Skip to content

fix(deploy-artifact): handle npm audit no-deps skip for GHPR scoped packages#57

Merged
jorisjonkers-dev-agents[bot] merged 1 commit into
mainfrom
fix/npm-audit-no-deps
Jul 10, 2026
Merged

fix(deploy-artifact): handle npm audit no-deps skip for GHPR scoped packages#57
jorisjonkers-dev-agents[bot] merged 1 commit into
mainfrom
fix/npm-audit-no-deps

Conversation

@jorisjonkers-dev-agents

Copy link
Copy Markdown
Contributor

The deploy-artifact run.sh runs npm audit signatures --scope @jorisjonkers-dev. When the installed package is from a private registry (GHPR) and the scope filter matches zero packages in the audit index, npm emits:

found no installed dependencies to audit

The existing code only handled:

found no dependencies to audit that were installed from a supported registry

Both messages are expected skip conditions for GHPR-installed packages. This extends the grep to handle both messages, preventing a false E_NPM_AUDIT_SIGNATURES_FAILED failure for services that have no npm packages of their own (e.g. Kotlin services).

@jorisjonkers-dev-agents jorisjonkers-dev-agents Bot added area: deploy homelab-deploy, deploy-v2, manifests, and rollout flow. component: ci Continuous integration workflow or check behavior. labels Jul 10, 2026
@jorisjonkers-dev-agents jorisjonkers-dev-agents Bot merged commit 5039ff0 into main Jul 10, 2026
5 checks passed
@jorisjonkers-dev-agents jorisjonkers-dev-agents Bot deleted the fix/npm-audit-no-deps branch July 10, 2026 02:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

area: deploy homelab-deploy, deploy-v2, manifests, and rollout flow. component: ci Continuous integration workflow or check behavior.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant