diff --git a/__tests__/authutil.test.ts b/__tests__/authutil.test.ts index d884e23c..d5f6c195 100644 --- a/__tests__/authutil.test.ts +++ b/__tests__/authutil.test.ts @@ -118,27 +118,6 @@ describe('authutil tests', () => { expect(process.env.NODE_AUTH_TOKEN).toEqual('foobar'); }); - it('should not export NODE_AUTH_TOKEN if not set in environment', async () => { - const exportSpy = jest.spyOn(core, 'exportVariable'); - delete process.env.NODE_AUTH_TOKEN; - await auth.configAuthentication('https://registry.npmjs.org/'); - expect(fs.statSync(rcFile)).toBeDefined(); - const rc = readRcFile(rcFile); - expect(rc['registry']).toBe('https://registry.npmjs.org/'); - expect(exportSpy).not.toHaveBeenCalledWith( - 'NODE_AUTH_TOKEN', - expect.anything() - ); - }); - - it('should export NODE_AUTH_TOKEN if set to empty string', async () => { - const exportSpy = jest.spyOn(core, 'exportVariable'); - process.env.NODE_AUTH_TOKEN = ''; - await auth.configAuthentication('https://registry.npmjs.org/'); - expect(fs.statSync(rcFile)).toBeDefined(); - expect(exportSpy).toHaveBeenCalledWith('NODE_AUTH_TOKEN', ''); - }); - it('configAuthentication should overwrite non-scoped with non-scoped', async () => { fs.writeFileSync(rcFile, 'registry=NNN'); await auth.configAuthentication('https://registry.npmjs.org/'); diff --git a/dist/setup/index.js b/dist/setup/index.js index 8a86b779..90d70cfc 100644 --- a/dist/setup/index.js +++ b/dist/setup/index.js @@ -78875,10 +78875,8 @@ function writeRegistryToFile(registryUrl, fileLocation) { newContents += `${authString}${os.EOL}${registryString}`; fs.writeFileSync(fileLocation, newContents); core.exportVariable('NPM_CONFIG_USERCONFIG', fileLocation); - // Only export NODE_AUTH_TOKEN if explicitly provided by user - if (Object.prototype.hasOwnProperty.call(process.env, 'NODE_AUTH_TOKEN')) { - core.exportVariable('NODE_AUTH_TOKEN', process.env.NODE_AUTH_TOKEN); - } + // Export empty node_auth_token if didn't exist so npm doesn't complain about not being able to find it + core.exportVariable('NODE_AUTH_TOKEN', process.env.NODE_AUTH_TOKEN || 'XXXXX-XXXXX-XXXXX-XXXXX'); } diff --git a/docs/advanced-usage.md b/docs/advanced-usage.md index 5f0edfb0..2671a6ad 100644 --- a/docs/advanced-usage.md +++ b/docs/advanced-usage.md @@ -329,51 +329,36 @@ steps: - run: npm test ``` -**Restore-only cache** - -You can restore caches without saving new entries, which helps reduce cache writes and storage usage in read-only cache workflows. +**Restore-Only Cache** ```yaml -steps: -- uses: actions/checkout@v6 -# - uses: pnpm/action-setup@v6 -# with: -# version: 10 - -- name: Setup Node.js - uses: actions/setup-node@v6 - with: - node-version: '24' - -- name: Normalize runner architecture - shell: bash - run: echo "ARCH=$(echo '${{ runner.arch }}' | tr '[:upper:]' '[:lower:]')" >> $GITHUB_ENV - -- name: Output of cache path - id: cachepath - shell: bash - run: echo "path=$(npm config get cache)" >> $GITHUB_OUTPUT - # run: echo "path=$(pnpm store path --silent)" >> $GITHUB_OUTPUT - # For yarn workflow, output of yarn cache dir (v1) or yarn config get cacheFolder (v2+) - # run: echo "path=$(yarn cache dir)" >> $GITHUB_OUTPUT - -- name: Restore Node cache - uses: actions/cache/restore@v5 - with: - path: ${{ steps.cachepath.outputs.path }} - key: node-cache-${{ runner.os }}-${{ env.ARCH }}-npm-${{ hashFiles('**/package-lock.json') }} - # key: node-cache-${{ runner.os }}-${{ env.ARCH }}-yarn-${{ hashFiles('**/yarn.lock') }} - # key: node-cache-${{ runner.os }}-${{ env.ARCH }}-pnpm-${{ hashFiles('**/pnpm-lock.yaml') }} - -- run: npm ci -# - run: yarn install --frozen-lockfile # optional, --immutable -# - run: pnpm install +## In some workflows, you may want to restore a cache without saving it. This can help reduce cache writes and storage usage in workflows that only need to read from cache +jobs: + build: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v6 + # Restore Node.js modules cache (restore-only) + - name: Restore Node modules cache + uses: actions/cache@v5 + id: cache-node-modules + with: + path: ~/.npm + key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} + restore-keys: | + ${{ runner.os }}-node- + # Setup Node.js + - name: Setup Node.js + uses: actions/setup-node@v6 + with: + node-version: '24' + # Install dependencies + - run: npm install ``` -> **Note**: Uncomment the commands relevant to your project's package manager. -> For more details related to cache scenarios, please refer [actions/cache/restore](https://github.com/actions/cache/tree/main/restore#only-restore-cache). +> For more details related to cache scenarios, please refer [Node – npm](https://github.com/actions/cache/blob/main/examples.md#node---npm). -## Multiple operating systems and architectures +## Multiple Operating Systems and Architectures ```yaml jobs: diff --git a/package-lock.json b/package-lock.json index eabbf3fc..28130045 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1553,6 +1553,18 @@ "@jridgewell/sourcemap-codec": "^1.4.14" } }, + "node_modules/@nodable/entities": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/@nodable/entities/-/entities-2.1.0.tgz", + "integrity": "sha512-nyT7T3nbMyBI/lvr6L5TyWbFJAI9FTgVRakNoBqCD+PmID8DzFrrNdLLtHMwMszOtqZa8PAOV24ZqDnQrhQINA==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/nodable" + } + ], + "license": "MIT" + }, "node_modules/@nodelib/fs.scandir": { "version": "2.1.5", "resolved": "https://registry.npmjs.org/@nodelib/fs.scandir/-/fs.scandir-2.1.5.tgz", @@ -3320,9 +3332,9 @@ "license": "MIT" }, "node_modules/fast-xml-builder": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/fast-xml-builder/-/fast-xml-builder-1.1.4.tgz", - "integrity": "sha512-f2jhpN4Eccy0/Uz9csxh3Nu6q4ErKxf0XIsasomfOihuSUa3/xw6w8dnOtCDgEItQFJG8KyXPzQXzcODDrrbOg==", + "version": "1.1.5", + "resolved": "https://registry.npmjs.org/fast-xml-builder/-/fast-xml-builder-1.1.5.tgz", + "integrity": "sha512-4TJn/8FKLeslLAH3dnohXqE3QSoxkhvaMzepOIZytwJXZO69Bfz0HBdDHzOTOon6G59Zrk6VQ2bEiv1t61rfkA==", "funding": [ { "type": "github", @@ -3335,9 +3347,9 @@ } }, "node_modules/fast-xml-parser": { - "version": "5.5.11", - "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-5.5.11.tgz", - "integrity": "sha512-QL0eb0YbSTVWF6tTf1+LEMSgtCEjBYPpnAjoLC8SscESlAjXEIRJ7cHtLG0pLeDFaZLa4VKZLArtA/60ZS7vyA==", + "version": "5.7.1", + "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-5.7.1.tgz", + "integrity": "sha512-8Cc3f8GUGUULg34pBch/KGyPLglS+OFs05deyOlY7fL2MTagYPKrVQNmR1fLF/yJ9PH5ZSTd3YDF6pnmeZU+zA==", "funding": [ { "type": "github", @@ -3346,8 +3358,9 @@ ], "license": "MIT", "dependencies": { - "fast-xml-builder": "^1.1.4", - "path-expression-matcher": "^1.4.0", + "@nodable/entities": "^2.1.0", + "fast-xml-builder": "^1.1.5", + "path-expression-matcher": "^1.5.0", "strnum": "^2.2.3" }, "bin": { @@ -4977,9 +4990,9 @@ } }, "node_modules/path-expression-matcher": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/path-expression-matcher/-/path-expression-matcher-1.4.0.tgz", - "integrity": "sha512-s4DQMxIdhj3jLFWd9LxHOplj4p9yQ4ffMGowFf3cpEgrrJjEhN0V5nxw4Ye1EViAGDoL4/1AeO6qHpqYPOzE4Q==", + "version": "1.5.0", + "resolved": "https://registry.npmjs.org/path-expression-matcher/-/path-expression-matcher-1.5.0.tgz", + "integrity": "sha512-cbrerZV+6rvdQrrD+iGMcZFEiiSrbv9Tfdkvnusy6y0x0GKBXREFg/Y65GhIfm0tnLntThhzCnfKwp1WRjeCyQ==", "funding": [ { "type": "github", diff --git a/src/authutil.ts b/src/authutil.ts index 37d8cfe1..e4b823bd 100644 --- a/src/authutil.ts +++ b/src/authutil.ts @@ -46,8 +46,9 @@ function writeRegistryToFile(registryUrl: string, fileLocation: string) { newContents += `${authString}${os.EOL}${registryString}`; fs.writeFileSync(fileLocation, newContents); core.exportVariable('NPM_CONFIG_USERCONFIG', fileLocation); - // Only export NODE_AUTH_TOKEN if explicitly provided by user - if (Object.prototype.hasOwnProperty.call(process.env, 'NODE_AUTH_TOKEN')) { - core.exportVariable('NODE_AUTH_TOKEN', process.env.NODE_AUTH_TOKEN); - } + // Export empty node_auth_token if didn't exist so npm doesn't complain about not being able to find it + core.exportVariable( + 'NODE_AUTH_TOKEN', + process.env.NODE_AUTH_TOKEN || 'XXXXX-XXXXX-XXXXX-XXXXX' + ); }