[pull] master from microsoft:master#13
Open
pull[bot] wants to merge 22 commits intocaesar-team:masterfrom
Open
[pull] master from microsoft:master#13pull[bot] wants to merge 22 commits intocaesar-team:masterfrom
pull[bot] wants to merge 22 commits intocaesar-team:masterfrom
Conversation
- Added write permissions in gh workflow
* 1ES Pipelines Template Adoption - Switch to 1ES templates * 1ES Pipelines Template Adoption - CreadScan Fix * 1ES Pipelines Template Adoption - CreadScan Fix
- Remove useless lines - New SC for npm - Migrate the pipeline to another pool and org
* Fix CG - Rewrited react samples on vite because of react'scripts contains cve and not maintained * Fix CG - Npm audit fix for webpack samples * Fix CG - Fixed CVE in typed-rest client - Migrated package to use node14+ as mocha is not supported in versions below. - Migrated CI to use Node14+ for tests _ Bumped ts to v5 - Bumped typed-rest-client to new major version 2 - Added .vscode folder in .gitignore * Fix CG - Fixed tests for the new version of the typescript * Fix CG - Replaced crypto package(DES-ECB and MD4 algorythms calls) to a packages as they are become legacy in openssl3 which is used new node * Fix CG - Regenerated package.lock files in samples. * Fix CG - Fixed types in tests - Fixed webpack samples * Fix CG - Bumped supported version * Fix CG - Updated README with new information * Fix CG - Updated README with new information
* Migration to CFS * Add NpmAuthenticate@0 task before the installation task
* Increase timeout for global agent * Add ability to pass global agent options to http client constructor * Update version in test projects --------- Co-authored-by: v-levockina <undefined>
* Update CODEOWNERS * Fixing os name for tests to pass
* update qs package version to 6.14.1 to fix vulnerability * update qs package version to 6.14.1 generated files through scripts
* Switch npm publish to use shared npm-tokens variable group Replace the btt-npm-publish-token service connection with the npm-tokens variable group used by azure-pipelines-tasks-common-packages. This writes a temporary .npmrc with the NPM_TOKEN env var and publishes directly, matching the common-packages publish pattern. Also switches GH_TOKEN to use gh-automation.token from the same group. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Restrict publish to master branch with CI/Manual triggers only Align publish condition with common-packages: only publish when on master and build reason is IndividualCI, BatchedCI, or Manual. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Remove unused publishToNpm parameter Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --------- Co-authored-by: azure-pipelines-bot <azure-pipelines-bot@microsoft.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
The bash publish step fails with EPERM (type: 'system') because: 1. DownloadPipelineArtifact restores files with read-only permissions on 1ES shared-pool Linux agents - npm cannot write temp files. 2. The parent .npmrc (always-auth=true, ADO feed registry) bleeds into the _build/ working directory without NpmAuthenticate@0 in this stage. 3. The default npm cache path may not be writable by the agent user. The Npm@1 task handles all of this internally (cache dirs, temp paths, permissions). The actual auth issue was the service connection, not the task itself. Fix: keep the npm-tokens variable group from #393, but restore Npm@1 for the publish step. A preceding bash step writes .npmrc with the token, registry, and always-auth=false to override the parent config. Npm@1 then publishes using that .npmrc. Co-authored-by: Sanju Yadav <sanjuyadav@microsoft.com>
Co-authored-by: Sanju Yadav <sanjuyadav@microsoft.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
10 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot]
Can you help keep this open source service alive? 💖 Please sponsor : )