 @@ "scripts": { "build": "tsc", "test": "vitest run" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/sync/package.json b/packages/sync/package.json index bdadab18..e992ba64 100644 --- a/packages/sync/package.json +++ b/packages/sync/package.json @@ -27,5 +27,8 @@ }, "peerDependencies": { "@bytelyst/api-client": "workspace:*" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/telemetry-client/package.json b/packages/telemetry-client/package.json index cc6fd777..6e1206c1 100644 --- a/packages/telemetry-client/package.json +++ b/packages/telemetry-client/package.json @@ -17,5 +17,8 @@ "scripts": { "build": "tsc", "test": "vitest run" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/testing/package.json b/packages/testing/package.json index fa8a2623..de6ddb25 100644 --- a/packages/testing/package.json +++ b/packages/testing/package.json @@ -30,5 +30,8 @@ "fastify": { "optional": true } + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/time-references/package.json b/packages/time-references/package.json index f2b82862..939236ef 100644 --- a/packages/time-references/package.json +++ b/packages/time-references/package.json @@ -17,5 +17,8 @@ "scripts": { "build": "tsc", "test": "vitest run" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/packages/webhook-dispatch/package.json b/packages/webhook-dispatch/package.json index c9ff5c20..bf71b043 100644 --- a/packages/webhook-dispatch/package.json +++ b/packages/webhook-dispatch/package.json @@ -17,5 +17,8 @@ "scripts": { "build": "tsc", "test": "vitest run" + }, + "publishConfig": { + "registry": "http://localhost:3300/api/packages/bytelyst/npm/" } } diff --git a/scripts/harden-publish-config.sh b/scripts/harden-publish-config.sh new file mode 100755 index 00000000..a8f7760f --- /dev/null +++ b/scripts/harden-publish-config.sh @@ -0,0 +1,72 @@ +#!/usr/bin/env bash +set -euo pipefail + +# ───────────────────────────────────────────────────────────── +# Hardening: Add publishConfig to all @bytelyst/* packages +# to prevent accidental publish to npmjs.org or JFrog +# ───────────────────────────────────────────────────────────── + +REGISTRY="http://localhost:3300/api/packages/bytelyst/npm/" +REPO_ROOT="$(cd "$(dirname "$0")/.." && pwd)" +PACKAGES_DIR="$REPO_ROOT/packages" + +# Skip native SDKs (not published to npm) +SKIP_DIRS="swift-platform-sdk swift-diagnostics kotlin-platform-sdk" + +fixed=0 +skipped=0 +already=0 + +for pkg_json in "$PACKAGES_DIR"/*/package.json; do + dir_name=$(basename "$(dirname "$pkg_json")") + + # Skip native SDKs + if echo "$SKIP_DIRS" | grep -qw "$dir_name"; then + echo "SKIP (native): $dir_name" + ((skipped++)) + continue + fi + + # Check if publishConfig already exists with correct registry + if node -e " + const p = JSON.parse(require('fs').readFileSync('$pkg_json', 'utf8')); + process.exit(p.publishConfig && p.publishConfig.registry === '$REGISTRY' ? 0 : 1); + " 2>/dev/null; then + echo "OK: $dir_name" + ((already++)) + continue + fi + + # Add publishConfig + node -e " + const fs = require('fs'); + const pkg = JSON.parse(fs.readFileSync('$pkg_json', 'utf8')); + pkg.publishConfig = { registry: '$REGISTRY' }; + fs.writeFileSync('$pkg_json', JSON.stringify(pkg, null, 2) + '\n'); + " + echo "FIXED: $dir_name" + ((fixed++)) +done + +# Also fix @actiontrail/sdk +SDK_FILE="/Users/sd9235/code/mygh/learning_ai_trails/sdk/package.json" +if [ -f "$SDK_FILE" ]; then + if ! node -e " + const p = JSON.parse(require('fs').readFileSync('$SDK_FILE', 'utf8')); + process.exit(p.publishConfig && p.publishConfig.registry === '$REGISTRY' ? 0 : 1); + " 2>/dev/null; then + node -e " + const fs = require('fs'); + const pkg = JSON.parse(fs.readFileSync('$SDK_FILE', 'utf8')); + pkg.publishConfig = { registry: '$REGISTRY' }; + fs.writeFileSync('$SDK_FILE', JSON.stringify(pkg, null, 2) + '\n'); + " + echo "FIXED: @actiontrail/sdk" + ((fixed++)) + else + echo "OK: @actiontrail/sdk" + fi +fi + +echo "" +echo "✅ Done: $fixed fixed, $already already ok, $skipped skipped (native)"