From 486c8e73ad2c5bb0c200c8b598c1402eafb29cd0 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Tue, 6 Jan 2026 00:45:50 +0000
Subject: [PATCH 1/4] Initial plan


From 3e0784db172f65e035d09d59d064c03540ecc8d0 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Tue, 6 Jan 2026 00:49:22 +0000
Subject: [PATCH 2/4] Fix nightly publish workflow to handle missing secrets
 gracefully

Co-authored-by: conjon611 <35982885+conjon611@users.noreply.github.com>
---
 .github/workflows/publish_nightly.yml | 22 +++++++++++++++++++++-
 1 file changed, 21 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/publish_nightly.yml b/.github/workflows/publish_nightly.yml
index e528f9571..37b575085 100644
--- a/.github/workflows/publish_nightly.yml
+++ b/.github/workflows/publish_nightly.yml
@@ -90,6 +90,14 @@ jobs:
       - name: Publish packages
         run: |
           cd typescript
+          
+          # Check if NPM_TOKEN is set before attempting to publish
+          if [ -z "$NODE_AUTH_TOKEN" ]; then
+            echo "Warning: NPM_TOKEN not set, skipping NPM publish"
+            echo "Packages built but not published. Configure NPM_TOKEN secret in the 'npm' environment to enable publishing."
+            exit 0
+          fi
+          
           for pkg in ${{ steps.find-npm-packages.outputs.packages }}; do
             if [ -f "$pkg/package.json" ] && ! grep -q '"private": true' "$pkg/package.json"; then
               cd $pkg && npm publish --tag nightly --provenance --access public
@@ -105,6 +113,9 @@ jobs:
     environment:
       name: pypi
       url: https://pypi.org/p/coinbase-agentkit-langchain
+    permissions:
+      contents: read
+      id-token: write
     steps:
       - uses: actions/checkout@v4
         with:
@@ -172,10 +183,19 @@ jobs:
               cd $pkg
               poetry install --only main
               poetry build
-              poetry publish --username __token__ --password ${{ secrets.PYPI_API_TOKEN }}
+              
+              # Check if PYPI_API_TOKEN is set before attempting to publish
+              if [ -n "$PYPI_TOKEN" ]; then
+                poetry publish --username __token__ --password "$PYPI_TOKEN"
+              else
+                echo "Warning: PYPI_API_TOKEN not set, skipping publish for $pkg"
+                echo "Package built but not published. Configure PYPI_API_TOKEN secret in the 'pypi' environment to enable publishing."
+              fi
               cd - > /dev/null
             fi
           done
+        env:
+          PYPI_TOKEN: ${{ secrets.PYPI_API_TOKEN }}
 
   # create-github-release:
   #   needs: [prepare-nightly, publish-npm-nightly, publish-pypi-nightly]

From 8858c73028546d1a29b083844fbfbfee6123e599 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Tue, 6 Jan 2026 00:50:44 +0000
Subject: [PATCH 3/4] Clarify NODE_AUTH_TOKEN vs NPM_TOKEN in warning message

Co-authored-by: conjon611 <35982885+conjon611@users.noreply.github.com>
---
 .github/workflows/publish_nightly.yml | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/publish_nightly.yml b/.github/workflows/publish_nightly.yml
index 37b575085..1feb47587 100644
--- a/.github/workflows/publish_nightly.yml
+++ b/.github/workflows/publish_nightly.yml
@@ -91,10 +91,11 @@ jobs:
         run: |
           cd typescript
           
-          # Check if NPM_TOKEN is set before attempting to publish
+          # Check if NODE_AUTH_TOKEN is set before attempting to publish
           if [ -z "$NODE_AUTH_TOKEN" ]; then
-            echo "Warning: NPM_TOKEN not set, skipping NPM publish"
+            echo "Warning: NODE_AUTH_TOKEN not set, skipping NPM publish"
             echo "Packages built but not published. Configure NPM_TOKEN secret in the 'npm' environment to enable publishing."
+            echo "Note: The NPM_TOKEN secret is mapped to NODE_AUTH_TOKEN environment variable by GitHub Actions."
             exit 0
           fi
           

From 657617c8349fd4f157a4444c4b9912ac6d92fe4f Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Tue, 6 Jan 2026 00:51:30 +0000
Subject: [PATCH 4/4] Clarify PYPI_API_TOKEN vs PYPI_TOKEN in warning message

Co-authored-by: conjon611 <35982885+conjon611@users.noreply.github.com>
---
 .github/workflows/publish_nightly.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/publish_nightly.yml b/.github/workflows/publish_nightly.yml
index 1feb47587..96ab32970 100644
--- a/.github/workflows/publish_nightly.yml
+++ b/.github/workflows/publish_nightly.yml
@@ -191,6 +191,7 @@ jobs:
               else
                 echo "Warning: PYPI_API_TOKEN not set, skipping publish for $pkg"
                 echo "Package built but not published. Configure PYPI_API_TOKEN secret in the 'pypi' environment to enable publishing."
+                echo "Note: The PYPI_API_TOKEN secret is mapped to PYPI_TOKEN environment variable in this workflow."
               fi
               cd - > /dev/null
             fi