chore: setup publish env

[Tecvan-fe]

Summary by CodeRabbit

• Chores

  • Added configuration files that document patch updates for multiple packages.
  • Updated authentication settings to use a secure npm token for publishing.
  • Modified error messages and workflows to reflect the new environment token.

• Tests

  • Adjusted release test cases to validate the use of the updated authentication token across publishing routines.

[coderabbitai]

Walkthrough

This pull request introduces new JSON configuration files under the common/changes directory for several packages to document patch changes for the publishing environment setup. It also updates the authentication variable name from NODE_AUTH_TOKEN to NPM_AUTH_TOKEN in tests and release-related code. Additionally, the npm configuration files in various package directories have been updated to reference NPM_AUTH_TOKEN for registry authentication.

Changes

File(s) Changed	Change Summary
`common/changes/@coze/(api	chat-sdk
infra/rush-x/src/actions/release/__tests__/release.test.ts infra/rush-x/src/actions/release/index.ts infra/rush-x/src/actions/release/release.ts	Updated environment variable references from NODE_AUTH_TOKEN to NPM_AUTH_TOKEN in tests, error handling, and publishing commands.
`packages/(chat-sdk	coze-js

Sequence Diagram(s)

sequenceDiagram
    participant R as Release Action
    participant E as Environment Check
    participant Exec as Execution Command

    R->>E: Retrieve NPM_AUTH_TOKEN
    alt Token exists
        R->>Exec: Run publish command with token
    else Token missing
        R-->>R: Throw "Please set NPM_AUTH_TOKEN" error
    end

Loading

Possibly related PRs

• fix: Resolved a module file path issue that was impacting resource access #168: Addresses a similar JSON configuration update for the @coze/api package, differing in the documented change details.
• fix: Remove type: module from package.json files #165: Involves modifications to the @coze/api package, specifically adjusting package metadata declarations.

Suggested reviewers

• jsongo

Poem

I'm a happy rabbit hopping through code,
New JSON files light our publishing mode.
Tokens renamed, a subtle new sight,
NPM_AUTH_TOKEN makes everything right.
In every branch and config line, I sing—
CodeRabbit thrills as fresh changes spring! 🐰✨

✨ Finishing Touches

• 📝 Generate Docstrings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai plan to trigger planning for file edits and PR creation.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (3)

common/changes/@coze/realtime-api/chore-use-corret-npm-token_2025-03-31-02-42.json (1)

1-11: JSON Configuration for Publish Environment Setup

The JSON file documents the publishing environment setup appropriately by categorizing the change as a patch and including relevant metadata (package name and contributor email). One minor nitpick: the filename uses “corret” which might be intended to be “correct.” If this is an unintentional typo, consider renaming it for clarity and consistency.

infra/rush-x/src/actions/release/__tests__/release.test.ts (2)

66-66: Consider using undefined assignment instead of delete.

The static analysis tool flagged potential performance concerns with the delete operator on process.env.

- delete process.env.NPM_AUTH_TOKEN;
+ process.env.NPM_AUTH_TOKEN = undefined;

🧰 Tools

🪛 Biome (1.9.4)

[error] 66-66: Avoid the delete operator which can impact performance.

Unsafe fix: Use an undefined assignment instead.

(lint/performance/noDelete)

---

250-250: Consider using undefined assignment instead of delete.

Similar to the earlier instance, using undefined assignment is recommended over the delete operator for better performance.

- delete process.env.NPM_AUTH_TOKEN;
+ process.env.NPM_AUTH_TOKEN = undefined;

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 9ba4bc9 and 4925473.

📒 Files selected for processing (11)

• common/changes/@coze/api/chore-use-corret-npm-token_2025-03-31-02-42.json (1 hunks)
• common/changes/@coze/chat-sdk/chore-use-corret-npm-token_2025-03-31-02-42.json (1 hunks)
• common/changes/@coze/realtime-api/chore-use-corret-npm-token_2025-03-31-02-42.json (1 hunks)
• common/changes/@coze/taro-api/chore-use-corret-npm-token_2025-03-31-02-42.json (1 hunks)
• infra/rush-x/src/actions/release/__tests__/release.test.ts (7 hunks)
• infra/rush-x/src/actions/release/index.ts (1 hunks)
• infra/rush-x/src/actions/release/release.ts (1 hunks)
• packages/chat-sdk/.npmrc (1 hunks)
• packages/coze-js/.npmrc (1 hunks)
• packages/coze-taro/.npmrc (1 hunks)
• packages/realtime-api/.npmrc (1 hunks)

🧰 Additional context used

🧬 Code Definitions (1)

infra/rush-x/src/actions/release/__tests__/release.test.ts (1)

infra/rush-x/src/actions/release/release.ts (1)

• releasePackages (57-67)

🪛 Biome (1.9.4)

infra/rush-x/src/actions/release/__tests__/release.test.ts

[error] 66-66: Avoid the delete operator which can impact performance.

Unsafe fix: Use an undefined assignment instead.

(lint/performance/noDelete)

---

[error] 252-253: Avoid the delete operator which can impact performance.

Unsafe fix: Use an undefined assignment instead.

(lint/performance/noDelete)

⏰ Context from checks skipped due to timeout of 90000ms (1)

• GitHub Check: Node.js v20 (ubuntu-latest)

🔇 Additional comments (14)

packages/chat-sdk/.npmrc (1)

1-2: Authentication Token Configuration Update

The new configuration line correctly uses the NPM_AUTH_TOKEN environment variable for npm registry authentication. This change is consistent with the updated publish environment requirements and aligns with similar changes across other packages.

packages/coze-taro/.npmrc (1)

1-2: Consistent Authentication Setup

This file now includes the configuration line using NPM_AUTH_TOKEN for secure npm registry access. The update is in line with the PR objectives and matches the configuration in other packages.

packages/realtime-api/.npmrc (1)

1-2: New .npmrc File for Realtime API

The new .npmrc file for the realtime API package properly configures the authentication token using NPM_AUTH_TOKEN. This ensures that package publishing and installation use the correct token.

packages/coze-js/.npmrc (1)

1-2: NPM Authentication Token Setup

This updated configuration line ensures that the packages/coze-js package uses the NPM_AUTH_TOKEN for npm operations. It mirrors the changes made across other packages, thereby enhancing consistency and security in the publishing setup.

common/changes/@coze/chat-sdk/chore-use-corret-npm-token_2025-03-31-02-42.json (1)

1-11: Package change log entry looks good

This change log entry properly documents a patch update for setting up the publish environment for the @coze/chat-sdk package.

common/changes/@coze/taro-api/chore-use-corret-npm-token_2025-03-31-02-42.json (1)

1-11: Package change log entry looks good

This change log entry properly documents a patch update for setting up the publish environment for the @coze/taro-api package.

common/changes/@coze/api/chore-use-corret-npm-token_2025-03-31-02-42.json (1)

1-11: Package change log entry looks good

This change log entry properly documents a patch update for setting up the publish environment for the @coze/api package.

infra/rush-x/src/actions/release/release.ts (3)

16-16: Updated environment variable name for npm authentication

The change from NODE_AUTH_TOKEN to NPM_AUTH_TOKEN better aligns with npm's standard naming conventions.

---

23-23: Updated command argument to use the renamed auth token variable

This change correctly updates the command argument to use NPM_AUTH_TOKEN instead of NODE_AUTH_TOKEN, maintaining consistency with the environmental variable naming change.

---

16-23:

✅ Verification successful

Verify all references to the auth token have been updated

The environment variable has been updated in this file, but make sure all other references to NODE_AUTH_TOKEN are also updated throughout the codebase.

---

🏁 Script executed:

#!/bin/bash
# Search for any remaining references to NODE_AUTH_TOKEN that might need updating
rg -i "NODE_AUTH_TOKEN" --type=ts --type=js --type=json

Length of output: 55

---

Based on this additional verification, no occurrences of NODE_AUTH_TOKEN were found throughout the codebase. It appears that all references have been correctly updated to use the new variable (NPM_AUTH_TOKEN).

Action Required:

• Verify that any CI/CD configurations or external documentation referencing NODE_AUTH_TOKEN are also updated if applicable.

---

🏁 Script executed:

#!/bin/bash
# Perform a comprehensive search for any instance of NODE_AUTH_TOKEN across the entire repository.
rg -i "NODE_AUTH_TOKEN"

Length of output: 23

---

AUTH TOKEN REFERENCE AUDIT PASSED
The comprehensive search across the repository revealed no instances of NODE_AUTH_TOKEN, confirming that all references have been updated to use NPM_AUTH_TOKEN. Please also double-check any CI/CD configurations or external documentation to ensure they are aligned with this update.

infra/rush-x/src/actions/release/index.ts (1)

24-25: Update to NPM_AUTH_TOKEN improves naming clarity.

The change from NODE_AUTH_TOKEN to NPM_AUTH_TOKEN makes the environment variable name more specific and descriptive, clearly indicating its purpose for npm authentication. This is a good improvement that follows npm conventions and makes the code more self-documenting.

infra/rush-x/src/actions/release/__tests__/release.test.ts (3)

62-62: Environment variable name update is consistent.

The change from NODE_AUTH_TOKEN to NPM_AUTH_TOKEN in the test setup matches the implementation change, ensuring tests remain in sync with the production code.

---

102-102: Environment variable references updated consistently.

All command string assertions have been properly updated to use NPM_AUTH_TOKEN instead of NODE_AUTH_TOKEN, maintaining consistency with the implementation changes.

Also applies to: 108-108, 144-144, 166-166, 189-189, 286-286

---

258-258: Assertion correctly updated for missing token test.

The test for handling missing auth token now correctly checks for NPM_AUTH_TOKEN=undefined in the command string, consistent with the implementation change.