You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@royale.apache.org by Yishay Weiss <yi...@hotmail.com> on 2022/03/29 07:47:42 UTC
NPM Credentials Problem Blocking Release
I’m not sure which email the new password gets sent to. Does it go to private@royale.release.org<ma...@royale.release.org> ?
Also, I see some npm requests to do 2FA which we have ignored. It’s probably best to avoid that if possible to keep the release scriptable.
@OmPrakash Muppirala<ma...@gmail.com>, are you the one who set this up? Can you help out?
Thanks.
[exec] http request PUT https://registry.npmjs.org/-/user/org.couchdb.user:apache-royale-owner
[exec] info attempt registry request try #1 at 10:39:44 AM
[exec] http request PUT https://registry.npmjs.org/@apache-royale%2froyale-js
[exec] http 401 https://registry.npmjs.org/-/user/org.couchdb.user:apache-royale-owner
[exec] WARN notice Please check your email for a one-time password (OTP)
[exec] WARN adduser Incorrect username or password
[exec] WARN adduser You can reset your account by visiting:
[exec] WARN adduser
[exec] WARN adduser https://npmjs.org/forgot
[exec] WARN adduser
[exec] C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51
[exec] throw new Error(error);
[exec] ^
[exec]
[exec] Error: Error: failed to authenticate: A One Time Password (OTP) by email is required. : -/user/org.couchdb.user:apache-royale-owner
[exec] at C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51:14
[exec] at C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14
[exec] at C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16
[exec] at f (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
[exec] at C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10
[exec] at C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12
[exec] at f (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
[exec] at RegClient.<anonymous> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12)
[exec] at Request._callback (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14)
[exec] at Request.self.callback (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22)
[exec] at Request.emit (events.js:315:20)
[exec] at Request.<anonymous> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10)
[exec] at Request.emit (events.js:315:20)
[exec] at IncomingMessage.<anonymous> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12)
[exec] at Object.onceWrapper (events.js:421:28)
[exec] at IncomingMessage.emit (events.js:327:22)
BUILD FAILED
C:\dev\release_royale\releasecandidate.xml:1116: The following error occurred while executing this line:
C:\dev\release_royale\releasecandidate.xml:1400: exec returned: 1
Total time: 7 minutes 26 seconds
Re: NPM Credentials Problem Blocking Release
Posted by Josh Tynjala <jo...@bowlerhat.dev>.
> 0.9.8 • Public • Published 7 months ago
https://www.npmjs.com/package/@apache-royale/royale-js
https://www.npmjs.com/package/@apache-royale/royale-js-swf
--
Josh Tynjala
Bowler Hat LLC <https://bowlerhat.dev>
On Wed, Mar 30, 2022 at 9:57 AM Yishay Weiss <yi...@hotmail.com> wrote:
> > the npm releases
> are still 0.9.8
>
> Where does that show?
>
> From: Yishay Weiss<ma...@hotmail.com>
> Sent: Wednesday, March 30, 2022 7:56 PM
> To: dev@royale.apache.org<ma...@royale.apache.org>
> Subject: RE: NPM Credentials Problem Blocking Release
>
> Thanks for catching that. I thought we were able to push those with the
> one time passwords, but I guess not. I hope I’ll have time over the weekend
> to look at that.
>
> From: Josh Tynjala<ma...@bowlerhat.dev>
> Sent: Wednesday, March 30, 2022 7:18 PM
> To: dev@royale.apache.org<ma...@royale.apache.org>
> Subject: Re: NPM Credentials Problem Blocking Release
>
> Hey Yishay, I see that you posted the announcement, but the npm releases
> are still 0.9.8. What's the status on the npm releases? Were you able to
> make progress?
>
> --
> Josh Tynjala
> Bowler Hat LLC <https://bowlerhat.dev>
>
>
> On Tue, Mar 29, 2022 at 3:36 AM Yishay Weiss <yi...@hotmail.com>
> wrote:
>
> > Ok, looks like we’ve figured it out for now with a temp password. 2FA
> does
> > not seem to be a requirement. We will update the private list with the
> new
> > credentials when that’s ready.
> >
> > From: Piotr Zarzycki<ma...@gmail.com>
> > Sent: Tuesday, March 29, 2022 11:18 AM
> > To: Apache Royale Development<ma...@royale.apache.org>
> > Cc: OmPrakash Muppirala<ma...@gmail.com>
> > Subject: Re: NPM Credentials Problem Blocking Release
> >
> > Yes it goes to private as I see...
> >
> > wt., 29 mar 2022 o 09:47 Yishay Weiss <yi...@hotmail.com>
> napisał(a):
> >
> > > I’m not sure which email the new password gets sent to. Does it go to
> > > private@royale.release.org<ma...@royale.release.org> ?
> > >
> > > Also, I see some npm requests to do 2FA which we have ignored. It’s
> > > probably best to avoid that if possible to keep the release scriptable.
> > >
> > > @OmPrakash Muppirala<ma...@gmail.com>, are you the one who
> > > set this up? Can you help out?
> > >
> > > Thanks.
> > >
> > > [exec] http request PUT
> > > https://registry.npmjs.org/-/user/org.couchdb.user:apache-royale-owner
> > > [exec] info attempt registry request try #1 at 10:39:44 AM
> > > [exec] http request PUT
> > > https://registry.npmjs.org/@apache-royale%2froyale-js
> > > [exec] http 401
> > > https://registry.npmjs.org/-/user/org.couchdb.user:apache-royale-owner
> > > [exec] WARN notice Please check your email for a one-time password
> > > (OTP)
> > > [exec] WARN adduser Incorrect username or password
> > > [exec] WARN adduser You can reset your account by visiting:
> > > [exec] WARN adduser
> > > [exec] WARN adduser https://npmjs.org/forgot
> > > [exec] WARN adduser
> > > [exec]
> > > C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51
> > > [exec] throw new Error(error);
> > > [exec] ^
> > > [exec]
> > > [exec] Error: Error: failed to authenticate: A One Time Password
> > > (OTP) by email is required. :
> -/user/org.couchdb.user:apache-royale-owner
> > > [exec] at
> > > C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51:14
> > > [exec] at
> > >
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14
> > > [exec] at
> > >
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16
> > > [exec] at f
> > >
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
> > > [exec] at
> > >
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10
> > > [exec] at
> > >
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12
> > > [exec] at f
> > >
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
> > > [exec] at RegClient.<anonymous>
> > >
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12)
> > > [exec] at Request._callback
> > >
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14)
> > > [exec] at Request.self.callback
> > >
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22)
> > > [exec] at Request.emit (events.js:315:20)
> > > [exec] at Request.<anonymous>
> > >
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10)
> > > [exec] at Request.emit (events.js:315:20)
> > > [exec] at IncomingMessage.<anonymous>
> > >
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12)
> > > [exec] at Object.onceWrapper (events.js:421:28)
> > > [exec] at IncomingMessage.emit (events.js:327:22)
> > >
> > > BUILD FAILED
> > > C:\dev\release_royale\releasecandidate.xml:1116: The following error
> > > occurred while executing this line:
> > > C:\dev\release_royale\releasecandidate.xml:1400: exec returned: 1
> > >
> > > Total time: 7 minutes 26 seconds
> > >
> > >
> >
> > --
> >
> > Piotr Zarzycki
> >
> >
>
>
RE: NPM Credentials Problem Blocking Release
Posted by Yishay Weiss <yi...@hotmail.com>.
> the npm releases
are still 0.9.8
Where does that show?
From: Yishay Weiss<ma...@hotmail.com>
Sent: Wednesday, March 30, 2022 7:56 PM
To: dev@royale.apache.org<ma...@royale.apache.org>
Subject: RE: NPM Credentials Problem Blocking Release
Thanks for catching that. I thought we were able to push those with the one time passwords, but I guess not. I hope I’ll have time over the weekend to look at that.
From: Josh Tynjala<ma...@bowlerhat.dev>
Sent: Wednesday, March 30, 2022 7:18 PM
To: dev@royale.apache.org<ma...@royale.apache.org>
Subject: Re: NPM Credentials Problem Blocking Release
Hey Yishay, I see that you posted the announcement, but the npm releases
are still 0.9.8. What's the status on the npm releases? Were you able to
make progress?
--
Josh Tynjala
Bowler Hat LLC <https://bowlerhat.dev>
On Tue, Mar 29, 2022 at 3:36 AM Yishay Weiss <yi...@hotmail.com> wrote:
> Ok, looks like we’ve figured it out for now with a temp password. 2FA does
> not seem to be a requirement. We will update the private list with the new
> credentials when that’s ready.
>
> From: Piotr Zarzycki<ma...@gmail.com>
> Sent: Tuesday, March 29, 2022 11:18 AM
> To: Apache Royale Development<ma...@royale.apache.org>
> Cc: OmPrakash Muppirala<ma...@gmail.com>
> Subject: Re: NPM Credentials Problem Blocking Release
>
> Yes it goes to private as I see...
>
> wt., 29 mar 2022 o 09:47 Yishay Weiss <yi...@hotmail.com> napisał(a):
>
> > I’m not sure which email the new password gets sent to. Does it go to
> > private@royale.release.org<ma...@royale.release.org> ?
> >
> > Also, I see some npm requests to do 2FA which we have ignored. It’s
> > probably best to avoid that if possible to keep the release scriptable.
> >
> > @OmPrakash Muppirala<ma...@gmail.com>, are you the one who
> > set this up? Can you help out?
> >
> > Thanks.
> >
> > [exec] http request PUT
> > https://registry.npmjs.org/-/user/org.couchdb.user:apache-royale-owner
> > [exec] info attempt registry request try #1 at 10:39:44 AM
> > [exec] http request PUT
> > https://registry.npmjs.org/@apache-royale%2froyale-js
> > [exec] http 401
> > https://registry.npmjs.org/-/user/org.couchdb.user:apache-royale-owner
> > [exec] WARN notice Please check your email for a one-time password
> > (OTP)
> > [exec] WARN adduser Incorrect username or password
> > [exec] WARN adduser You can reset your account by visiting:
> > [exec] WARN adduser
> > [exec] WARN adduser https://npmjs.org/forgot
> > [exec] WARN adduser
> > [exec]
> > C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51
> > [exec] throw new Error(error);
> > [exec] ^
> > [exec]
> > [exec] Error: Error: failed to authenticate: A One Time Password
> > (OTP) by email is required. : -/user/org.couchdb.user:apache-royale-owner
> > [exec] at
> > C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51:14
> > [exec] at
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14
> > [exec] at
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16
> > [exec] at f
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
> > [exec] at
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10
> > [exec] at
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12
> > [exec] at f
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
> > [exec] at RegClient.<anonymous>
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12)
> > [exec] at Request._callback
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14)
> > [exec] at Request.self.callback
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22)
> > [exec] at Request.emit (events.js:315:20)
> > [exec] at Request.<anonymous>
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10)
> > [exec] at Request.emit (events.js:315:20)
> > [exec] at IncomingMessage.<anonymous>
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12)
> > [exec] at Object.onceWrapper (events.js:421:28)
> > [exec] at IncomingMessage.emit (events.js:327:22)
> >
> > BUILD FAILED
> > C:\dev\release_royale\releasecandidate.xml:1116: The following error
> > occurred while executing this line:
> > C:\dev\release_royale\releasecandidate.xml:1400: exec returned: 1
> >
> > Total time: 7 minutes 26 seconds
> >
> >
>
> --
>
> Piotr Zarzycki
>
>
RE: NPM Credentials Problem Blocking Release
Posted by Yishay Weiss <yi...@hotmail.com>.
Thanks for catching that. I thought we were able to push those with the one time passwords, but I guess not. I hope I’ll have time over the weekend to look at that.
From: Josh Tynjala<ma...@bowlerhat.dev>
Sent: Wednesday, March 30, 2022 7:18 PM
To: dev@royale.apache.org<ma...@royale.apache.org>
Subject: Re: NPM Credentials Problem Blocking Release
Hey Yishay, I see that you posted the announcement, but the npm releases
are still 0.9.8. What's the status on the npm releases? Were you able to
make progress?
--
Josh Tynjala
Bowler Hat LLC <https://bowlerhat.dev>
On Tue, Mar 29, 2022 at 3:36 AM Yishay Weiss <yi...@hotmail.com> wrote:
> Ok, looks like we’ve figured it out for now with a temp password. 2FA does
> not seem to be a requirement. We will update the private list with the new
> credentials when that’s ready.
>
> From: Piotr Zarzycki<ma...@gmail.com>
> Sent: Tuesday, March 29, 2022 11:18 AM
> To: Apache Royale Development<ma...@royale.apache.org>
> Cc: OmPrakash Muppirala<ma...@gmail.com>
> Subject: Re: NPM Credentials Problem Blocking Release
>
> Yes it goes to private as I see...
>
> wt., 29 mar 2022 o 09:47 Yishay Weiss <yi...@hotmail.com> napisał(a):
>
> > I’m not sure which email the new password gets sent to. Does it go to
> > private@royale.release.org<ma...@royale.release.org> ?
> >
> > Also, I see some npm requests to do 2FA which we have ignored. It’s
> > probably best to avoid that if possible to keep the release scriptable.
> >
> > @OmPrakash Muppirala<ma...@gmail.com>, are you the one who
> > set this up? Can you help out?
> >
> > Thanks.
> >
> > [exec] http request PUT
> > https://registry.npmjs.org/-/user/org.couchdb.user:apache-royale-owner
> > [exec] info attempt registry request try #1 at 10:39:44 AM
> > [exec] http request PUT
> > https://registry.npmjs.org/@apache-royale%2froyale-js
> > [exec] http 401
> > https://registry.npmjs.org/-/user/org.couchdb.user:apache-royale-owner
> > [exec] WARN notice Please check your email for a one-time password
> > (OTP)
> > [exec] WARN adduser Incorrect username or password
> > [exec] WARN adduser You can reset your account by visiting:
> > [exec] WARN adduser
> > [exec] WARN adduser https://npmjs.org/forgot
> > [exec] WARN adduser
> > [exec]
> > C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51
> > [exec] throw new Error(error);
> > [exec] ^
> > [exec]
> > [exec] Error: Error: failed to authenticate: A One Time Password
> > (OTP) by email is required. : -/user/org.couchdb.user:apache-royale-owner
> > [exec] at
> > C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51:14
> > [exec] at
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14
> > [exec] at
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16
> > [exec] at f
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
> > [exec] at
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10
> > [exec] at
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12
> > [exec] at f
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
> > [exec] at RegClient.<anonymous>
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12)
> > [exec] at Request._callback
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14)
> > [exec] at Request.self.callback
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22)
> > [exec] at Request.emit (events.js:315:20)
> > [exec] at Request.<anonymous>
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10)
> > [exec] at Request.emit (events.js:315:20)
> > [exec] at IncomingMessage.<anonymous>
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12)
> > [exec] at Object.onceWrapper (events.js:421:28)
> > [exec] at IncomingMessage.emit (events.js:327:22)
> >
> > BUILD FAILED
> > C:\dev\release_royale\releasecandidate.xml:1116: The following error
> > occurred while executing this line:
> > C:\dev\release_royale\releasecandidate.xml:1400: exec returned: 1
> >
> > Total time: 7 minutes 26 seconds
> >
> >
>
> --
>
> Piotr Zarzycki
>
>
Re: NPM Credentials Problem Blocking Release
Posted by Josh Tynjala <jo...@bowlerhat.dev>.
Hey Yishay, I see that you posted the announcement, but the npm releases
are still 0.9.8. What's the status on the npm releases? Were you able to
make progress?
--
Josh Tynjala
Bowler Hat LLC <https://bowlerhat.dev>
On Tue, Mar 29, 2022 at 3:36 AM Yishay Weiss <yi...@hotmail.com> wrote:
> Ok, looks like we’ve figured it out for now with a temp password. 2FA does
> not seem to be a requirement. We will update the private list with the new
> credentials when that’s ready.
>
> From: Piotr Zarzycki<ma...@gmail.com>
> Sent: Tuesday, March 29, 2022 11:18 AM
> To: Apache Royale Development<ma...@royale.apache.org>
> Cc: OmPrakash Muppirala<ma...@gmail.com>
> Subject: Re: NPM Credentials Problem Blocking Release
>
> Yes it goes to private as I see...
>
> wt., 29 mar 2022 o 09:47 Yishay Weiss <yi...@hotmail.com> napisał(a):
>
> > I’m not sure which email the new password gets sent to. Does it go to
> > private@royale.release.org<ma...@royale.release.org> ?
> >
> > Also, I see some npm requests to do 2FA which we have ignored. It’s
> > probably best to avoid that if possible to keep the release scriptable.
> >
> > @OmPrakash Muppirala<ma...@gmail.com>, are you the one who
> > set this up? Can you help out?
> >
> > Thanks.
> >
> > [exec] http request PUT
> > https://registry.npmjs.org/-/user/org.couchdb.user:apache-royale-owner
> > [exec] info attempt registry request try #1 at 10:39:44 AM
> > [exec] http request PUT
> > https://registry.npmjs.org/@apache-royale%2froyale-js
> > [exec] http 401
> > https://registry.npmjs.org/-/user/org.couchdb.user:apache-royale-owner
> > [exec] WARN notice Please check your email for a one-time password
> > (OTP)
> > [exec] WARN adduser Incorrect username or password
> > [exec] WARN adduser You can reset your account by visiting:
> > [exec] WARN adduser
> > [exec] WARN adduser https://npmjs.org/forgot
> > [exec] WARN adduser
> > [exec]
> > C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51
> > [exec] throw new Error(error);
> > [exec] ^
> > [exec]
> > [exec] Error: Error: failed to authenticate: A One Time Password
> > (OTP) by email is required. : -/user/org.couchdb.user:apache-royale-owner
> > [exec] at
> > C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51:14
> > [exec] at
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14
> > [exec] at
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16
> > [exec] at f
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
> > [exec] at
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10
> > [exec] at
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12
> > [exec] at f
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
> > [exec] at RegClient.<anonymous>
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12)
> > [exec] at Request._callback
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14)
> > [exec] at Request.self.callback
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22)
> > [exec] at Request.emit (events.js:315:20)
> > [exec] at Request.<anonymous>
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10)
> > [exec] at Request.emit (events.js:315:20)
> > [exec] at IncomingMessage.<anonymous>
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12)
> > [exec] at Object.onceWrapper (events.js:421:28)
> > [exec] at IncomingMessage.emit (events.js:327:22)
> >
> > BUILD FAILED
> > C:\dev\release_royale\releasecandidate.xml:1116: The following error
> > occurred while executing this line:
> > C:\dev\release_royale\releasecandidate.xml:1400: exec returned: 1
> >
> > Total time: 7 minutes 26 seconds
> >
> >
>
> --
>
> Piotr Zarzycki
>
>
RE: NPM Credentials Problem Blocking Release
Posted by Yishay Weiss <yi...@hotmail.com>.
+1
From: Alex Harui<ma...@adobe.com.INVALID>
Sent: Thursday, March 31, 2022 9:24 AM
To: dev@royale.apache.org<ma...@royale.apache.org>
Cc: OmPrakash Muppirala<ma...@gmail.com>
Subject: Re: NPM Credentials Problem Blocking Release
Each mailing list has an "allow" subscriber list that is different from the regular subscriber list. "allow" can send but can't receive. The syntax can be extracted from the moderator emails. If we get consensus to try it, I'll send the command.
On 3/30/22, 11:17 PM, "Piotr Zarzycki" <pi...@gmail.com> wrote:
I don’t know how to whitelist that email but I will try to figure it out
soon.
On Thu, 31 Mar 2022 at 06:06, Alex Harui <ah...@adobe.com.invalid> wrote:
> Yishay, maybe you can also be a moderator? It might also be possible to
> allow emails from npm without moderation. I don't remember if we tried
> that. It works on the other lists. There might be a restriction on
> private@.
>
> -Alex
>
> On 3/30/22, 7:55 PM, "Yishay Weiss" <yi...@hotmail.com> wrote:
>
> Piotr, being the moderator, is receiving them but it’s hard for me to
> do anything from my side because I can’t login without a OTP.
>
> I’m guessing we need to either create an automation token, or change
> the module settings to not require 2FA [1].
>
> [1] Securely Automating npm publish with the New npm Automation Tokens
> - DEV Community<
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdev.to%2Fbnb%2Fsecurely-automating-npm-publish-with-the-new-npm-automation-tokens-oei&data=04%7C01%7Caharui%40adobe.com%7Cd763bfd46d7c41e8734f08da12dded53%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843042611038186%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=1dvCskjyZZcjaNcu%2B3QzrlFr6u9QNmIHTWMUUei0nds%3D&reserved=0
> >
>
> From: Alex Harui<ma...@adobe.com.INVALID>
> Sent: Tuesday, March 29, 2022 7:05 PM
> To: dev@royale.apache.org<ma...@royale.apache.org>
> Cc: OmPrakash Muppirala<ma...@gmail.com>
> Subject: Re: NPM Credentials Problem Blocking Release
>
> I get some emails from NPM to apache-royale-owner. I can forward them
> to private@royale.a.o if they aren't also going there.
>
> One has the subject: [npm] OTP for logging in to your account:
> apache-royale-owner
> The other: Your npm password reset
>
> -Alex
>
> On 3/29/22, 3:37 AM, "Yishay Weiss" <yi...@hotmail.com> wrote:
>
> Ok, looks like we’ve figured it out for now with a temp password.
> 2FA does not seem to be a requirement. We will update the private list with
> the new credentials when that’s ready.
>
> From: Piotr Zarzycki<ma...@gmail.com>
> Sent: Tuesday, March 29, 2022 11:18 AM
> To: Apache Royale Development<ma...@royale.apache.org>
> Cc: OmPrakash Muppirala<ma...@gmail.com>
> Subject: Re: NPM Credentials Problem Blocking Release
>
> Yes it goes to private as I see...
>
> wt., 29 mar 2022 o 09:47 Yishay Weiss <yi...@hotmail.com>
> napisał(a):
>
> > I’m not sure which email the new password gets sent to. Does it
> go to
> > private@royale.release.org<ma...@royale.release.org> ?
> >
> > Also, I see some npm requests to do 2FA which we have ignored.
> It’s
> > probably best to avoid that if possible to keep the release
> scriptable.
> >
> > @OmPrakash Muppirala<ma...@gmail.com>, are you the
> one who
> > set this up? Can you help out?
> >
> > Thanks.
> >
> > [exec] http request PUT
> >
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7Cd763bfd46d7c41e8734f08da12dded53%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843042611038186%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=e4ksDZx0b1Qf7TANes%2FVzDTTeTz%2FGUjvRY%2FeaBKVFrY%3D&reserved=0
> > [exec] info attempt registry request try #1 at 10:39:44 AM
> > [exec] http request PUT
> >
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F%40apache-royale%252froyale-js&data=04%7C01%7Caharui%40adobe.com%7Cd763bfd46d7c41e8734f08da12dded53%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843042611038186%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=Nl%2F1FxLRwboepOlBdzD1jhvo7cH4KCrOnoXVI5C1UJw%3D&reserved=0
> > [exec] http 401
> >
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7Cd763bfd46d7c41e8734f08da12dded53%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843042611038186%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=e4ksDZx0b1Qf7TANes%2FVzDTTeTz%2FGUjvRY%2FeaBKVFrY%3D&reserved=0
> > [exec] WARN notice Please check your email for a one-time
> password
> > (OTP)
> > [exec] WARN adduser Incorrect username or password
> > [exec] WARN adduser You can reset your account by visiting:
> > [exec] WARN adduser
> > [exec] WARN adduser
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fnpmjs.org%2Fforgot&data=04%7C01%7Caharui%40adobe.com%7Cd763bfd46d7c41e8734f08da12dded53%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843042611038186%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=N9PQce4Szm5O6n8VZn6r6kDuqxVeWsT6WRydxujAlaw%3D&reserved=0
> > [exec] WARN adduser
> > [exec]
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51
> > [exec] throw new Error(error);
> > [exec] ^
> > [exec]
> > [exec] Error: Error: failed to authenticate: A One Time
> Password
> > (OTP) by email is required. :
> -/user/org.couchdb.user:apache-royale-owner
> > [exec] at
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51:14
> > [exec] at
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14
> > [exec] at
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16
> > [exec] at f
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
> > [exec] at
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10
> > [exec] at
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12
> > [exec] at f
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
> > [exec] at RegClient.<anonymous>
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12)
> > [exec] at Request._callback
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14)
> > [exec] at Request.self.callback
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22)
> > [exec] at Request.emit (events.js:315:20)
> > [exec] at Request.<anonymous>
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10)
> > [exec] at Request.emit (events.js:315:20)
> > [exec] at IncomingMessage.<anonymous>
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12)
> > [exec] at Object.onceWrapper (events.js:421:28)
> > [exec] at IncomingMessage.emit (events.js:327:22)
> >
> > BUILD FAILED
> > C:\dev\release_royale\releasecandidate.xml:1116: The following
> error
> > occurred while executing this line:
> > C:\dev\release_royale\releasecandidate.xml:1400: exec returned: 1
> >
> > Total time: 7 minutes 26 seconds
> >
> >
>
> --
>
> Piotr Zarzycki
>
>
>
> --
Piotr Zarzycki
Re: NPM Credentials Problem Blocking Release
Posted by Piotr Zarzycki <pi...@gmail.com>.
Yishay,
I have no idea what he is talking about and how to full fill that request.
I'm trying to make you a moderator of that list. Look into jira comments -
I'm having some problems - once they resolve it I will make you moderator.
wt., 23 maj 2023 o 19:07 Yishay Weiss <yi...@hotmail.com> napisał(a):
> @harbs@in-tools.com <ha...@in-tools.com>, @Piotr Zarzycki
> <pi...@gmail.com>, from what I understand they need [1] the
> return-path header. I think either of you can find that by opening the
> attached eml file you received in a text editor. You can post it in the
> Jira and see if that gets it going.
>
> [1] https://issues.apache.org/jira/browse/INFRA-24625
> ------------------------------
> *From:* Yishay Weiss <yi...@hotmail.com>
> *Sent:* Tuesday, May 23, 2023 7:20 PM
> *To:* dev@royale.apache.org <de...@royale.apache.org>
> *Subject:* Re: NPM Credentials Problem Blocking Release
>
> Thanks, Harbs. We are trying to whiie-list the domain so we don't have to
> rely on moderators to login. Can you try replying to all? One of the
> addresses should have the 'allow' str which theoretically should white-list
> [1]
>
> [1] Mailing list moderation - Apache Infrastructure Website<
> https://infra.apache.org/mailing-list-moderation.html#allowing_posts>
> ________________________________
> From: Harbs <ha...@gmail.com>
> Sent: Tuesday, May 23, 2023 5:24 PM
> To: dev@royale.apache.org <de...@royale.apache.org>
> Subject: Re: NPM Credentials Problem Blocking Release
>
> I sent the code to Yishay via Slack. Does that work?
>
> > On May 23, 2023, at 5:22 PM, Harbs <ha...@gmail.com> wrote:
> >
> > I’m getting the moderation emails with the code. Will that help?
> >
> >> On May 23, 2023, at 5:13 PM, Piotr Zarzycki <pi...@gmail.com>
> wrote:
> >>
> >> Hi Guys,
> >>
> >> I still need to accept one time password which are coming from npm
> >> addresses. We have tried with Yishay white list that email but it didn't
> >> work for some reason. I have raised following issue in INFR [1]
> >>
> >> [1] https://issues.apache.org/jira/browse/INFRA-24625
> >>
> >> Thanks,
> >> Piotr
> >>
> >> sob., 2 kwi 2022 o 09:58 Yishay Weiss <yi...@hotmail.com>
> napisał(a):
> >>
> >>> The non-interactivity happens before ant, in publish.js. I ended up
> doing
> >>> it interactively on the CLI.
> >>>
> >>> Reading their docs [1]it looks like 2FA will be enforced at some
> point, so
> >>> we should aim IMO to work with that. Manually, I just switched the
> settings
> >>> to 2FA and then used my mobile authenticator to provide the OTP (I’ve
> >>> reverted it back to no 2FA). I could not get the automation token
> (which
> >>> I’ve generated) [2] to work.
> >>>
> >>> [1] Enrolling all npm publishers in enhanced login verification and
> next
> >>> steps for two-factor authentication enforcement | The GitHub Blog<
> >>>
> https://github.blog/2021-12-07-enrolling-npm-publishers-enhanced-login-verification-two-factor-authentication-enforcement/
> >>>>
> >>>
> >>> [2] Creating and viewing access tokens | npm Docs (npmjs.com)<
> >>>
> https://docs.npmjs.com/creating-and-viewing-access-tokens#creating-access-tokens
> >>>>
> >>>
> >>>
> >>> From: Alex Harui<mailto:aharui@adobe.com.INVALID
> <ah...@adobe.com.INVALID>>
> >>> Sent: Friday, April 1, 2022 9:04 PM
> >>> To: dev@royale.apache.org<ma...@royale.apache.org>
> >>> Subject: Re: NPM Credentials Problem Blocking Release
> >>>
> >>> Hi Yishay,
> >>>
> >>> All of my Royale stuff is on another old laptop and I won't have
> access to
> >>> it for another 7 days.
> >>>
> >>> It could be that Ant is not running in a mode that allows for a
> prompt. I
> >>> don't remember if we had OTP when publishing in the past.
> >>>
> >>> -Alex
> >>>
> >>> On 4/1/22, 10:51 AM, "Yishay Weiss" <yi...@hotmail.com> wrote:
> >>>
> >>> Thanks, they’re coming through now.
> >>>
> >>> Being new to npm publishing I have not been able to modify the ant
> >>> scripts to make this work. So any help would be appreciated. The script
> >>> fails on adduser [1].
> >>>
> >>> I’ve tried adding an .npmrc file under royale-asjs with
> >>>
> >>> //registry.npmjs.org/:_authToken=<…>
> >>>
> >>> But that didn’t help.
> >>>
> >>> Any ideas?
> >>>
> >>> [1]
> >>> [exec] Publishing to NPM: @apache-royale/royale-js version:
> >>> 0.9.9...
> >>> [exec] info attempt registry request try #1 at 8:37:34 PM
> >>> [exec] http request PUT
> >>> https://registry.npmjs.org/-/user/org.couchdb.user:apache-royale-owner
> >>> [exec] info attempt registry request try #1 at 8:37:35 PM
> >>> [exec] http request PUT
> >>> https://registry.npmjs.org/@apache-royale%2froyale-js
> >>> [exec] http 401
> >>> https://registry.npmjs.org/-/user/org.couchdb.user:apache-royale-owner
> >>> [exec] WARN notice Please use the one-time password (OTP) from
> >>> your authenticator application
> >>> [exec] WARN adduser Incorrect username or password
> >>> [exec] WARN adduser You can reset your account by visiting:
> >>> [exec] WARN adduser
> >>> [exec] WARN adduser
> >>> https://npmjs.org/forgot
> >>> [exec] WARN adduser
> >>> [exec]
> >>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:52
> >>> [exec] throw new Error(error);
> >>> [exec] ^
> >>> [exec]
> >>> [exec] Error: Error: failed to authenticate: Could not
> >>> authenticate apache-royale-owner: bad otp :
> >>> -/user/org.couchdb.user:apache-royale-owner
> >>> [exec] at
> >>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:52:14
> >>> [exec] at
> >>>
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14
> >>> [exec] at
> >>>
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16
> >>> [exec] at f
> >>>
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
> >>> [exec] at
> >>>
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10
> >>> [exec] at
> >>>
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12
> >>> [exec] at f
> >>>
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
> >>> [exec] at RegClient.<anonymous>
> >>>
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12)
> >>> [exec] at Request._callback
> >>>
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14)
> >>> [exec] at Request.self.callback
> >>>
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22)
> >>> [exec] at Request.emit (events.js:315:20)
> >>> [exec] at Request.<anonymous>
> >>>
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10)
> >>> [exec] at Request.emit (events.js:315:20)
> >>> [exec] at IncomingMessage.<anonymous>
> >>>
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12)
> >>> [exec] at Object.onceWrapper (events.js:421:28)
> >>> [exec] at IncomingMessage.emit (events.js:327:22)
> >>>
> >>> BUILD FAILED
> >>> C:\dev\release_royale\releasecandidate.xml:1363: exec returned: 1
> >>>
> >>> From: Alex Harui<mailto:aharui@adobe.com.INVALID
> <ah...@adobe.com.INVALID>>
> >>> Sent: Friday, April 1, 2022 12:25 AM
> >>> To: dev@royale.apache.org<ma...@royale.apache.org>
> >>> Subject: Re: NPM Credentials Problem Blocking Release
> >>>
> >>> Infra says the actual sender is not support@npmjs.com. They have
> >>> implemented a custom solution. Yishay, can you try again?
> >>>
> >>> Thanks,
> >>> -Alex
> >>>
> >>> On 3/31/22, 1:39 PM, "Alex Harui" <ah...@adobe.com.INVALID> wrote:
> >>>
> >>> Yeah, not sure why that didn't work. I'll email infra.
> >>>
> >>> On 3/31/22, 12:53 PM, "Harbs" <ha...@gmail.com> wrote:
> >>>
> >>> I don’t know why it didn’t work.
> >>>
> >>> We should probably ask Infra.
> >>>
> >>>> On Mar 31, 2022, at 10:23 PM, Yishay Weiss <
> >>> yishayjobs@hotmail.com> wrote:
> >>>>
> >>>> I thought Alex fixed it so it doesn’t need you to approve…
> >>> It’s expired and you should see a couple of more such messages.
> >>>>
> >>>> From: Harbs<mailto:harbs.lists@gmail.com <ha...@gmail.com>>
> >>>> Sent: Thursday, March 31, 2022 10:06 PM
> >>>> To: Apache Royale Development<mailto:dev@royale.apache.org
> <de...@royale.apache.org>>
> >>>> Subject: Re: NPM Credentials Problem Blocking Release
> >>>>
> >>>> I approved and should have added it again to the allow list.
> >>>>
> >>>> It came through. If it expired already, try again. Hopefully
> >>> it’ll work...
> >>>>
> >>>>> On Mar 31, 2022, at 10:01 PM, Yishay Weiss <
> >>> yishayjobs@hotmail.com> wrote:
> >>>>>
> >>>>> I just tried logging in, got the OTP sent message, but am
> >>> not seeing it in private.
> >>>>>
> >>>>> From: Alex Harui<mailto:aharui@adobe.com.INVALID
> <ah...@adobe.com.INVALID>>
> >>>>> Sent: Thursday, March 31, 2022 7:44 PM
> >>>>> To: dev@royale.apache.org<ma...@royale.apache.org>
> >>>>> Subject: Re: NPM Credentials Problem Blocking Release
> >>>>>
> >>>>> OK, support@npmjs.com is now on the allow list. Yishay,
> >>> if you try to publish again, in theory the NPM messages will go
> straight to
> >>> private@. Let us know if that isn't happening. I'll try to look for
> >>> moderator messages but they often go to junk and I can't control
> settings
> >>> for my corporate email.
> >>>>>
> >>>>> FWIW, Here's a link to some doc on the EZMLM robot that
> >>> runs ASF mailing lists.
> >>> https://untroubled.org/ezmlm/manual/
> >>>>>
> >>>>> The command I sent was executed by sending an email to
> >>> private-allow-subscribe-support=npmjs.com@royale.apache.org
> >>>>> Any list moderator can send to these sort of email
> >>> addresses and the robot will parse the address and execute a command.
> We
> >>> can subscribe and unsubscribe people, allow them to send and not
> receive,
> >>> get a list of all subscribers and more.
> >>>>>
> >>>>> HTH,
> >>>>> -Alex
> >>>>>
> >>>>> On 3/31/22, 8:44 AM, "Josh Tynjala" <
> >>> joshtynjala@bowlerhat.dev> wrote:
> >>>>>
> >>>>> Do it.
> >>>>>
> >>>>> --
> >>>>> Josh Tynjala
> >>>>> Bowler Hat LLC <
> >>> https://bowlerhat.dev/
> >>>>
> >>>>>
> >>>>>
> >>>>> On Wed, Mar 30, 2022 at 11:24 PM Alex Harui
> >>> <ah...@adobe.com.invalid>
> >>>>> wrote:
> >>>>>
> >>>>>> Each mailing list has an "allow" subscriber list that is
> >>> different from
> >>>>>> the regular subscriber list. "allow" can send but can't
> >>> receive. The
> >>>>>> syntax can be extracted from the moderator emails. If we
> >>> get consensus to
> >>>>>> try it, I'll send the command.
> >>>>>>
> >>>>>> On 3/30/22, 11:17 PM, "Piotr Zarzycki" <
> >>> piotrzarzycki21@gmail.com> wrote:
> >>>>>>
> >>>>>> I don’t know how to whitelist that email but I will try
> >>> to figure it
> >>>>>> out
> >>>>>> soon.
> >>>>>>
> >>>>>> On Thu, 31 Mar 2022 at 06:06, Alex Harui
> >>> <ah...@adobe.com.invalid>
> >>>>>> wrote:
> >>>>>>
> >>>>>>> Yishay, maybe you can also be a moderator? It might also
> >>> be
> >>>>>> possible to
> >>>>>>> allow emails from npm without moderation. I don't
> >>> remember if we
> >>>>>> tried
> >>>>>>> that. It works on the other lists. There might be a
> >>> restriction on
> >>>>>>> private@.
> >>>>>>>
> >>>>>>> -Alex
> >>>>>>>
> >>>>>>> On 3/30/22, 7:55 PM, "Yishay Weiss" <
> >>> yishayjobs@hotmail.com> wrote:
> >>>>>>>
> >>>>>>> Piotr, being the moderator, is receiving them but it’s
> >>> hard for
> >>>>>> me to
> >>>>>>> do anything from my side because I can’t login without a
> >>> OTP.
> >>>>>>>
> >>>>>>> I’m guessing we need to either create an automation
> >>> token, or
> >>>>>> change
> >>>>>>> the module settings to not require 2FA [1].
> >>>>>>>
> >>>>>>> [1] Securely Automating npm publish with the New npm
> >>> Automation
> >>>>>> Tokens
> >>>>>>> - DEV Community<
> >>>>>>>
> >>>>>>
> >>>
> https://dev.to/bnb/securely-automating-npm-publish-with-the-new-npm-automation-tokens-oei
> >>>>>>>>
> >>>>>>>
> >>>>>>> From: Alex Harui<mailto:aharui@adobe.com.INVALID
> <ah...@adobe.com.INVALID>>
> >>>>>>> Sent: Tuesday, March 29, 2022 7:05 PM
> >>>>>>> To: dev@royale.apache.org<ma...@royale.apache.org>
> >>>>>>> Cc: OmPrakash Muppirala<mailto:bigosmallm@gmail.com
> <bi...@gmail.com>>
> >>>>>>> Subject: Re: NPM Credentials Problem Blocking Release
> >>>>>>>
> >>>>>>> I get some emails from NPM to apache-royale-owner. I
> >>> can
> >>>>>> forward them
> >>>>>>> to private@royale.a.o if they aren't also going there.
> >>>>>>>
> >>>>>>> One has the subject: [npm] OTP for logging in to your
> >>> account:
> >>>>>>> apache-royale-owner
> >>>>>>> The other: Your npm password reset
> >>>>>>>
> >>>>>>> -Alex
> >>>>>>>
> >>>>>>> On 3/29/22, 3:37 AM, "Yishay Weiss" <
> >>> yishayjobs@hotmail.com>
> >>>>>> wrote:
> >>>>>>>
> >>>>>>> Ok, looks like we’ve figured it out for now with a
> >>> temp
> >>>>>> password.
> >>>>>>> 2FA does not seem to be a requirement. We will update the
> >>> private
> >>>>>> list with
> >>>>>>> the new credentials when that’s ready.
> >>>>>>>
> >>>>>>> From: Piotr Zarzycki<mailto:
> >>> piotrzarzycki21@gmail.com>
> >>>>>>> Sent: Tuesday, March 29, 2022 11:18 AM
> >>>>>>> To: Apache Royale Development<mailto:
> >>> dev@royale.apache.org>
> >>>>>>> Cc: OmPrakash Muppirala<mailto:bigosmallm@gmail.com
> >>>>
> >>>>>>> Subject: Re: NPM Credentials Problem Blocking
> >>> Release
> >>>>>>>
> >>>>>>> Yes it goes to private as I see...
> >>>>>>>
> >>>>>>> wt., 29 mar 2022 o 09:47 Yishay Weiss <
> >>>>>> yishayjobs@hotmail.com>
> >>>>>>> napisał(a):
> >>>>>>>
> >>>>>>>> I’m not sure which email the new password gets sent to.
> >>>>>> Does it
> >>>>>>> go to
> >>>>>>>> private@royale.release.org<mailto:
> >>>>>> private@royale.release.org> ?
> >>>>>>>>
> >>>>>>>> Also, I see some npm requests to do 2FA which we have
> >>>>>> ignored.
> >>>>>>> It’s
> >>>>>>>> probably best to avoid that if possible to keep the
> >>> release
> >>>>>>> scriptable.
> >>>>>>>>
> >>>>>>>> @OmPrakash Muppirala<mailto:bigosmallm@gmail.com
> <bi...@gmail.com>>, are
> >>>>>> you the
> >>>>>>> one who
> >>>>>>>> set this up? Can you help out?
> >>>>>>>>
> >>>>>>>> Thanks.
> >>>>>>>>
> >>>>>>>> [exec] http request PUT
> >>>>>>>>
> >>>>>>>
> >>>>>>
> >>> https://registry.npmjs.org/-/user/org.couchdb.user:apache-royale-owner
> >>>>>>>> [exec] info attempt registry request try #1 at
> >>>>>> 10:39:44 AM
> >>>>>>>> [exec] http request PUT
> >>>>>>>>
> >>>>>>>
> >>>>>>
> >>> https://registry.npmjs.org/@apache-royale%2froyale-js
> >>>>>>>> [exec] http 401
> >>>>>>>>
> >>>>>>>
> >>>>>>
> >>> https://registry.npmjs.org/-/user/org.couchdb.user:apache-royale-owner
> >>>>>>>> [exec] WARN notice Please check your email for a
> >>>>>> one-time
> >>>>>>> password
> >>>>>>>> (OTP)
> >>>>>>>> [exec] WARN adduser Incorrect username or password
> >>>>>>>> [exec] WARN adduser You can reset your account by
> >>>>>> visiting:
> >>>>>>>> [exec] WARN adduser
> >>>>>>>> [exec] WARN adduser
> >>>>>>>
> >>>>>>
> >>> https://npmjs.org/forgot
> >>>>>>>> [exec] WARN adduser
> >>>>>>>> [exec]
> >>>>>>>>
> >>>>>>>
> >>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51
> >>>>>>>> [exec] throw new Error(error);
> >>>>>>>> [exec] ^
> >>>>>>>> [exec]
> >>>>>>>> [exec] Error: Error: failed to authenticate: A One
> >>>>>> Time
> >>>>>>> Password
> >>>>>>>> (OTP) by email is required. :
> >>>>>>> -/user/org.couchdb.user:apache-royale-owner
> >>>>>>>> [exec] at
> >>>>>>>>
> >>>>>>>
> >>>>>>
> >>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51:14
> >>>>>>>> [exec] at
> >>>>>>>>
> >>>>>>>
> >>>>>>
> >>>
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14
> >>>>>>>> [exec] at
> >>>>>>>>
> >>>>>>>
> >>>>>>
> >>>
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16
> >>>>>>>> [exec] at f
> >>>>>>>>
> >>>>>>>
> >>>>>>
> >>>
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
> >>>>>>>> [exec] at
> >>>>>>>>
> >>>>>>>
> >>>>>>
> >>>
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10
> >>>>>>>> [exec] at
> >>>>>>>>
> >>>>>>>
> >>>>>>
> >>>
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12
> >>>>>>>> [exec] at f
> >>>>>>>>
> >>>>>>>
> >>>>>>
> >>>
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
> >>>>>>>> [exec] at RegClient.<anonymous>
> >>>>>>>>
> >>>>>>>
> >>>>>>
> >>>
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12)
> >>>>>>>> [exec] at Request._callback
> >>>>>>>>
> >>>>>>>
> >>>>>>
> >>>
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14)
> >>>>>>>> [exec] at Request.self.callback
> >>>>>>>>
> >>>>>>>
> >>>>>>
> >>>
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22)
> >>>>>>>> [exec] at Request.emit (events.js:315:20)
> >>>>>>>> [exec] at Request.<anonymous>
> >>>>>>>>
> >>>>>>>
> >>>>>>
> >>>
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10)
> >>>>>>>> [exec] at Request.emit (events.js:315:20)
> >>>>>>>> [exec] at IncomingMessage.<anonymous>
> >>>>>>>>
> >>>>>>>
> >>>>>>
> >>>
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12)
> >>>>>>>> [exec] at Object.onceWrapper (events.js:421:28)
> >>>>>>>> [exec] at IncomingMessage.emit (events.js:327:22)
> >>>>>>>>
> >>>>>>>> BUILD FAILED
> >>>>>>>> C:\dev\release_royale\releasecandidate.xml:1116: The
> >>>>>> following
> >>>>>>> error
> >>>>>>>> occurred while executing this line:
> >>>>>>>> C:\dev\release_royale\releasecandidate.xml:1400: exec
> >>>>>> returned: 1
> >>>>>>>>
> >>>>>>>> Total time: 7 minutes 26 seconds
> >>>>>>>>
> >>>>>>>>
> >>>>>>>
> >>>>>>> --
> >>>>>>>
> >>>>>>> Piotr Zarzycki
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>> --
> >>>>>>
> >>>>>> Piotr Zarzycki
> >>>>>>
> >>>>>>
> >>>>>
> >>>>
> >>>
> >>>
> >>>
> >>>
> >>>
> >>
> >> --
> >>
> >> Piotr Zarzycki
> >
>
>
--
Piotr Zarzycki
Re: NPM Credentials Problem Blocking Release
Posted by Yishay Weiss <yi...@hotmail.com>.
@harbs@in-tools.com<ma...@in-tools.com>, @Piotr Zarzycki<ma...@gmail.com>, from what I understand they need [1] the return-path header. I think either of you can find that by opening the attached eml file you received in a text editor. You can post it in the Jira and see if that gets it going.
[1] https://issues.apache.org/jira/browse/INFRA-24625
________________________________
From: Yishay Weiss <yi...@hotmail.com>
Sent: Tuesday, May 23, 2023 7:20 PM
To: dev@royale.apache.org <de...@royale.apache.org>
Subject: Re: NPM Credentials Problem Blocking Release
Thanks, Harbs. We are trying to whiie-list the domain so we don't have to rely on moderators to login. Can you try replying to all? One of the addresses should have the 'allow' str which theoretically should white-list [1]
[1] Mailing list moderation - Apache Infrastructure Website<https://infra.apache.org/mailing-list-moderation.html#allowing_posts>
________________________________
From: Harbs <ha...@gmail.com>
Sent: Tuesday, May 23, 2023 5:24 PM
To: dev@royale.apache.org <de...@royale.apache.org>
Subject: Re: NPM Credentials Problem Blocking Release
I sent the code to Yishay via Slack. Does that work?
> On May 23, 2023, at 5:22 PM, Harbs <ha...@gmail.com> wrote:
>
> I’m getting the moderation emails with the code. Will that help?
>
>> On May 23, 2023, at 5:13 PM, Piotr Zarzycki <pi...@gmail.com> wrote:
>>
>> Hi Guys,
>>
>> I still need to accept one time password which are coming from npm
>> addresses. We have tried with Yishay white list that email but it didn't
>> work for some reason. I have raised following issue in INFR [1]
>>
>> [1] https://issues.apache.org/jira/browse/INFRA-24625
>>
>> Thanks,
>> Piotr
>>
>> sob., 2 kwi 2022 o 09:58 Yishay Weiss <yi...@hotmail.com> napisał(a):
>>
>>> The non-interactivity happens before ant, in publish.js. I ended up doing
>>> it interactively on the CLI.
>>>
>>> Reading their docs [1]it looks like 2FA will be enforced at some point, so
>>> we should aim IMO to work with that. Manually, I just switched the settings
>>> to 2FA and then used my mobile authenticator to provide the OTP (I’ve
>>> reverted it back to no 2FA). I could not get the automation token (which
>>> I’ve generated) [2] to work.
>>>
>>> [1] Enrolling all npm publishers in enhanced login verification and next
>>> steps for two-factor authentication enforcement | The GitHub Blog<
>>> https://github.blog/2021-12-07-enrolling-npm-publishers-enhanced-login-verification-two-factor-authentication-enforcement/
>>>>
>>>
>>> [2] Creating and viewing access tokens | npm Docs (npmjs.com)<
>>> https://docs.npmjs.com/creating-and-viewing-access-tokens#creating-access-tokens
>>>>
>>>
>>>
>>> From: Alex Harui<ma...@adobe.com.INVALID>
>>> Sent: Friday, April 1, 2022 9:04 PM
>>> To: dev@royale.apache.org<ma...@royale.apache.org>
>>> Subject: Re: NPM Credentials Problem Blocking Release
>>>
>>> Hi Yishay,
>>>
>>> All of my Royale stuff is on another old laptop and I won't have access to
>>> it for another 7 days.
>>>
>>> It could be that Ant is not running in a mode that allows for a prompt. I
>>> don't remember if we had OTP when publishing in the past.
>>>
>>> -Alex
>>>
>>> On 4/1/22, 10:51 AM, "Yishay Weiss" <yi...@hotmail.com> wrote:
>>>
>>> Thanks, they’re coming through now.
>>>
>>> Being new to npm publishing I have not been able to modify the ant
>>> scripts to make this work. So any help would be appreciated. The script
>>> fails on adduser [1].
>>>
>>> I’ve tried adding an .npmrc file under royale-asjs with
>>>
>>> //registry.npmjs.org/:_authToken=<…>
>>>
>>> But that didn’t help.
>>>
>>> Any ideas?
>>>
>>> [1]
>>> [exec] Publishing to NPM: @apache-royale/royale-js version:
>>> 0.9.9...
>>> [exec] info attempt registry request try #1 at 8:37:34 PM
>>> [exec] http request PUT
>>> https://registry.npmjs.org/-/user/org.couchdb.user:apache-royale-owner
>>> [exec] info attempt registry request try #1 at 8:37:35 PM
>>> [exec] http request PUT
>>> https://registry.npmjs.org/@apache-royale%2froyale-js
>>> [exec] http 401
>>> https://registry.npmjs.org/-/user/org.couchdb.user:apache-royale-owner
>>> [exec] WARN notice Please use the one-time password (OTP) from
>>> your authenticator application
>>> [exec] WARN adduser Incorrect username or password
>>> [exec] WARN adduser You can reset your account by visiting:
>>> [exec] WARN adduser
>>> [exec] WARN adduser
>>> https://npmjs.org/forgot
>>> [exec] WARN adduser
>>> [exec]
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:52
>>> [exec] throw new Error(error);
>>> [exec] ^
>>> [exec]
>>> [exec] Error: Error: failed to authenticate: Could not
>>> authenticate apache-royale-owner: bad otp :
>>> -/user/org.couchdb.user:apache-royale-owner
>>> [exec] at
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:52:14
>>> [exec] at
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14
>>> [exec] at
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16
>>> [exec] at f
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
>>> [exec] at
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10
>>> [exec] at
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12
>>> [exec] at f
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
>>> [exec] at RegClient.<anonymous>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12)
>>> [exec] at Request._callback
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14)
>>> [exec] at Request.self.callback
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22)
>>> [exec] at Request.emit (events.js:315:20)
>>> [exec] at Request.<anonymous>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10)
>>> [exec] at Request.emit (events.js:315:20)
>>> [exec] at IncomingMessage.<anonymous>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12)
>>> [exec] at Object.onceWrapper (events.js:421:28)
>>> [exec] at IncomingMessage.emit (events.js:327:22)
>>>
>>> BUILD FAILED
>>> C:\dev\release_royale\releasecandidate.xml:1363: exec returned: 1
>>>
>>> From: Alex Harui<ma...@adobe.com.INVALID>
>>> Sent: Friday, April 1, 2022 12:25 AM
>>> To: dev@royale.apache.org<ma...@royale.apache.org>
>>> Subject: Re: NPM Credentials Problem Blocking Release
>>>
>>> Infra says the actual sender is not support@npmjs.com. They have
>>> implemented a custom solution. Yishay, can you try again?
>>>
>>> Thanks,
>>> -Alex
>>>
>>> On 3/31/22, 1:39 PM, "Alex Harui" <ah...@adobe.com.INVALID> wrote:
>>>
>>> Yeah, not sure why that didn't work. I'll email infra.
>>>
>>> On 3/31/22, 12:53 PM, "Harbs" <ha...@gmail.com> wrote:
>>>
>>> I don’t know why it didn’t work.
>>>
>>> We should probably ask Infra.
>>>
>>>> On Mar 31, 2022, at 10:23 PM, Yishay Weiss <
>>> yishayjobs@hotmail.com> wrote:
>>>>
>>>> I thought Alex fixed it so it doesn’t need you to approve…
>>> It’s expired and you should see a couple of more such messages.
>>>>
>>>> From: Harbs<ma...@gmail.com>
>>>> Sent: Thursday, March 31, 2022 10:06 PM
>>>> To: Apache Royale Development<ma...@royale.apache.org>
>>>> Subject: Re: NPM Credentials Problem Blocking Release
>>>>
>>>> I approved and should have added it again to the allow list.
>>>>
>>>> It came through. If it expired already, try again. Hopefully
>>> it’ll work...
>>>>
>>>>> On Mar 31, 2022, at 10:01 PM, Yishay Weiss <
>>> yishayjobs@hotmail.com> wrote:
>>>>>
>>>>> I just tried logging in, got the OTP sent message, but am
>>> not seeing it in private.
>>>>>
>>>>> From: Alex Harui<ma...@adobe.com.INVALID>
>>>>> Sent: Thursday, March 31, 2022 7:44 PM
>>>>> To: dev@royale.apache.org<ma...@royale.apache.org>
>>>>> Subject: Re: NPM Credentials Problem Blocking Release
>>>>>
>>>>> OK, support@npmjs.com is now on the allow list. Yishay,
>>> if you try to publish again, in theory the NPM messages will go straight to
>>> private@. Let us know if that isn't happening. I'll try to look for
>>> moderator messages but they often go to junk and I can't control settings
>>> for my corporate email.
>>>>>
>>>>> FWIW, Here's a link to some doc on the EZMLM robot that
>>> runs ASF mailing lists.
>>> https://untroubled.org/ezmlm/manual/
>>>>>
>>>>> The command I sent was executed by sending an email to
>>> private-allow-subscribe-support=npmjs.com@royale.apache.org
>>>>> Any list moderator can send to these sort of email
>>> addresses and the robot will parse the address and execute a command. We
>>> can subscribe and unsubscribe people, allow them to send and not receive,
>>> get a list of all subscribers and more.
>>>>>
>>>>> HTH,
>>>>> -Alex
>>>>>
>>>>> On 3/31/22, 8:44 AM, "Josh Tynjala" <
>>> joshtynjala@bowlerhat.dev> wrote:
>>>>>
>>>>> Do it.
>>>>>
>>>>> --
>>>>> Josh Tynjala
>>>>> Bowler Hat LLC <
>>> https://bowlerhat.dev/
>>>>
>>>>>
>>>>>
>>>>> On Wed, Mar 30, 2022 at 11:24 PM Alex Harui
>>> <ah...@adobe.com.invalid>
>>>>> wrote:
>>>>>
>>>>>> Each mailing list has an "allow" subscriber list that is
>>> different from
>>>>>> the regular subscriber list. "allow" can send but can't
>>> receive. The
>>>>>> syntax can be extracted from the moderator emails. If we
>>> get consensus to
>>>>>> try it, I'll send the command.
>>>>>>
>>>>>> On 3/30/22, 11:17 PM, "Piotr Zarzycki" <
>>> piotrzarzycki21@gmail.com> wrote:
>>>>>>
>>>>>> I don’t know how to whitelist that email but I will try
>>> to figure it
>>>>>> out
>>>>>> soon.
>>>>>>
>>>>>> On Thu, 31 Mar 2022 at 06:06, Alex Harui
>>> <ah...@adobe.com.invalid>
>>>>>> wrote:
>>>>>>
>>>>>>> Yishay, maybe you can also be a moderator? It might also
>>> be
>>>>>> possible to
>>>>>>> allow emails from npm without moderation. I don't
>>> remember if we
>>>>>> tried
>>>>>>> that. It works on the other lists. There might be a
>>> restriction on
>>>>>>> private@.
>>>>>>>
>>>>>>> -Alex
>>>>>>>
>>>>>>> On 3/30/22, 7:55 PM, "Yishay Weiss" <
>>> yishayjobs@hotmail.com> wrote:
>>>>>>>
>>>>>>> Piotr, being the moderator, is receiving them but it’s
>>> hard for
>>>>>> me to
>>>>>>> do anything from my side because I can’t login without a
>>> OTP.
>>>>>>>
>>>>>>> I’m guessing we need to either create an automation
>>> token, or
>>>>>> change
>>>>>>> the module settings to not require 2FA [1].
>>>>>>>
>>>>>>> [1] Securely Automating npm publish with the New npm
>>> Automation
>>>>>> Tokens
>>>>>>> - DEV Community<
>>>>>>>
>>>>>>
>>> https://dev.to/bnb/securely-automating-npm-publish-with-the-new-npm-automation-tokens-oei
>>>>>>>>
>>>>>>>
>>>>>>> From: Alex Harui<ma...@adobe.com.INVALID>
>>>>>>> Sent: Tuesday, March 29, 2022 7:05 PM
>>>>>>> To: dev@royale.apache.org<ma...@royale.apache.org>
>>>>>>> Cc: OmPrakash Muppirala<ma...@gmail.com>
>>>>>>> Subject: Re: NPM Credentials Problem Blocking Release
>>>>>>>
>>>>>>> I get some emails from NPM to apache-royale-owner. I
>>> can
>>>>>> forward them
>>>>>>> to private@royale.a.o if they aren't also going there.
>>>>>>>
>>>>>>> One has the subject: [npm] OTP for logging in to your
>>> account:
>>>>>>> apache-royale-owner
>>>>>>> The other: Your npm password reset
>>>>>>>
>>>>>>> -Alex
>>>>>>>
>>>>>>> On 3/29/22, 3:37 AM, "Yishay Weiss" <
>>> yishayjobs@hotmail.com>
>>>>>> wrote:
>>>>>>>
>>>>>>> Ok, looks like we’ve figured it out for now with a
>>> temp
>>>>>> password.
>>>>>>> 2FA does not seem to be a requirement. We will update the
>>> private
>>>>>> list with
>>>>>>> the new credentials when that’s ready.
>>>>>>>
>>>>>>> From: Piotr Zarzycki<mailto:
>>> piotrzarzycki21@gmail.com>
>>>>>>> Sent: Tuesday, March 29, 2022 11:18 AM
>>>>>>> To: Apache Royale Development<mailto:
>>> dev@royale.apache.org>
>>>>>>> Cc: OmPrakash Muppirala<mailto:bigosmallm@gmail.com
>>>>
>>>>>>> Subject: Re: NPM Credentials Problem Blocking
>>> Release
>>>>>>>
>>>>>>> Yes it goes to private as I see...
>>>>>>>
>>>>>>> wt., 29 mar 2022 o 09:47 Yishay Weiss <
>>>>>> yishayjobs@hotmail.com>
>>>>>>> napisał(a):
>>>>>>>
>>>>>>>> I’m not sure which email the new password gets sent to.
>>>>>> Does it
>>>>>>> go to
>>>>>>>> private@royale.release.org<mailto:
>>>>>> private@royale.release.org> ?
>>>>>>>>
>>>>>>>> Also, I see some npm requests to do 2FA which we have
>>>>>> ignored.
>>>>>>> It’s
>>>>>>>> probably best to avoid that if possible to keep the
>>> release
>>>>>>> scriptable.
>>>>>>>>
>>>>>>>> @OmPrakash Muppirala<ma...@gmail.com>, are
>>>>>> you the
>>>>>>> one who
>>>>>>>> set this up? Can you help out?
>>>>>>>>
>>>>>>>> Thanks.
>>>>>>>>
>>>>>>>> [exec] http request PUT
>>>>>>>>
>>>>>>>
>>>>>>
>>> https://registry.npmjs.org/-/user/org.couchdb.user:apache-royale-owner
>>>>>>>> [exec] info attempt registry request try #1 at
>>>>>> 10:39:44 AM
>>>>>>>> [exec] http request PUT
>>>>>>>>
>>>>>>>
>>>>>>
>>> https://registry.npmjs.org/@apache-royale%2froyale-js
>>>>>>>> [exec] http 401
>>>>>>>>
>>>>>>>
>>>>>>
>>> https://registry.npmjs.org/-/user/org.couchdb.user:apache-royale-owner
>>>>>>>> [exec] WARN notice Please check your email for a
>>>>>> one-time
>>>>>>> password
>>>>>>>> (OTP)
>>>>>>>> [exec] WARN adduser Incorrect username or password
>>>>>>>> [exec] WARN adduser You can reset your account by
>>>>>> visiting:
>>>>>>>> [exec] WARN adduser
>>>>>>>> [exec] WARN adduser
>>>>>>>
>>>>>>
>>> https://npmjs.org/forgot
>>>>>>>> [exec] WARN adduser
>>>>>>>> [exec]
>>>>>>>>
>>>>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51
>>>>>>>> [exec] throw new Error(error);
>>>>>>>> [exec] ^
>>>>>>>> [exec]
>>>>>>>> [exec] Error: Error: failed to authenticate: A One
>>>>>> Time
>>>>>>> Password
>>>>>>>> (OTP) by email is required. :
>>>>>>> -/user/org.couchdb.user:apache-royale-owner
>>>>>>>> [exec] at
>>>>>>>>
>>>>>>>
>>>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51:14
>>>>>>>> [exec] at
>>>>>>>>
>>>>>>>
>>>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14
>>>>>>>> [exec] at
>>>>>>>>
>>>>>>>
>>>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16
>>>>>>>> [exec] at f
>>>>>>>>
>>>>>>>
>>>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
>>>>>>>> [exec] at
>>>>>>>>
>>>>>>>
>>>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10
>>>>>>>> [exec] at
>>>>>>>>
>>>>>>>
>>>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12
>>>>>>>> [exec] at f
>>>>>>>>
>>>>>>>
>>>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
>>>>>>>> [exec] at RegClient.<anonymous>
>>>>>>>>
>>>>>>>
>>>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12)
>>>>>>>> [exec] at Request._callback
>>>>>>>>
>>>>>>>
>>>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14)
>>>>>>>> [exec] at Request.self.callback
>>>>>>>>
>>>>>>>
>>>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22)
>>>>>>>> [exec] at Request.emit (events.js:315:20)
>>>>>>>> [exec] at Request.<anonymous>
>>>>>>>>
>>>>>>>
>>>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10)
>>>>>>>> [exec] at Request.emit (events.js:315:20)
>>>>>>>> [exec] at IncomingMessage.<anonymous>
>>>>>>>>
>>>>>>>
>>>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12)
>>>>>>>> [exec] at Object.onceWrapper (events.js:421:28)
>>>>>>>> [exec] at IncomingMessage.emit (events.js:327:22)
>>>>>>>>
>>>>>>>> BUILD FAILED
>>>>>>>> C:\dev\release_royale\releasecandidate.xml:1116: The
>>>>>> following
>>>>>>> error
>>>>>>>> occurred while executing this line:
>>>>>>>> C:\dev\release_royale\releasecandidate.xml:1400: exec
>>>>>> returned: 1
>>>>>>>>
>>>>>>>> Total time: 7 minutes 26 seconds
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>>
>>>>>>> Piotr Zarzycki
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>
>>>>>> Piotr Zarzycki
>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>>
>>>
>>>
>>>
>>
>> --
>>
>> Piotr Zarzycki
>
Re: NPM Credentials Problem Blocking Release
Posted by Yishay Weiss <yi...@hotmail.com>.
Thanks, Harbs. We are trying to whiie-list the domain so we don't have to rely on moderators to login. Can you try replying to all? One of the addresses should have the 'allow' str which theoretically should white-list [1]
[1] Mailing list moderation - Apache Infrastructure Website<https://infra.apache.org/mailing-list-moderation.html#allowing_posts>
________________________________
From: Harbs <ha...@gmail.com>
Sent: Tuesday, May 23, 2023 5:24 PM
To: dev@royale.apache.org <de...@royale.apache.org>
Subject: Re: NPM Credentials Problem Blocking Release
I sent the code to Yishay via Slack. Does that work?
> On May 23, 2023, at 5:22 PM, Harbs <ha...@gmail.com> wrote:
>
> I’m getting the moderation emails with the code. Will that help?
>
>> On May 23, 2023, at 5:13 PM, Piotr Zarzycki <pi...@gmail.com> wrote:
>>
>> Hi Guys,
>>
>> I still need to accept one time password which are coming from npm
>> addresses. We have tried with Yishay white list that email but it didn't
>> work for some reason. I have raised following issue in INFR [1]
>>
>> [1] https://issues.apache.org/jira/browse/INFRA-24625
>>
>> Thanks,
>> Piotr
>>
>> sob., 2 kwi 2022 o 09:58 Yishay Weiss <yi...@hotmail.com> napisał(a):
>>
>>> The non-interactivity happens before ant, in publish.js. I ended up doing
>>> it interactively on the CLI.
>>>
>>> Reading their docs [1]it looks like 2FA will be enforced at some point, so
>>> we should aim IMO to work with that. Manually, I just switched the settings
>>> to 2FA and then used my mobile authenticator to provide the OTP (I’ve
>>> reverted it back to no 2FA). I could not get the automation token (which
>>> I’ve generated) [2] to work.
>>>
>>> [1] Enrolling all npm publishers in enhanced login verification and next
>>> steps for two-factor authentication enforcement | The GitHub Blog<
>>> https://github.blog/2021-12-07-enrolling-npm-publishers-enhanced-login-verification-two-factor-authentication-enforcement/
>>>>
>>>
>>> [2] Creating and viewing access tokens | npm Docs (npmjs.com)<
>>> https://docs.npmjs.com/creating-and-viewing-access-tokens#creating-access-tokens
>>>>
>>>
>>>
>>> From: Alex Harui<ma...@adobe.com.INVALID>
>>> Sent: Friday, April 1, 2022 9:04 PM
>>> To: dev@royale.apache.org<ma...@royale.apache.org>
>>> Subject: Re: NPM Credentials Problem Blocking Release
>>>
>>> Hi Yishay,
>>>
>>> All of my Royale stuff is on another old laptop and I won't have access to
>>> it for another 7 days.
>>>
>>> It could be that Ant is not running in a mode that allows for a prompt. I
>>> don't remember if we had OTP when publishing in the past.
>>>
>>> -Alex
>>>
>>> On 4/1/22, 10:51 AM, "Yishay Weiss" <yi...@hotmail.com> wrote:
>>>
>>> Thanks, they’re coming through now.
>>>
>>> Being new to npm publishing I have not been able to modify the ant
>>> scripts to make this work. So any help would be appreciated. The script
>>> fails on adduser [1].
>>>
>>> I’ve tried adding an .npmrc file under royale-asjs with
>>>
>>> //registry.npmjs.org/:_authToken=<…>
>>>
>>> But that didn’t help.
>>>
>>> Any ideas?
>>>
>>> [1]
>>> [exec] Publishing to NPM: @apache-royale/royale-js version:
>>> 0.9.9...
>>> [exec] info attempt registry request try #1 at 8:37:34 PM
>>> [exec] http request PUT
>>> https://registry.npmjs.org/-/user/org.couchdb.user:apache-royale-owner
>>> [exec] info attempt registry request try #1 at 8:37:35 PM
>>> [exec] http request PUT
>>> https://registry.npmjs.org/@apache-royale%2froyale-js
>>> [exec] http 401
>>> https://registry.npmjs.org/-/user/org.couchdb.user:apache-royale-owner
>>> [exec] WARN notice Please use the one-time password (OTP) from
>>> your authenticator application
>>> [exec] WARN adduser Incorrect username or password
>>> [exec] WARN adduser You can reset your account by visiting:
>>> [exec] WARN adduser
>>> [exec] WARN adduser
>>> https://npmjs.org/forgot
>>> [exec] WARN adduser
>>> [exec]
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:52
>>> [exec] throw new Error(error);
>>> [exec] ^
>>> [exec]
>>> [exec] Error: Error: failed to authenticate: Could not
>>> authenticate apache-royale-owner: bad otp :
>>> -/user/org.couchdb.user:apache-royale-owner
>>> [exec] at
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:52:14
>>> [exec] at
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14
>>> [exec] at
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16
>>> [exec] at f
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
>>> [exec] at
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10
>>> [exec] at
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12
>>> [exec] at f
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
>>> [exec] at RegClient.<anonymous>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12)
>>> [exec] at Request._callback
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14)
>>> [exec] at Request.self.callback
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22)
>>> [exec] at Request.emit (events.js:315:20)
>>> [exec] at Request.<anonymous>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10)
>>> [exec] at Request.emit (events.js:315:20)
>>> [exec] at IncomingMessage.<anonymous>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12)
>>> [exec] at Object.onceWrapper (events.js:421:28)
>>> [exec] at IncomingMessage.emit (events.js:327:22)
>>>
>>> BUILD FAILED
>>> C:\dev\release_royale\releasecandidate.xml:1363: exec returned: 1
>>>
>>> From: Alex Harui<ma...@adobe.com.INVALID>
>>> Sent: Friday, April 1, 2022 12:25 AM
>>> To: dev@royale.apache.org<ma...@royale.apache.org>
>>> Subject: Re: NPM Credentials Problem Blocking Release
>>>
>>> Infra says the actual sender is not support@npmjs.com. They have
>>> implemented a custom solution. Yishay, can you try again?
>>>
>>> Thanks,
>>> -Alex
>>>
>>> On 3/31/22, 1:39 PM, "Alex Harui" <ah...@adobe.com.INVALID> wrote:
>>>
>>> Yeah, not sure why that didn't work. I'll email infra.
>>>
>>> On 3/31/22, 12:53 PM, "Harbs" <ha...@gmail.com> wrote:
>>>
>>> I don’t know why it didn’t work.
>>>
>>> We should probably ask Infra.
>>>
>>>> On Mar 31, 2022, at 10:23 PM, Yishay Weiss <
>>> yishayjobs@hotmail.com> wrote:
>>>>
>>>> I thought Alex fixed it so it doesn’t need you to approve…
>>> It’s expired and you should see a couple of more such messages.
>>>>
>>>> From: Harbs<ma...@gmail.com>
>>>> Sent: Thursday, March 31, 2022 10:06 PM
>>>> To: Apache Royale Development<ma...@royale.apache.org>
>>>> Subject: Re: NPM Credentials Problem Blocking Release
>>>>
>>>> I approved and should have added it again to the allow list.
>>>>
>>>> It came through. If it expired already, try again. Hopefully
>>> it’ll work...
>>>>
>>>>> On Mar 31, 2022, at 10:01 PM, Yishay Weiss <
>>> yishayjobs@hotmail.com> wrote:
>>>>>
>>>>> I just tried logging in, got the OTP sent message, but am
>>> not seeing it in private.
>>>>>
>>>>> From: Alex Harui<ma...@adobe.com.INVALID>
>>>>> Sent: Thursday, March 31, 2022 7:44 PM
>>>>> To: dev@royale.apache.org<ma...@royale.apache.org>
>>>>> Subject: Re: NPM Credentials Problem Blocking Release
>>>>>
>>>>> OK, support@npmjs.com is now on the allow list. Yishay,
>>> if you try to publish again, in theory the NPM messages will go straight to
>>> private@. Let us know if that isn't happening. I'll try to look for
>>> moderator messages but they often go to junk and I can't control settings
>>> for my corporate email.
>>>>>
>>>>> FWIW, Here's a link to some doc on the EZMLM robot that
>>> runs ASF mailing lists.
>>> https://untroubled.org/ezmlm/manual/
>>>>>
>>>>> The command I sent was executed by sending an email to
>>> private-allow-subscribe-support=npmjs.com@royale.apache.org
>>>>> Any list moderator can send to these sort of email
>>> addresses and the robot will parse the address and execute a command. We
>>> can subscribe and unsubscribe people, allow them to send and not receive,
>>> get a list of all subscribers and more.
>>>>>
>>>>> HTH,
>>>>> -Alex
>>>>>
>>>>> On 3/31/22, 8:44 AM, "Josh Tynjala" <
>>> joshtynjala@bowlerhat.dev> wrote:
>>>>>
>>>>> Do it.
>>>>>
>>>>> --
>>>>> Josh Tynjala
>>>>> Bowler Hat LLC <
>>> https://bowlerhat.dev/
>>>>
>>>>>
>>>>>
>>>>> On Wed, Mar 30, 2022 at 11:24 PM Alex Harui
>>> <ah...@adobe.com.invalid>
>>>>> wrote:
>>>>>
>>>>>> Each mailing list has an "allow" subscriber list that is
>>> different from
>>>>>> the regular subscriber list. "allow" can send but can't
>>> receive. The
>>>>>> syntax can be extracted from the moderator emails. If we
>>> get consensus to
>>>>>> try it, I'll send the command.
>>>>>>
>>>>>> On 3/30/22, 11:17 PM, "Piotr Zarzycki" <
>>> piotrzarzycki21@gmail.com> wrote:
>>>>>>
>>>>>> I don’t know how to whitelist that email but I will try
>>> to figure it
>>>>>> out
>>>>>> soon.
>>>>>>
>>>>>> On Thu, 31 Mar 2022 at 06:06, Alex Harui
>>> <ah...@adobe.com.invalid>
>>>>>> wrote:
>>>>>>
>>>>>>> Yishay, maybe you can also be a moderator? It might also
>>> be
>>>>>> possible to
>>>>>>> allow emails from npm without moderation. I don't
>>> remember if we
>>>>>> tried
>>>>>>> that. It works on the other lists. There might be a
>>> restriction on
>>>>>>> private@.
>>>>>>>
>>>>>>> -Alex
>>>>>>>
>>>>>>> On 3/30/22, 7:55 PM, "Yishay Weiss" <
>>> yishayjobs@hotmail.com> wrote:
>>>>>>>
>>>>>>> Piotr, being the moderator, is receiving them but it’s
>>> hard for
>>>>>> me to
>>>>>>> do anything from my side because I can’t login without a
>>> OTP.
>>>>>>>
>>>>>>> I’m guessing we need to either create an automation
>>> token, or
>>>>>> change
>>>>>>> the module settings to not require 2FA [1].
>>>>>>>
>>>>>>> [1] Securely Automating npm publish with the New npm
>>> Automation
>>>>>> Tokens
>>>>>>> - DEV Community<
>>>>>>>
>>>>>>
>>> https://dev.to/bnb/securely-automating-npm-publish-with-the-new-npm-automation-tokens-oei
>>>>>>>>
>>>>>>>
>>>>>>> From: Alex Harui<ma...@adobe.com.INVALID>
>>>>>>> Sent: Tuesday, March 29, 2022 7:05 PM
>>>>>>> To: dev@royale.apache.org<ma...@royale.apache.org>
>>>>>>> Cc: OmPrakash Muppirala<ma...@gmail.com>
>>>>>>> Subject: Re: NPM Credentials Problem Blocking Release
>>>>>>>
>>>>>>> I get some emails from NPM to apache-royale-owner. I
>>> can
>>>>>> forward them
>>>>>>> to private@royale.a.o if they aren't also going there.
>>>>>>>
>>>>>>> One has the subject: [npm] OTP for logging in to your
>>> account:
>>>>>>> apache-royale-owner
>>>>>>> The other: Your npm password reset
>>>>>>>
>>>>>>> -Alex
>>>>>>>
>>>>>>> On 3/29/22, 3:37 AM, "Yishay Weiss" <
>>> yishayjobs@hotmail.com>
>>>>>> wrote:
>>>>>>>
>>>>>>> Ok, looks like we’ve figured it out for now with a
>>> temp
>>>>>> password.
>>>>>>> 2FA does not seem to be a requirement. We will update the
>>> private
>>>>>> list with
>>>>>>> the new credentials when that’s ready.
>>>>>>>
>>>>>>> From: Piotr Zarzycki<mailto:
>>> piotrzarzycki21@gmail.com>
>>>>>>> Sent: Tuesday, March 29, 2022 11:18 AM
>>>>>>> To: Apache Royale Development<mailto:
>>> dev@royale.apache.org>
>>>>>>> Cc: OmPrakash Muppirala<mailto:bigosmallm@gmail.com
>>>>
>>>>>>> Subject: Re: NPM Credentials Problem Blocking
>>> Release
>>>>>>>
>>>>>>> Yes it goes to private as I see...
>>>>>>>
>>>>>>> wt., 29 mar 2022 o 09:47 Yishay Weiss <
>>>>>> yishayjobs@hotmail.com>
>>>>>>> napisał(a):
>>>>>>>
>>>>>>>> I’m not sure which email the new password gets sent to.
>>>>>> Does it
>>>>>>> go to
>>>>>>>> private@royale.release.org<mailto:
>>>>>> private@royale.release.org> ?
>>>>>>>>
>>>>>>>> Also, I see some npm requests to do 2FA which we have
>>>>>> ignored.
>>>>>>> It’s
>>>>>>>> probably best to avoid that if possible to keep the
>>> release
>>>>>>> scriptable.
>>>>>>>>
>>>>>>>> @OmPrakash Muppirala<ma...@gmail.com>, are
>>>>>> you the
>>>>>>> one who
>>>>>>>> set this up? Can you help out?
>>>>>>>>
>>>>>>>> Thanks.
>>>>>>>>
>>>>>>>> [exec] http request PUT
>>>>>>>>
>>>>>>>
>>>>>>
>>> https://registry.npmjs.org/-/user/org.couchdb.user:apache-royale-owner
>>>>>>>> [exec] info attempt registry request try #1 at
>>>>>> 10:39:44 AM
>>>>>>>> [exec] http request PUT
>>>>>>>>
>>>>>>>
>>>>>>
>>> https://registry.npmjs.org/@apache-royale%2froyale-js
>>>>>>>> [exec] http 401
>>>>>>>>
>>>>>>>
>>>>>>
>>> https://registry.npmjs.org/-/user/org.couchdb.user:apache-royale-owner
>>>>>>>> [exec] WARN notice Please check your email for a
>>>>>> one-time
>>>>>>> password
>>>>>>>> (OTP)
>>>>>>>> [exec] WARN adduser Incorrect username or password
>>>>>>>> [exec] WARN adduser You can reset your account by
>>>>>> visiting:
>>>>>>>> [exec] WARN adduser
>>>>>>>> [exec] WARN adduser
>>>>>>>
>>>>>>
>>> https://npmjs.org/forgot
>>>>>>>> [exec] WARN adduser
>>>>>>>> [exec]
>>>>>>>>
>>>>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51
>>>>>>>> [exec] throw new Error(error);
>>>>>>>> [exec] ^
>>>>>>>> [exec]
>>>>>>>> [exec] Error: Error: failed to authenticate: A One
>>>>>> Time
>>>>>>> Password
>>>>>>>> (OTP) by email is required. :
>>>>>>> -/user/org.couchdb.user:apache-royale-owner
>>>>>>>> [exec] at
>>>>>>>>
>>>>>>>
>>>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51:14
>>>>>>>> [exec] at
>>>>>>>>
>>>>>>>
>>>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14
>>>>>>>> [exec] at
>>>>>>>>
>>>>>>>
>>>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16
>>>>>>>> [exec] at f
>>>>>>>>
>>>>>>>
>>>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
>>>>>>>> [exec] at
>>>>>>>>
>>>>>>>
>>>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10
>>>>>>>> [exec] at
>>>>>>>>
>>>>>>>
>>>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12
>>>>>>>> [exec] at f
>>>>>>>>
>>>>>>>
>>>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
>>>>>>>> [exec] at RegClient.<anonymous>
>>>>>>>>
>>>>>>>
>>>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12)
>>>>>>>> [exec] at Request._callback
>>>>>>>>
>>>>>>>
>>>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14)
>>>>>>>> [exec] at Request.self.callback
>>>>>>>>
>>>>>>>
>>>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22)
>>>>>>>> [exec] at Request.emit (events.js:315:20)
>>>>>>>> [exec] at Request.<anonymous>
>>>>>>>>
>>>>>>>
>>>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10)
>>>>>>>> [exec] at Request.emit (events.js:315:20)
>>>>>>>> [exec] at IncomingMessage.<anonymous>
>>>>>>>>
>>>>>>>
>>>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12)
>>>>>>>> [exec] at Object.onceWrapper (events.js:421:28)
>>>>>>>> [exec] at IncomingMessage.emit (events.js:327:22)
>>>>>>>>
>>>>>>>> BUILD FAILED
>>>>>>>> C:\dev\release_royale\releasecandidate.xml:1116: The
>>>>>> following
>>>>>>> error
>>>>>>>> occurred while executing this line:
>>>>>>>> C:\dev\release_royale\releasecandidate.xml:1400: exec
>>>>>> returned: 1
>>>>>>>>
>>>>>>>> Total time: 7 minutes 26 seconds
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>>
>>>>>>> Piotr Zarzycki
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>
>>>>>> Piotr Zarzycki
>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>>
>>>
>>>
>>>
>>
>> --
>>
>> Piotr Zarzycki
>
Re: NPM Credentials Problem Blocking Release
Posted by Harbs <ha...@gmail.com>.
I sent the code to Yishay via Slack. Does that work?
> On May 23, 2023, at 5:22 PM, Harbs <ha...@gmail.com> wrote:
>
> I’m getting the moderation emails with the code. Will that help?
>
>> On May 23, 2023, at 5:13 PM, Piotr Zarzycki <pi...@gmail.com> wrote:
>>
>> Hi Guys,
>>
>> I still need to accept one time password which are coming from npm
>> addresses. We have tried with Yishay white list that email but it didn't
>> work for some reason. I have raised following issue in INFR [1]
>>
>> [1] https://issues.apache.org/jira/browse/INFRA-24625
>>
>> Thanks,
>> Piotr
>>
>> sob., 2 kwi 2022 o 09:58 Yishay Weiss <yi...@hotmail.com> napisał(a):
>>
>>> The non-interactivity happens before ant, in publish.js. I ended up doing
>>> it interactively on the CLI.
>>>
>>> Reading their docs [1]it looks like 2FA will be enforced at some point, so
>>> we should aim IMO to work with that. Manually, I just switched the settings
>>> to 2FA and then used my mobile authenticator to provide the OTP (I’ve
>>> reverted it back to no 2FA). I could not get the automation token (which
>>> I’ve generated) [2] to work.
>>>
>>> [1] Enrolling all npm publishers in enhanced login verification and next
>>> steps for two-factor authentication enforcement | The GitHub Blog<
>>> https://github.blog/2021-12-07-enrolling-npm-publishers-enhanced-login-verification-two-factor-authentication-enforcement/
>>>>
>>>
>>> [2] Creating and viewing access tokens | npm Docs (npmjs.com)<
>>> https://docs.npmjs.com/creating-and-viewing-access-tokens#creating-access-tokens
>>>>
>>>
>>>
>>> From: Alex Harui<ma...@adobe.com.INVALID>
>>> Sent: Friday, April 1, 2022 9:04 PM
>>> To: dev@royale.apache.org<ma...@royale.apache.org>
>>> Subject: Re: NPM Credentials Problem Blocking Release
>>>
>>> Hi Yishay,
>>>
>>> All of my Royale stuff is on another old laptop and I won't have access to
>>> it for another 7 days.
>>>
>>> It could be that Ant is not running in a mode that allows for a prompt. I
>>> don't remember if we had OTP when publishing in the past.
>>>
>>> -Alex
>>>
>>> On 4/1/22, 10:51 AM, "Yishay Weiss" <yi...@hotmail.com> wrote:
>>>
>>> Thanks, they’re coming through now.
>>>
>>> Being new to npm publishing I have not been able to modify the ant
>>> scripts to make this work. So any help would be appreciated. The script
>>> fails on adduser [1].
>>>
>>> I’ve tried adding an .npmrc file under royale-asjs with
>>>
>>> //registry.npmjs.org/:_authToken=<…>
>>>
>>> But that didn’t help.
>>>
>>> Any ideas?
>>>
>>> [1]
>>> [exec] Publishing to NPM: @apache-royale/royale-js version:
>>> 0.9.9...
>>> [exec] info attempt registry request try #1 at 8:37:34 PM
>>> [exec] http request PUT
>>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=qZz1dfVh7b0vEnRtDOolW1fN8RUpKzvQvlYL%2BianIcY%3D&reserved=0
>>> [exec] info attempt registry request try #1 at 8:37:35 PM
>>> [exec] http request PUT
>>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F%40apache-royale%252froyale-js&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=GnR46nQQgvnX%2B%2BilSiYNefzPrz%2FiLC5KZg3o%2Bi%2B5%2B3Q%3D&reserved=0
>>> [exec] http 401
>>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=qZz1dfVh7b0vEnRtDOolW1fN8RUpKzvQvlYL%2BianIcY%3D&reserved=0
>>> [exec] WARN notice Please use the one-time password (OTP) from
>>> your authenticator application
>>> [exec] WARN adduser Incorrect username or password
>>> [exec] WARN adduser You can reset your account by visiting:
>>> [exec] WARN adduser
>>> [exec] WARN adduser
>>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fnpmjs.org%2Fforgot&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=J4%2BiLN%2FedAJiTavC0obA3clNCiL0kl6IOlOar%2FnKqF0%3D&reserved=0
>>> [exec] WARN adduser
>>> [exec]
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:52
>>> [exec] throw new Error(error);
>>> [exec] ^
>>> [exec]
>>> [exec] Error: Error: failed to authenticate: Could not
>>> authenticate apache-royale-owner: bad otp :
>>> -/user/org.couchdb.user:apache-royale-owner
>>> [exec] at
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:52:14
>>> [exec] at
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14
>>> [exec] at
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16
>>> [exec] at f
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
>>> [exec] at
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10
>>> [exec] at
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12
>>> [exec] at f
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
>>> [exec] at RegClient.<anonymous>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12)
>>> [exec] at Request._callback
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14)
>>> [exec] at Request.self.callback
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22)
>>> [exec] at Request.emit (events.js:315:20)
>>> [exec] at Request.<anonymous>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10)
>>> [exec] at Request.emit (events.js:315:20)
>>> [exec] at IncomingMessage.<anonymous>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12)
>>> [exec] at Object.onceWrapper (events.js:421:28)
>>> [exec] at IncomingMessage.emit (events.js:327:22)
>>>
>>> BUILD FAILED
>>> C:\dev\release_royale\releasecandidate.xml:1363: exec returned: 1
>>>
>>> From: Alex Harui<ma...@adobe.com.INVALID>
>>> Sent: Friday, April 1, 2022 12:25 AM
>>> To: dev@royale.apache.org<ma...@royale.apache.org>
>>> Subject: Re: NPM Credentials Problem Blocking Release
>>>
>>> Infra says the actual sender is not support@npmjs.com. They have
>>> implemented a custom solution. Yishay, can you try again?
>>>
>>> Thanks,
>>> -Alex
>>>
>>> On 3/31/22, 1:39 PM, "Alex Harui" <ah...@adobe.com.INVALID> wrote:
>>>
>>> Yeah, not sure why that didn't work. I'll email infra.
>>>
>>> On 3/31/22, 12:53 PM, "Harbs" <ha...@gmail.com> wrote:
>>>
>>> I don’t know why it didn’t work.
>>>
>>> We should probably ask Infra.
>>>
>>>> On Mar 31, 2022, at 10:23 PM, Yishay Weiss <
>>> yishayjobs@hotmail.com> wrote:
>>>>
>>>> I thought Alex fixed it so it doesn’t need you to approve…
>>> It’s expired and you should see a couple of more such messages.
>>>>
>>>> From: Harbs<ma...@gmail.com>
>>>> Sent: Thursday, March 31, 2022 10:06 PM
>>>> To: Apache Royale Development<ma...@royale.apache.org>
>>>> Subject: Re: NPM Credentials Problem Blocking Release
>>>>
>>>> I approved and should have added it again to the allow list.
>>>>
>>>> It came through. If it expired already, try again. Hopefully
>>> it’ll work...
>>>>
>>>>> On Mar 31, 2022, at 10:01 PM, Yishay Weiss <
>>> yishayjobs@hotmail.com> wrote:
>>>>>
>>>>> I just tried logging in, got the OTP sent message, but am
>>> not seeing it in private.
>>>>>
>>>>> From: Alex Harui<ma...@adobe.com.INVALID>
>>>>> Sent: Thursday, March 31, 2022 7:44 PM
>>>>> To: dev@royale.apache.org<ma...@royale.apache.org>
>>>>> Subject: Re: NPM Credentials Problem Blocking Release
>>>>>
>>>>> OK, support@npmjs.com is now on the allow list. Yishay,
>>> if you try to publish again, in theory the NPM messages will go straight to
>>> private@. Let us know if that isn't happening. I'll try to look for
>>> moderator messages but they often go to junk and I can't control settings
>>> for my corporate email.
>>>>>
>>>>> FWIW, Here's a link to some doc on the EZMLM robot that
>>> runs ASF mailing lists.
>>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Funtroubled.org%2Fezmlm%2Fmanual%2F&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=uLzD96tz3sBhkMOvNdyDZ%2Fy7D4FWZmlXNkNMJFEimfI%3D&reserved=0
>>>>>
>>>>> The command I sent was executed by sending an email to
>>> private-allow-subscribe-support=npmjs.com@royale.apache.org
>>>>> Any list moderator can send to these sort of email
>>> addresses and the robot will parse the address and execute a command. We
>>> can subscribe and unsubscribe people, allow them to send and not receive,
>>> get a list of all subscribers and more.
>>>>>
>>>>> HTH,
>>>>> -Alex
>>>>>
>>>>> On 3/31/22, 8:44 AM, "Josh Tynjala" <
>>> joshtynjala@bowlerhat.dev> wrote:
>>>>>
>>>>> Do it.
>>>>>
>>>>> --
>>>>> Josh Tynjala
>>>>> Bowler Hat LLC <
>>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbowlerhat.dev%2F&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=qGYKjnY8ozbWgy89acmDDOkAZ63NmByrnmSW1DLLEXM%3D&reserved=0
>>>>
>>>>>
>>>>>
>>>>> On Wed, Mar 30, 2022 at 11:24 PM Alex Harui
>>> <ah...@adobe.com.invalid>
>>>>> wrote:
>>>>>
>>>>>> Each mailing list has an "allow" subscriber list that is
>>> different from
>>>>>> the regular subscriber list. "allow" can send but can't
>>> receive. The
>>>>>> syntax can be extracted from the moderator emails. If we
>>> get consensus to
>>>>>> try it, I'll send the command.
>>>>>>
>>>>>> On 3/30/22, 11:17 PM, "Piotr Zarzycki" <
>>> piotrzarzycki21@gmail.com> wrote:
>>>>>>
>>>>>> I don’t know how to whitelist that email but I will try
>>> to figure it
>>>>>> out
>>>>>> soon.
>>>>>>
>>>>>> On Thu, 31 Mar 2022 at 06:06, Alex Harui
>>> <ah...@adobe.com.invalid>
>>>>>> wrote:
>>>>>>
>>>>>>> Yishay, maybe you can also be a moderator? It might also
>>> be
>>>>>> possible to
>>>>>>> allow emails from npm without moderation. I don't
>>> remember if we
>>>>>> tried
>>>>>>> that. It works on the other lists. There might be a
>>> restriction on
>>>>>>> private@.
>>>>>>>
>>>>>>> -Alex
>>>>>>>
>>>>>>> On 3/30/22, 7:55 PM, "Yishay Weiss" <
>>> yishayjobs@hotmail.com> wrote:
>>>>>>>
>>>>>>> Piotr, being the moderator, is receiving them but it’s
>>> hard for
>>>>>> me to
>>>>>>> do anything from my side because I can’t login without a
>>> OTP.
>>>>>>>
>>>>>>> I’m guessing we need to either create an automation
>>> token, or
>>>>>> change
>>>>>>> the module settings to not require 2FA [1].
>>>>>>>
>>>>>>> [1] Securely Automating npm publish with the New npm
>>> Automation
>>>>>> Tokens
>>>>>>> - DEV Community<
>>>>>>>
>>>>>>
>>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdev.to%2Fbnb%2Fsecurely-automating-npm-publish-with-the-new-npm-automation-tokens-oei&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=hAsQoFRmUHDC4x6Ch0ZNbJ7rQP%2BCXJ2%2B05BUnR49tS0%3D&reserved=0
>>>>>>>>
>>>>>>>
>>>>>>> From: Alex Harui<ma...@adobe.com.INVALID>
>>>>>>> Sent: Tuesday, March 29, 2022 7:05 PM
>>>>>>> To: dev@royale.apache.org<ma...@royale.apache.org>
>>>>>>> Cc: OmPrakash Muppirala<ma...@gmail.com>
>>>>>>> Subject: Re: NPM Credentials Problem Blocking Release
>>>>>>>
>>>>>>> I get some emails from NPM to apache-royale-owner. I
>>> can
>>>>>> forward them
>>>>>>> to private@royale.a.o if they aren't also going there.
>>>>>>>
>>>>>>> One has the subject: [npm] OTP for logging in to your
>>> account:
>>>>>>> apache-royale-owner
>>>>>>> The other: Your npm password reset
>>>>>>>
>>>>>>> -Alex
>>>>>>>
>>>>>>> On 3/29/22, 3:37 AM, "Yishay Weiss" <
>>> yishayjobs@hotmail.com>
>>>>>> wrote:
>>>>>>>
>>>>>>> Ok, looks like we’ve figured it out for now with a
>>> temp
>>>>>> password.
>>>>>>> 2FA does not seem to be a requirement. We will update the
>>> private
>>>>>> list with
>>>>>>> the new credentials when that’s ready.
>>>>>>>
>>>>>>> From: Piotr Zarzycki<mailto:
>>> piotrzarzycki21@gmail.com>
>>>>>>> Sent: Tuesday, March 29, 2022 11:18 AM
>>>>>>> To: Apache Royale Development<mailto:
>>> dev@royale.apache.org>
>>>>>>> Cc: OmPrakash Muppirala<mailto:bigosmallm@gmail.com
>>>>
>>>>>>> Subject: Re: NPM Credentials Problem Blocking
>>> Release
>>>>>>>
>>>>>>> Yes it goes to private as I see...
>>>>>>>
>>>>>>> wt., 29 mar 2022 o 09:47 Yishay Weiss <
>>>>>> yishayjobs@hotmail.com>
>>>>>>> napisał(a):
>>>>>>>
>>>>>>>> I’m not sure which email the new password gets sent to.
>>>>>> Does it
>>>>>>> go to
>>>>>>>> private@royale.release.org<mailto:
>>>>>> private@royale.release.org> ?
>>>>>>>>
>>>>>>>> Also, I see some npm requests to do 2FA which we have
>>>>>> ignored.
>>>>>>> It’s
>>>>>>>> probably best to avoid that if possible to keep the
>>> release
>>>>>>> scriptable.
>>>>>>>>
>>>>>>>> @OmPrakash Muppirala<ma...@gmail.com>, are
>>>>>> you the
>>>>>>> one who
>>>>>>>> set this up? Can you help out?
>>>>>>>>
>>>>>>>> Thanks.
>>>>>>>>
>>>>>>>> [exec] http request PUT
>>>>>>>>
>>>>>>>
>>>>>>
>>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=qZz1dfVh7b0vEnRtDOolW1fN8RUpKzvQvlYL%2BianIcY%3D&reserved=0
>>>>>>>> [exec] info attempt registry request try #1 at
>>>>>> 10:39:44 AM
>>>>>>>> [exec] http request PUT
>>>>>>>>
>>>>>>>
>>>>>>
>>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F%40apache-royale%252froyale-js&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=GnR46nQQgvnX%2B%2BilSiYNefzPrz%2FiLC5KZg3o%2Bi%2B5%2B3Q%3D&reserved=0
>>>>>>>> [exec] http 401
>>>>>>>>
>>>>>>>
>>>>>>
>>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=qZz1dfVh7b0vEnRtDOolW1fN8RUpKzvQvlYL%2BianIcY%3D&reserved=0
>>>>>>>> [exec] WARN notice Please check your email for a
>>>>>> one-time
>>>>>>> password
>>>>>>>> (OTP)
>>>>>>>> [exec] WARN adduser Incorrect username or password
>>>>>>>> [exec] WARN adduser You can reset your account by
>>>>>> visiting:
>>>>>>>> [exec] WARN adduser
>>>>>>>> [exec] WARN adduser
>>>>>>>
>>>>>>
>>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fnpmjs.org%2Fforgot&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=J4%2BiLN%2FedAJiTavC0obA3clNCiL0kl6IOlOar%2FnKqF0%3D&reserved=0
>>>>>>>> [exec] WARN adduser
>>>>>>>> [exec]
>>>>>>>>
>>>>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51
>>>>>>>> [exec] throw new Error(error);
>>>>>>>> [exec] ^
>>>>>>>> [exec]
>>>>>>>> [exec] Error: Error: failed to authenticate: A One
>>>>>> Time
>>>>>>> Password
>>>>>>>> (OTP) by email is required. :
>>>>>>> -/user/org.couchdb.user:apache-royale-owner
>>>>>>>> [exec] at
>>>>>>>>
>>>>>>>
>>>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51:14
>>>>>>>> [exec] at
>>>>>>>>
>>>>>>>
>>>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14
>>>>>>>> [exec] at
>>>>>>>>
>>>>>>>
>>>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16
>>>>>>>> [exec] at f
>>>>>>>>
>>>>>>>
>>>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
>>>>>>>> [exec] at
>>>>>>>>
>>>>>>>
>>>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10
>>>>>>>> [exec] at
>>>>>>>>
>>>>>>>
>>>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12
>>>>>>>> [exec] at f
>>>>>>>>
>>>>>>>
>>>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
>>>>>>>> [exec] at RegClient.<anonymous>
>>>>>>>>
>>>>>>>
>>>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12)
>>>>>>>> [exec] at Request._callback
>>>>>>>>
>>>>>>>
>>>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14)
>>>>>>>> [exec] at Request.self.callback
>>>>>>>>
>>>>>>>
>>>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22)
>>>>>>>> [exec] at Request.emit (events.js:315:20)
>>>>>>>> [exec] at Request.<anonymous>
>>>>>>>>
>>>>>>>
>>>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10)
>>>>>>>> [exec] at Request.emit (events.js:315:20)
>>>>>>>> [exec] at IncomingMessage.<anonymous>
>>>>>>>>
>>>>>>>
>>>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12)
>>>>>>>> [exec] at Object.onceWrapper (events.js:421:28)
>>>>>>>> [exec] at IncomingMessage.emit (events.js:327:22)
>>>>>>>>
>>>>>>>> BUILD FAILED
>>>>>>>> C:\dev\release_royale\releasecandidate.xml:1116: The
>>>>>> following
>>>>>>> error
>>>>>>>> occurred while executing this line:
>>>>>>>> C:\dev\release_royale\releasecandidate.xml:1400: exec
>>>>>> returned: 1
>>>>>>>>
>>>>>>>> Total time: 7 minutes 26 seconds
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>>
>>>>>>> Piotr Zarzycki
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>
>>>>>> Piotr Zarzycki
>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>>
>>>
>>>
>>>
>>
>> --
>>
>> Piotr Zarzycki
>
Re: NPM Credentials Problem Blocking Release
Posted by Harbs <ha...@gmail.com>.
I’m getting the moderation emails with the code. Will that help?
> On May 23, 2023, at 5:13 PM, Piotr Zarzycki <pi...@gmail.com> wrote:
>
> Hi Guys,
>
> I still need to accept one time password which are coming from npm
> addresses. We have tried with Yishay white list that email but it didn't
> work for some reason. I have raised following issue in INFR [1]
>
> [1] https://issues.apache.org/jira/browse/INFRA-24625
>
> Thanks,
> Piotr
>
> sob., 2 kwi 2022 o 09:58 Yishay Weiss <yi...@hotmail.com> napisał(a):
>
>> The non-interactivity happens before ant, in publish.js. I ended up doing
>> it interactively on the CLI.
>>
>> Reading their docs [1]it looks like 2FA will be enforced at some point, so
>> we should aim IMO to work with that. Manually, I just switched the settings
>> to 2FA and then used my mobile authenticator to provide the OTP (I’ve
>> reverted it back to no 2FA). I could not get the automation token (which
>> I’ve generated) [2] to work.
>>
>> [1] Enrolling all npm publishers in enhanced login verification and next
>> steps for two-factor authentication enforcement | The GitHub Blog<
>> https://github.blog/2021-12-07-enrolling-npm-publishers-enhanced-login-verification-two-factor-authentication-enforcement/
>>>
>>
>> [2] Creating and viewing access tokens | npm Docs (npmjs.com)<
>> https://docs.npmjs.com/creating-and-viewing-access-tokens#creating-access-tokens
>>>
>>
>>
>> From: Alex Harui<ma...@adobe.com.INVALID>
>> Sent: Friday, April 1, 2022 9:04 PM
>> To: dev@royale.apache.org<ma...@royale.apache.org>
>> Subject: Re: NPM Credentials Problem Blocking Release
>>
>> Hi Yishay,
>>
>> All of my Royale stuff is on another old laptop and I won't have access to
>> it for another 7 days.
>>
>> It could be that Ant is not running in a mode that allows for a prompt. I
>> don't remember if we had OTP when publishing in the past.
>>
>> -Alex
>>
>> On 4/1/22, 10:51 AM, "Yishay Weiss" <yi...@hotmail.com> wrote:
>>
>> Thanks, they’re coming through now.
>>
>> Being new to npm publishing I have not been able to modify the ant
>> scripts to make this work. So any help would be appreciated. The script
>> fails on adduser [1].
>>
>> I’ve tried adding an .npmrc file under royale-asjs with
>>
>> //registry.npmjs.org/:_authToken=<…>
>>
>> But that didn’t help.
>>
>> Any ideas?
>>
>> [1]
>> [exec] Publishing to NPM: @apache-royale/royale-js version:
>> 0.9.9...
>> [exec] info attempt registry request try #1 at 8:37:34 PM
>> [exec] http request PUT
>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=qZz1dfVh7b0vEnRtDOolW1fN8RUpKzvQvlYL%2BianIcY%3D&reserved=0
>> [exec] info attempt registry request try #1 at 8:37:35 PM
>> [exec] http request PUT
>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F%40apache-royale%252froyale-js&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=GnR46nQQgvnX%2B%2BilSiYNefzPrz%2FiLC5KZg3o%2Bi%2B5%2B3Q%3D&reserved=0
>> [exec] http 401
>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=qZz1dfVh7b0vEnRtDOolW1fN8RUpKzvQvlYL%2BianIcY%3D&reserved=0
>> [exec] WARN notice Please use the one-time password (OTP) from
>> your authenticator application
>> [exec] WARN adduser Incorrect username or password
>> [exec] WARN adduser You can reset your account by visiting:
>> [exec] WARN adduser
>> [exec] WARN adduser
>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fnpmjs.org%2Fforgot&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=J4%2BiLN%2FedAJiTavC0obA3clNCiL0kl6IOlOar%2FnKqF0%3D&reserved=0
>> [exec] WARN adduser
>> [exec]
>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:52
>> [exec] throw new Error(error);
>> [exec] ^
>> [exec]
>> [exec] Error: Error: failed to authenticate: Could not
>> authenticate apache-royale-owner: bad otp :
>> -/user/org.couchdb.user:apache-royale-owner
>> [exec] at
>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:52:14
>> [exec] at
>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14
>> [exec] at
>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16
>> [exec] at f
>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
>> [exec] at
>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10
>> [exec] at
>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12
>> [exec] at f
>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
>> [exec] at RegClient.<anonymous>
>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12)
>> [exec] at Request._callback
>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14)
>> [exec] at Request.self.callback
>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22)
>> [exec] at Request.emit (events.js:315:20)
>> [exec] at Request.<anonymous>
>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10)
>> [exec] at Request.emit (events.js:315:20)
>> [exec] at IncomingMessage.<anonymous>
>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12)
>> [exec] at Object.onceWrapper (events.js:421:28)
>> [exec] at IncomingMessage.emit (events.js:327:22)
>>
>> BUILD FAILED
>> C:\dev\release_royale\releasecandidate.xml:1363: exec returned: 1
>>
>> From: Alex Harui<ma...@adobe.com.INVALID>
>> Sent: Friday, April 1, 2022 12:25 AM
>> To: dev@royale.apache.org<ma...@royale.apache.org>
>> Subject: Re: NPM Credentials Problem Blocking Release
>>
>> Infra says the actual sender is not support@npmjs.com. They have
>> implemented a custom solution. Yishay, can you try again?
>>
>> Thanks,
>> -Alex
>>
>> On 3/31/22, 1:39 PM, "Alex Harui" <ah...@adobe.com.INVALID> wrote:
>>
>> Yeah, not sure why that didn't work. I'll email infra.
>>
>> On 3/31/22, 12:53 PM, "Harbs" <ha...@gmail.com> wrote:
>>
>> I don’t know why it didn’t work.
>>
>> We should probably ask Infra.
>>
>>> On Mar 31, 2022, at 10:23 PM, Yishay Weiss <
>> yishayjobs@hotmail.com> wrote:
>>>
>>> I thought Alex fixed it so it doesn’t need you to approve…
>> It’s expired and you should see a couple of more such messages.
>>>
>>> From: Harbs<ma...@gmail.com>
>>> Sent: Thursday, March 31, 2022 10:06 PM
>>> To: Apache Royale Development<ma...@royale.apache.org>
>>> Subject: Re: NPM Credentials Problem Blocking Release
>>>
>>> I approved and should have added it again to the allow list.
>>>
>>> It came through. If it expired already, try again. Hopefully
>> it’ll work...
>>>
>>>> On Mar 31, 2022, at 10:01 PM, Yishay Weiss <
>> yishayjobs@hotmail.com> wrote:
>>>>
>>>> I just tried logging in, got the OTP sent message, but am
>> not seeing it in private.
>>>>
>>>> From: Alex Harui<ma...@adobe.com.INVALID>
>>>> Sent: Thursday, March 31, 2022 7:44 PM
>>>> To: dev@royale.apache.org<ma...@royale.apache.org>
>>>> Subject: Re: NPM Credentials Problem Blocking Release
>>>>
>>>> OK, support@npmjs.com is now on the allow list. Yishay,
>> if you try to publish again, in theory the NPM messages will go straight to
>> private@. Let us know if that isn't happening. I'll try to look for
>> moderator messages but they often go to junk and I can't control settings
>> for my corporate email.
>>>>
>>>> FWIW, Here's a link to some doc on the EZMLM robot that
>> runs ASF mailing lists.
>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Funtroubled.org%2Fezmlm%2Fmanual%2F&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=uLzD96tz3sBhkMOvNdyDZ%2Fy7D4FWZmlXNkNMJFEimfI%3D&reserved=0
>>>>
>>>> The command I sent was executed by sending an email to
>> private-allow-subscribe-support=npmjs.com@royale.apache.org
>>>> Any list moderator can send to these sort of email
>> addresses and the robot will parse the address and execute a command. We
>> can subscribe and unsubscribe people, allow them to send and not receive,
>> get a list of all subscribers and more.
>>>>
>>>> HTH,
>>>> -Alex
>>>>
>>>> On 3/31/22, 8:44 AM, "Josh Tynjala" <
>> joshtynjala@bowlerhat.dev> wrote:
>>>>
>>>> Do it.
>>>>
>>>> --
>>>> Josh Tynjala
>>>> Bowler Hat LLC <
>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbowlerhat.dev%2F&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=qGYKjnY8ozbWgy89acmDDOkAZ63NmByrnmSW1DLLEXM%3D&reserved=0
>>>
>>>>
>>>>
>>>> On Wed, Mar 30, 2022 at 11:24 PM Alex Harui
>> <ah...@adobe.com.invalid>
>>>> wrote:
>>>>
>>>>> Each mailing list has an "allow" subscriber list that is
>> different from
>>>>> the regular subscriber list. "allow" can send but can't
>> receive. The
>>>>> syntax can be extracted from the moderator emails. If we
>> get consensus to
>>>>> try it, I'll send the command.
>>>>>
>>>>> On 3/30/22, 11:17 PM, "Piotr Zarzycki" <
>> piotrzarzycki21@gmail.com> wrote:
>>>>>
>>>>> I don’t know how to whitelist that email but I will try
>> to figure it
>>>>> out
>>>>> soon.
>>>>>
>>>>> On Thu, 31 Mar 2022 at 06:06, Alex Harui
>> <ah...@adobe.com.invalid>
>>>>> wrote:
>>>>>
>>>>>> Yishay, maybe you can also be a moderator? It might also
>> be
>>>>> possible to
>>>>>> allow emails from npm without moderation. I don't
>> remember if we
>>>>> tried
>>>>>> that. It works on the other lists. There might be a
>> restriction on
>>>>>> private@.
>>>>>>
>>>>>> -Alex
>>>>>>
>>>>>> On 3/30/22, 7:55 PM, "Yishay Weiss" <
>> yishayjobs@hotmail.com> wrote:
>>>>>>
>>>>>> Piotr, being the moderator, is receiving them but it’s
>> hard for
>>>>> me to
>>>>>> do anything from my side because I can’t login without a
>> OTP.
>>>>>>
>>>>>> I’m guessing we need to either create an automation
>> token, or
>>>>> change
>>>>>> the module settings to not require 2FA [1].
>>>>>>
>>>>>> [1] Securely Automating npm publish with the New npm
>> Automation
>>>>> Tokens
>>>>>> - DEV Community<
>>>>>>
>>>>>
>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdev.to%2Fbnb%2Fsecurely-automating-npm-publish-with-the-new-npm-automation-tokens-oei&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=hAsQoFRmUHDC4x6Ch0ZNbJ7rQP%2BCXJ2%2B05BUnR49tS0%3D&reserved=0
>>>>>>>
>>>>>>
>>>>>> From: Alex Harui<ma...@adobe.com.INVALID>
>>>>>> Sent: Tuesday, March 29, 2022 7:05 PM
>>>>>> To: dev@royale.apache.org<ma...@royale.apache.org>
>>>>>> Cc: OmPrakash Muppirala<ma...@gmail.com>
>>>>>> Subject: Re: NPM Credentials Problem Blocking Release
>>>>>>
>>>>>> I get some emails from NPM to apache-royale-owner. I
>> can
>>>>> forward them
>>>>>> to private@royale.a.o if they aren't also going there.
>>>>>>
>>>>>> One has the subject: [npm] OTP for logging in to your
>> account:
>>>>>> apache-royale-owner
>>>>>> The other: Your npm password reset
>>>>>>
>>>>>> -Alex
>>>>>>
>>>>>> On 3/29/22, 3:37 AM, "Yishay Weiss" <
>> yishayjobs@hotmail.com>
>>>>> wrote:
>>>>>>
>>>>>> Ok, looks like we’ve figured it out for now with a
>> temp
>>>>> password.
>>>>>> 2FA does not seem to be a requirement. We will update the
>> private
>>>>> list with
>>>>>> the new credentials when that’s ready.
>>>>>>
>>>>>> From: Piotr Zarzycki<mailto:
>> piotrzarzycki21@gmail.com>
>>>>>> Sent: Tuesday, March 29, 2022 11:18 AM
>>>>>> To: Apache Royale Development<mailto:
>> dev@royale.apache.org>
>>>>>> Cc: OmPrakash Muppirala<mailto:bigosmallm@gmail.com
>>>
>>>>>> Subject: Re: NPM Credentials Problem Blocking
>> Release
>>>>>>
>>>>>> Yes it goes to private as I see...
>>>>>>
>>>>>> wt., 29 mar 2022 o 09:47 Yishay Weiss <
>>>>> yishayjobs@hotmail.com>
>>>>>> napisał(a):
>>>>>>
>>>>>>> I’m not sure which email the new password gets sent to.
>>>>> Does it
>>>>>> go to
>>>>>>> private@royale.release.org<mailto:
>>>>> private@royale.release.org> ?
>>>>>>>
>>>>>>> Also, I see some npm requests to do 2FA which we have
>>>>> ignored.
>>>>>> It’s
>>>>>>> probably best to avoid that if possible to keep the
>> release
>>>>>> scriptable.
>>>>>>>
>>>>>>> @OmPrakash Muppirala<ma...@gmail.com>, are
>>>>> you the
>>>>>> one who
>>>>>>> set this up? Can you help out?
>>>>>>>
>>>>>>> Thanks.
>>>>>>>
>>>>>>> [exec] http request PUT
>>>>>>>
>>>>>>
>>>>>
>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=qZz1dfVh7b0vEnRtDOolW1fN8RUpKzvQvlYL%2BianIcY%3D&reserved=0
>>>>>>> [exec] info attempt registry request try #1 at
>>>>> 10:39:44 AM
>>>>>>> [exec] http request PUT
>>>>>>>
>>>>>>
>>>>>
>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F%40apache-royale%252froyale-js&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=GnR46nQQgvnX%2B%2BilSiYNefzPrz%2FiLC5KZg3o%2Bi%2B5%2B3Q%3D&reserved=0
>>>>>>> [exec] http 401
>>>>>>>
>>>>>>
>>>>>
>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=qZz1dfVh7b0vEnRtDOolW1fN8RUpKzvQvlYL%2BianIcY%3D&reserved=0
>>>>>>> [exec] WARN notice Please check your email for a
>>>>> one-time
>>>>>> password
>>>>>>> (OTP)
>>>>>>> [exec] WARN adduser Incorrect username or password
>>>>>>> [exec] WARN adduser You can reset your account by
>>>>> visiting:
>>>>>>> [exec] WARN adduser
>>>>>>> [exec] WARN adduser
>>>>>>
>>>>>
>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fnpmjs.org%2Fforgot&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=J4%2BiLN%2FedAJiTavC0obA3clNCiL0kl6IOlOar%2FnKqF0%3D&reserved=0
>>>>>>> [exec] WARN adduser
>>>>>>> [exec]
>>>>>>>
>>>>>>
>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51
>>>>>>> [exec] throw new Error(error);
>>>>>>> [exec] ^
>>>>>>> [exec]
>>>>>>> [exec] Error: Error: failed to authenticate: A One
>>>>> Time
>>>>>> Password
>>>>>>> (OTP) by email is required. :
>>>>>> -/user/org.couchdb.user:apache-royale-owner
>>>>>>> [exec] at
>>>>>>>
>>>>>>
>>>>>
>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51:14
>>>>>>> [exec] at
>>>>>>>
>>>>>>
>>>>>
>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14
>>>>>>> [exec] at
>>>>>>>
>>>>>>
>>>>>
>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16
>>>>>>> [exec] at f
>>>>>>>
>>>>>>
>>>>>
>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
>>>>>>> [exec] at
>>>>>>>
>>>>>>
>>>>>
>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10
>>>>>>> [exec] at
>>>>>>>
>>>>>>
>>>>>
>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12
>>>>>>> [exec] at f
>>>>>>>
>>>>>>
>>>>>
>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
>>>>>>> [exec] at RegClient.<anonymous>
>>>>>>>
>>>>>>
>>>>>
>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12)
>>>>>>> [exec] at Request._callback
>>>>>>>
>>>>>>
>>>>>
>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14)
>>>>>>> [exec] at Request.self.callback
>>>>>>>
>>>>>>
>>>>>
>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22)
>>>>>>> [exec] at Request.emit (events.js:315:20)
>>>>>>> [exec] at Request.<anonymous>
>>>>>>>
>>>>>>
>>>>>
>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10)
>>>>>>> [exec] at Request.emit (events.js:315:20)
>>>>>>> [exec] at IncomingMessage.<anonymous>
>>>>>>>
>>>>>>
>>>>>
>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12)
>>>>>>> [exec] at Object.onceWrapper (events.js:421:28)
>>>>>>> [exec] at IncomingMessage.emit (events.js:327:22)
>>>>>>>
>>>>>>> BUILD FAILED
>>>>>>> C:\dev\release_royale\releasecandidate.xml:1116: The
>>>>> following
>>>>>> error
>>>>>>> occurred while executing this line:
>>>>>>> C:\dev\release_royale\releasecandidate.xml:1400: exec
>>>>> returned: 1
>>>>>>>
>>>>>>> Total time: 7 minutes 26 seconds
>>>>>>>
>>>>>>>
>>>>>>
>>>>>> --
>>>>>>
>>>>>> Piotr Zarzycki
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>
>>>>> Piotr Zarzycki
>>>>>
>>>>>
>>>>
>>>
>>
>>
>>
>>
>>
>
> --
>
> Piotr Zarzycki
Re: NPM Credentials Problem Blocking Release
Posted by Piotr Zarzycki <pi...@gmail.com>.
Hi Guys,
I still need to accept one time password which are coming from npm
addresses. We have tried with Yishay white list that email but it didn't
work for some reason. I have raised following issue in INFR [1]
[1] https://issues.apache.org/jira/browse/INFRA-24625
Thanks,
Piotr
sob., 2 kwi 2022 o 09:58 Yishay Weiss <yi...@hotmail.com> napisał(a):
> The non-interactivity happens before ant, in publish.js. I ended up doing
> it interactively on the CLI.
>
> Reading their docs [1]it looks like 2FA will be enforced at some point, so
> we should aim IMO to work with that. Manually, I just switched the settings
> to 2FA and then used my mobile authenticator to provide the OTP (I’ve
> reverted it back to no 2FA). I could not get the automation token (which
> I’ve generated) [2] to work.
>
> [1] Enrolling all npm publishers in enhanced login verification and next
> steps for two-factor authentication enforcement | The GitHub Blog<
> https://github.blog/2021-12-07-enrolling-npm-publishers-enhanced-login-verification-two-factor-authentication-enforcement/
> >
>
> [2] Creating and viewing access tokens | npm Docs (npmjs.com)<
> https://docs.npmjs.com/creating-and-viewing-access-tokens#creating-access-tokens
> >
>
>
> From: Alex Harui<ma...@adobe.com.INVALID>
> Sent: Friday, April 1, 2022 9:04 PM
> To: dev@royale.apache.org<ma...@royale.apache.org>
> Subject: Re: NPM Credentials Problem Blocking Release
>
> Hi Yishay,
>
> All of my Royale stuff is on another old laptop and I won't have access to
> it for another 7 days.
>
> It could be that Ant is not running in a mode that allows for a prompt. I
> don't remember if we had OTP when publishing in the past.
>
> -Alex
>
> On 4/1/22, 10:51 AM, "Yishay Weiss" <yi...@hotmail.com> wrote:
>
> Thanks, they’re coming through now.
>
> Being new to npm publishing I have not been able to modify the ant
> scripts to make this work. So any help would be appreciated. The script
> fails on adduser [1].
>
> I’ve tried adding an .npmrc file under royale-asjs with
>
> //registry.npmjs.org/:_authToken=<…>
>
> But that didn’t help.
>
> Any ideas?
>
> [1]
> [exec] Publishing to NPM: @apache-royale/royale-js version:
> 0.9.9...
> [exec] info attempt registry request try #1 at 8:37:34 PM
> [exec] http request PUT
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=qZz1dfVh7b0vEnRtDOolW1fN8RUpKzvQvlYL%2BianIcY%3D&reserved=0
> [exec] info attempt registry request try #1 at 8:37:35 PM
> [exec] http request PUT
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F%40apache-royale%252froyale-js&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=GnR46nQQgvnX%2B%2BilSiYNefzPrz%2FiLC5KZg3o%2Bi%2B5%2B3Q%3D&reserved=0
> [exec] http 401
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=qZz1dfVh7b0vEnRtDOolW1fN8RUpKzvQvlYL%2BianIcY%3D&reserved=0
> [exec] WARN notice Please use the one-time password (OTP) from
> your authenticator application
> [exec] WARN adduser Incorrect username or password
> [exec] WARN adduser You can reset your account by visiting:
> [exec] WARN adduser
> [exec] WARN adduser
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fnpmjs.org%2Fforgot&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=J4%2BiLN%2FedAJiTavC0obA3clNCiL0kl6IOlOar%2FnKqF0%3D&reserved=0
> [exec] WARN adduser
> [exec]
> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:52
> [exec] throw new Error(error);
> [exec] ^
> [exec]
> [exec] Error: Error: failed to authenticate: Could not
> authenticate apache-royale-owner: bad otp :
> -/user/org.couchdb.user:apache-royale-owner
> [exec] at
> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:52:14
> [exec] at
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14
> [exec] at
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16
> [exec] at f
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
> [exec] at
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10
> [exec] at
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12
> [exec] at f
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
> [exec] at RegClient.<anonymous>
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12)
> [exec] at Request._callback
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14)
> [exec] at Request.self.callback
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22)
> [exec] at Request.emit (events.js:315:20)
> [exec] at Request.<anonymous>
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10)
> [exec] at Request.emit (events.js:315:20)
> [exec] at IncomingMessage.<anonymous>
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12)
> [exec] at Object.onceWrapper (events.js:421:28)
> [exec] at IncomingMessage.emit (events.js:327:22)
>
> BUILD FAILED
> C:\dev\release_royale\releasecandidate.xml:1363: exec returned: 1
>
> From: Alex Harui<ma...@adobe.com.INVALID>
> Sent: Friday, April 1, 2022 12:25 AM
> To: dev@royale.apache.org<ma...@royale.apache.org>
> Subject: Re: NPM Credentials Problem Blocking Release
>
> Infra says the actual sender is not support@npmjs.com. They have
> implemented a custom solution. Yishay, can you try again?
>
> Thanks,
> -Alex
>
> On 3/31/22, 1:39 PM, "Alex Harui" <ah...@adobe.com.INVALID> wrote:
>
> Yeah, not sure why that didn't work. I'll email infra.
>
> On 3/31/22, 12:53 PM, "Harbs" <ha...@gmail.com> wrote:
>
> I don’t know why it didn’t work.
>
> We should probably ask Infra.
>
> > On Mar 31, 2022, at 10:23 PM, Yishay Weiss <
> yishayjobs@hotmail.com> wrote:
> >
> > I thought Alex fixed it so it doesn’t need you to approve…
> It’s expired and you should see a couple of more such messages.
> >
> > From: Harbs<ma...@gmail.com>
> > Sent: Thursday, March 31, 2022 10:06 PM
> > To: Apache Royale Development<ma...@royale.apache.org>
> > Subject: Re: NPM Credentials Problem Blocking Release
> >
> > I approved and should have added it again to the allow list.
> >
> > It came through. If it expired already, try again. Hopefully
> it’ll work...
> >
> >> On Mar 31, 2022, at 10:01 PM, Yishay Weiss <
> yishayjobs@hotmail.com> wrote:
> >>
> >> I just tried logging in, got the OTP sent message, but am
> not seeing it in private.
> >>
> >> From: Alex Harui<ma...@adobe.com.INVALID>
> >> Sent: Thursday, March 31, 2022 7:44 PM
> >> To: dev@royale.apache.org<ma...@royale.apache.org>
> >> Subject: Re: NPM Credentials Problem Blocking Release
> >>
> >> OK, support@npmjs.com is now on the allow list. Yishay,
> if you try to publish again, in theory the NPM messages will go straight to
> private@. Let us know if that isn't happening. I'll try to look for
> moderator messages but they often go to junk and I can't control settings
> for my corporate email.
> >>
> >> FWIW, Here's a link to some doc on the EZMLM robot that
> runs ASF mailing lists.
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Funtroubled.org%2Fezmlm%2Fmanual%2F&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=uLzD96tz3sBhkMOvNdyDZ%2Fy7D4FWZmlXNkNMJFEimfI%3D&reserved=0
> >>
> >> The command I sent was executed by sending an email to
> private-allow-subscribe-support=npmjs.com@royale.apache.org
> >> Any list moderator can send to these sort of email
> addresses and the robot will parse the address and execute a command. We
> can subscribe and unsubscribe people, allow them to send and not receive,
> get a list of all subscribers and more.
> >>
> >> HTH,
> >> -Alex
> >>
> >> On 3/31/22, 8:44 AM, "Josh Tynjala" <
> joshtynjala@bowlerhat.dev> wrote:
> >>
> >> Do it.
> >>
> >> --
> >> Josh Tynjala
> >> Bowler Hat LLC <
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbowlerhat.dev%2F&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=qGYKjnY8ozbWgy89acmDDOkAZ63NmByrnmSW1DLLEXM%3D&reserved=0
> >
> >>
> >>
> >> On Wed, Mar 30, 2022 at 11:24 PM Alex Harui
> <ah...@adobe.com.invalid>
> >> wrote:
> >>
> >>> Each mailing list has an "allow" subscriber list that is
> different from
> >>> the regular subscriber list. "allow" can send but can't
> receive. The
> >>> syntax can be extracted from the moderator emails. If we
> get consensus to
> >>> try it, I'll send the command.
> >>>
> >>> On 3/30/22, 11:17 PM, "Piotr Zarzycki" <
> piotrzarzycki21@gmail.com> wrote:
> >>>
> >>> I don’t know how to whitelist that email but I will try
> to figure it
> >>> out
> >>> soon.
> >>>
> >>> On Thu, 31 Mar 2022 at 06:06, Alex Harui
> <ah...@adobe.com.invalid>
> >>> wrote:
> >>>
> >>>> Yishay, maybe you can also be a moderator? It might also
> be
> >>> possible to
> >>>> allow emails from npm without moderation. I don't
> remember if we
> >>> tried
> >>>> that. It works on the other lists. There might be a
> restriction on
> >>>> private@.
> >>>>
> >>>> -Alex
> >>>>
> >>>> On 3/30/22, 7:55 PM, "Yishay Weiss" <
> yishayjobs@hotmail.com> wrote:
> >>>>
> >>>> Piotr, being the moderator, is receiving them but it’s
> hard for
> >>> me to
> >>>> do anything from my side because I can’t login without a
> OTP.
> >>>>
> >>>> I’m guessing we need to either create an automation
> token, or
> >>> change
> >>>> the module settings to not require 2FA [1].
> >>>>
> >>>> [1] Securely Automating npm publish with the New npm
> Automation
> >>> Tokens
> >>>> - DEV Community<
> >>>>
> >>>
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdev.to%2Fbnb%2Fsecurely-automating-npm-publish-with-the-new-npm-automation-tokens-oei&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=hAsQoFRmUHDC4x6Ch0ZNbJ7rQP%2BCXJ2%2B05BUnR49tS0%3D&reserved=0
> >>>>>
> >>>>
> >>>> From: Alex Harui<ma...@adobe.com.INVALID>
> >>>> Sent: Tuesday, March 29, 2022 7:05 PM
> >>>> To: dev@royale.apache.org<ma...@royale.apache.org>
> >>>> Cc: OmPrakash Muppirala<ma...@gmail.com>
> >>>> Subject: Re: NPM Credentials Problem Blocking Release
> >>>>
> >>>> I get some emails from NPM to apache-royale-owner. I
> can
> >>> forward them
> >>>> to private@royale.a.o if they aren't also going there.
> >>>>
> >>>> One has the subject: [npm] OTP for logging in to your
> account:
> >>>> apache-royale-owner
> >>>> The other: Your npm password reset
> >>>>
> >>>> -Alex
> >>>>
> >>>> On 3/29/22, 3:37 AM, "Yishay Weiss" <
> yishayjobs@hotmail.com>
> >>> wrote:
> >>>>
> >>>> Ok, looks like we’ve figured it out for now with a
> temp
> >>> password.
> >>>> 2FA does not seem to be a requirement. We will update the
> private
> >>> list with
> >>>> the new credentials when that’s ready.
> >>>>
> >>>> From: Piotr Zarzycki<mailto:
> piotrzarzycki21@gmail.com>
> >>>> Sent: Tuesday, March 29, 2022 11:18 AM
> >>>> To: Apache Royale Development<mailto:
> dev@royale.apache.org>
> >>>> Cc: OmPrakash Muppirala<mailto:bigosmallm@gmail.com
> >
> >>>> Subject: Re: NPM Credentials Problem Blocking
> Release
> >>>>
> >>>> Yes it goes to private as I see...
> >>>>
> >>>> wt., 29 mar 2022 o 09:47 Yishay Weiss <
> >>> yishayjobs@hotmail.com>
> >>>> napisał(a):
> >>>>
> >>>>> I’m not sure which email the new password gets sent to.
> >>> Does it
> >>>> go to
> >>>>> private@royale.release.org<mailto:
> >>> private@royale.release.org> ?
> >>>>>
> >>>>> Also, I see some npm requests to do 2FA which we have
> >>> ignored.
> >>>> It’s
> >>>>> probably best to avoid that if possible to keep the
> release
> >>>> scriptable.
> >>>>>
> >>>>> @OmPrakash Muppirala<ma...@gmail.com>, are
> >>> you the
> >>>> one who
> >>>>> set this up? Can you help out?
> >>>>>
> >>>>> Thanks.
> >>>>>
> >>>>> [exec] http request PUT
> >>>>>
> >>>>
> >>>
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=qZz1dfVh7b0vEnRtDOolW1fN8RUpKzvQvlYL%2BianIcY%3D&reserved=0
> >>>>> [exec] info attempt registry request try #1 at
> >>> 10:39:44 AM
> >>>>> [exec] http request PUT
> >>>>>
> >>>>
> >>>
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F%40apache-royale%252froyale-js&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=GnR46nQQgvnX%2B%2BilSiYNefzPrz%2FiLC5KZg3o%2Bi%2B5%2B3Q%3D&reserved=0
> >>>>> [exec] http 401
> >>>>>
> >>>>
> >>>
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=qZz1dfVh7b0vEnRtDOolW1fN8RUpKzvQvlYL%2BianIcY%3D&reserved=0
> >>>>> [exec] WARN notice Please check your email for a
> >>> one-time
> >>>> password
> >>>>> (OTP)
> >>>>> [exec] WARN adduser Incorrect username or password
> >>>>> [exec] WARN adduser You can reset your account by
> >>> visiting:
> >>>>> [exec] WARN adduser
> >>>>> [exec] WARN adduser
> >>>>
> >>>
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fnpmjs.org%2Fforgot&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=J4%2BiLN%2FedAJiTavC0obA3clNCiL0kl6IOlOar%2FnKqF0%3D&reserved=0
> >>>>> [exec] WARN adduser
> >>>>> [exec]
> >>>>>
> >>>>
> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51
> >>>>> [exec] throw new Error(error);
> >>>>> [exec] ^
> >>>>> [exec]
> >>>>> [exec] Error: Error: failed to authenticate: A One
> >>> Time
> >>>> Password
> >>>>> (OTP) by email is required. :
> >>>> -/user/org.couchdb.user:apache-royale-owner
> >>>>> [exec] at
> >>>>>
> >>>>
> >>>
> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51:14
> >>>>> [exec] at
> >>>>>
> >>>>
> >>>
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14
> >>>>> [exec] at
> >>>>>
> >>>>
> >>>
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16
> >>>>> [exec] at f
> >>>>>
> >>>>
> >>>
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
> >>>>> [exec] at
> >>>>>
> >>>>
> >>>
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10
> >>>>> [exec] at
> >>>>>
> >>>>
> >>>
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12
> >>>>> [exec] at f
> >>>>>
> >>>>
> >>>
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
> >>>>> [exec] at RegClient.<anonymous>
> >>>>>
> >>>>
> >>>
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12)
> >>>>> [exec] at Request._callback
> >>>>>
> >>>>
> >>>
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14)
> >>>>> [exec] at Request.self.callback
> >>>>>
> >>>>
> >>>
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22)
> >>>>> [exec] at Request.emit (events.js:315:20)
> >>>>> [exec] at Request.<anonymous>
> >>>>>
> >>>>
> >>>
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10)
> >>>>> [exec] at Request.emit (events.js:315:20)
> >>>>> [exec] at IncomingMessage.<anonymous>
> >>>>>
> >>>>
> >>>
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12)
> >>>>> [exec] at Object.onceWrapper (events.js:421:28)
> >>>>> [exec] at IncomingMessage.emit (events.js:327:22)
> >>>>>
> >>>>> BUILD FAILED
> >>>>> C:\dev\release_royale\releasecandidate.xml:1116: The
> >>> following
> >>>> error
> >>>>> occurred while executing this line:
> >>>>> C:\dev\release_royale\releasecandidate.xml:1400: exec
> >>> returned: 1
> >>>>>
> >>>>> Total time: 7 minutes 26 seconds
> >>>>>
> >>>>>
> >>>>
> >>>> --
> >>>>
> >>>> Piotr Zarzycki
> >>>>
> >>>>
> >>>>
> >>>> --
> >>>
> >>> Piotr Zarzycki
> >>>
> >>>
> >>
> >
>
>
>
>
>
--
Piotr Zarzycki
RE: NPM Credentials Problem Blocking Release
Posted by Yishay Weiss <yi...@hotmail.com>.
The non-interactivity happens before ant, in publish.js. I ended up doing it interactively on the CLI.
Reading their docs [1]it looks like 2FA will be enforced at some point, so we should aim IMO to work with that. Manually, I just switched the settings to 2FA and then used my mobile authenticator to provide the OTP (I’ve reverted it back to no 2FA). I could not get the automation token (which I’ve generated) [2] to work.
[1] Enrolling all npm publishers in enhanced login verification and next steps for two-factor authentication enforcement | The GitHub Blog<https://github.blog/2021-12-07-enrolling-npm-publishers-enhanced-login-verification-two-factor-authentication-enforcement/>
[2] Creating and viewing access tokens | npm Docs (npmjs.com)<https://docs.npmjs.com/creating-and-viewing-access-tokens#creating-access-tokens>
From: Alex Harui<ma...@adobe.com.INVALID>
Sent: Friday, April 1, 2022 9:04 PM
To: dev@royale.apache.org<ma...@royale.apache.org>
Subject: Re: NPM Credentials Problem Blocking Release
Hi Yishay,
All of my Royale stuff is on another old laptop and I won't have access to it for another 7 days.
It could be that Ant is not running in a mode that allows for a prompt. I don't remember if we had OTP when publishing in the past.
-Alex
On 4/1/22, 10:51 AM, "Yishay Weiss" <yi...@hotmail.com> wrote:
Thanks, they’re coming through now.
Being new to npm publishing I have not been able to modify the ant scripts to make this work. So any help would be appreciated. The script fails on adduser [1].
I’ve tried adding an .npmrc file under royale-asjs with
//registry.npmjs.org/:_authToken=<…>
But that didn’t help.
Any ideas?
[1]
[exec] Publishing to NPM: @apache-royale/royale-js version: 0.9.9...
[exec] info attempt registry request try #1 at 8:37:34 PM
[exec] http request PUT https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=qZz1dfVh7b0vEnRtDOolW1fN8RUpKzvQvlYL%2BianIcY%3D&reserved=0
[exec] info attempt registry request try #1 at 8:37:35 PM
[exec] http request PUT https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F%40apache-royale%252froyale-js&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=GnR46nQQgvnX%2B%2BilSiYNefzPrz%2FiLC5KZg3o%2Bi%2B5%2B3Q%3D&reserved=0
[exec] http 401 https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=qZz1dfVh7b0vEnRtDOolW1fN8RUpKzvQvlYL%2BianIcY%3D&reserved=0
[exec] WARN notice Please use the one-time password (OTP) from your authenticator application
[exec] WARN adduser Incorrect username or password
[exec] WARN adduser You can reset your account by visiting:
[exec] WARN adduser
[exec] WARN adduser https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fnpmjs.org%2Fforgot&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=J4%2BiLN%2FedAJiTavC0obA3clNCiL0kl6IOlOar%2FnKqF0%3D&reserved=0
[exec] WARN adduser
[exec] C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:52
[exec] throw new Error(error);
[exec] ^
[exec]
[exec] Error: Error: failed to authenticate: Could not authenticate apache-royale-owner: bad otp : -/user/org.couchdb.user:apache-royale-owner
[exec] at C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:52:14
[exec] at C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14
[exec] at C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16
[exec] at f (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
[exec] at C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10
[exec] at C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12
[exec] at f (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
[exec] at RegClient.<anonymous> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12)
[exec] at Request._callback (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14)
[exec] at Request.self.callback (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22)
[exec] at Request.emit (events.js:315:20)
[exec] at Request.<anonymous> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10)
[exec] at Request.emit (events.js:315:20)
[exec] at IncomingMessage.<anonymous> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12)
[exec] at Object.onceWrapper (events.js:421:28)
[exec] at IncomingMessage.emit (events.js:327:22)
BUILD FAILED
C:\dev\release_royale\releasecandidate.xml:1363: exec returned: 1
From: Alex Harui<ma...@adobe.com.INVALID>
Sent: Friday, April 1, 2022 12:25 AM
To: dev@royale.apache.org<ma...@royale.apache.org>
Subject: Re: NPM Credentials Problem Blocking Release
Infra says the actual sender is not support@npmjs.com. They have implemented a custom solution. Yishay, can you try again?
Thanks,
-Alex
On 3/31/22, 1:39 PM, "Alex Harui" <ah...@adobe.com.INVALID> wrote:
Yeah, not sure why that didn't work. I'll email infra.
On 3/31/22, 12:53 PM, "Harbs" <ha...@gmail.com> wrote:
I don’t know why it didn’t work.
We should probably ask Infra.
> On Mar 31, 2022, at 10:23 PM, Yishay Weiss <yi...@hotmail.com> wrote:
>
> I thought Alex fixed it so it doesn’t need you to approve… It’s expired and you should see a couple of more such messages.
>
> From: Harbs<ma...@gmail.com>
> Sent: Thursday, March 31, 2022 10:06 PM
> To: Apache Royale Development<ma...@royale.apache.org>
> Subject: Re: NPM Credentials Problem Blocking Release
>
> I approved and should have added it again to the allow list.
>
> It came through. If it expired already, try again. Hopefully it’ll work...
>
>> On Mar 31, 2022, at 10:01 PM, Yishay Weiss <yi...@hotmail.com> wrote:
>>
>> I just tried logging in, got the OTP sent message, but am not seeing it in private.
>>
>> From: Alex Harui<ma...@adobe.com.INVALID>
>> Sent: Thursday, March 31, 2022 7:44 PM
>> To: dev@royale.apache.org<ma...@royale.apache.org>
>> Subject: Re: NPM Credentials Problem Blocking Release
>>
>> OK, support@npmjs.com is now on the allow list. Yishay, if you try to publish again, in theory the NPM messages will go straight to private@. Let us know if that isn't happening. I'll try to look for moderator messages but they often go to junk and I can't control settings for my corporate email.
>>
>> FWIW, Here's a link to some doc on the EZMLM robot that runs ASF mailing lists. https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Funtroubled.org%2Fezmlm%2Fmanual%2F&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=uLzD96tz3sBhkMOvNdyDZ%2Fy7D4FWZmlXNkNMJFEimfI%3D&reserved=0
>>
>> The command I sent was executed by sending an email to private-allow-subscribe-support=npmjs.com@royale.apache.org
>> Any list moderator can send to these sort of email addresses and the robot will parse the address and execute a command. We can subscribe and unsubscribe people, allow them to send and not receive, get a list of all subscribers and more.
>>
>> HTH,
>> -Alex
>>
>> On 3/31/22, 8:44 AM, "Josh Tynjala" <jo...@bowlerhat.dev> wrote:
>>
>> Do it.
>>
>> --
>> Josh Tynjala
>> Bowler Hat LLC <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbowlerhat.dev%2F&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=qGYKjnY8ozbWgy89acmDDOkAZ63NmByrnmSW1DLLEXM%3D&reserved=0>
>>
>>
>> On Wed, Mar 30, 2022 at 11:24 PM Alex Harui <ah...@adobe.com.invalid>
>> wrote:
>>
>>> Each mailing list has an "allow" subscriber list that is different from
>>> the regular subscriber list. "allow" can send but can't receive. The
>>> syntax can be extracted from the moderator emails. If we get consensus to
>>> try it, I'll send the command.
>>>
>>> On 3/30/22, 11:17 PM, "Piotr Zarzycki" <pi...@gmail.com> wrote:
>>>
>>> I don’t know how to whitelist that email but I will try to figure it
>>> out
>>> soon.
>>>
>>> On Thu, 31 Mar 2022 at 06:06, Alex Harui <ah...@adobe.com.invalid>
>>> wrote:
>>>
>>>> Yishay, maybe you can also be a moderator? It might also be
>>> possible to
>>>> allow emails from npm without moderation. I don't remember if we
>>> tried
>>>> that. It works on the other lists. There might be a restriction on
>>>> private@.
>>>>
>>>> -Alex
>>>>
>>>> On 3/30/22, 7:55 PM, "Yishay Weiss" <yi...@hotmail.com> wrote:
>>>>
>>>> Piotr, being the moderator, is receiving them but it’s hard for
>>> me to
>>>> do anything from my side because I can’t login without a OTP.
>>>>
>>>> I’m guessing we need to either create an automation token, or
>>> change
>>>> the module settings to not require 2FA [1].
>>>>
>>>> [1] Securely Automating npm publish with the New npm Automation
>>> Tokens
>>>> - DEV Community<
>>>>
>>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdev.to%2Fbnb%2Fsecurely-automating-npm-publish-with-the-new-npm-automation-tokens-oei&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=hAsQoFRmUHDC4x6Ch0ZNbJ7rQP%2BCXJ2%2B05BUnR49tS0%3D&reserved=0
>>>>>
>>>>
>>>> From: Alex Harui<ma...@adobe.com.INVALID>
>>>> Sent: Tuesday, March 29, 2022 7:05 PM
>>>> To: dev@royale.apache.org<ma...@royale.apache.org>
>>>> Cc: OmPrakash Muppirala<ma...@gmail.com>
>>>> Subject: Re: NPM Credentials Problem Blocking Release
>>>>
>>>> I get some emails from NPM to apache-royale-owner. I can
>>> forward them
>>>> to private@royale.a.o if they aren't also going there.
>>>>
>>>> One has the subject: [npm] OTP for logging in to your account:
>>>> apache-royale-owner
>>>> The other: Your npm password reset
>>>>
>>>> -Alex
>>>>
>>>> On 3/29/22, 3:37 AM, "Yishay Weiss" <yi...@hotmail.com>
>>> wrote:
>>>>
>>>> Ok, looks like we’ve figured it out for now with a temp
>>> password.
>>>> 2FA does not seem to be a requirement. We will update the private
>>> list with
>>>> the new credentials when that’s ready.
>>>>
>>>> From: Piotr Zarzycki<ma...@gmail.com>
>>>> Sent: Tuesday, March 29, 2022 11:18 AM
>>>> To: Apache Royale Development<ma...@royale.apache.org>
>>>> Cc: OmPrakash Muppirala<ma...@gmail.com>
>>>> Subject: Re: NPM Credentials Problem Blocking Release
>>>>
>>>> Yes it goes to private as I see...
>>>>
>>>> wt., 29 mar 2022 o 09:47 Yishay Weiss <
>>> yishayjobs@hotmail.com>
>>>> napisał(a):
>>>>
>>>>> I’m not sure which email the new password gets sent to.
>>> Does it
>>>> go to
>>>>> private@royale.release.org<mailto:
>>> private@royale.release.org> ?
>>>>>
>>>>> Also, I see some npm requests to do 2FA which we have
>>> ignored.
>>>> It’s
>>>>> probably best to avoid that if possible to keep the release
>>>> scriptable.
>>>>>
>>>>> @OmPrakash Muppirala<ma...@gmail.com>, are
>>> you the
>>>> one who
>>>>> set this up? Can you help out?
>>>>>
>>>>> Thanks.
>>>>>
>>>>> [exec] http request PUT
>>>>>
>>>>
>>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=qZz1dfVh7b0vEnRtDOolW1fN8RUpKzvQvlYL%2BianIcY%3D&reserved=0
>>>>> [exec] info attempt registry request try #1 at
>>> 10:39:44 AM
>>>>> [exec] http request PUT
>>>>>
>>>>
>>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F%40apache-royale%252froyale-js&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=GnR46nQQgvnX%2B%2BilSiYNefzPrz%2FiLC5KZg3o%2Bi%2B5%2B3Q%3D&reserved=0
>>>>> [exec] http 401
>>>>>
>>>>
>>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=qZz1dfVh7b0vEnRtDOolW1fN8RUpKzvQvlYL%2BianIcY%3D&reserved=0
>>>>> [exec] WARN notice Please check your email for a
>>> one-time
>>>> password
>>>>> (OTP)
>>>>> [exec] WARN adduser Incorrect username or password
>>>>> [exec] WARN adduser You can reset your account by
>>> visiting:
>>>>> [exec] WARN adduser
>>>>> [exec] WARN adduser
>>>>
>>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fnpmjs.org%2Fforgot&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=J4%2BiLN%2FedAJiTavC0obA3clNCiL0kl6IOlOar%2FnKqF0%3D&reserved=0
>>>>> [exec] WARN adduser
>>>>> [exec]
>>>>>
>>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51
>>>>> [exec] throw new Error(error);
>>>>> [exec] ^
>>>>> [exec]
>>>>> [exec] Error: Error: failed to authenticate: A One
>>> Time
>>>> Password
>>>>> (OTP) by email is required. :
>>>> -/user/org.couchdb.user:apache-royale-owner
>>>>> [exec] at
>>>>>
>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51:14
>>>>> [exec] at
>>>>>
>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14
>>>>> [exec] at
>>>>>
>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16
>>>>> [exec] at f
>>>>>
>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
>>>>> [exec] at
>>>>>
>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10
>>>>> [exec] at
>>>>>
>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12
>>>>> [exec] at f
>>>>>
>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
>>>>> [exec] at RegClient.<anonymous>
>>>>>
>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12)
>>>>> [exec] at Request._callback
>>>>>
>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14)
>>>>> [exec] at Request.self.callback
>>>>>
>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22)
>>>>> [exec] at Request.emit (events.js:315:20)
>>>>> [exec] at Request.<anonymous>
>>>>>
>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10)
>>>>> [exec] at Request.emit (events.js:315:20)
>>>>> [exec] at IncomingMessage.<anonymous>
>>>>>
>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12)
>>>>> [exec] at Object.onceWrapper (events.js:421:28)
>>>>> [exec] at IncomingMessage.emit (events.js:327:22)
>>>>>
>>>>> BUILD FAILED
>>>>> C:\dev\release_royale\releasecandidate.xml:1116: The
>>> following
>>>> error
>>>>> occurred while executing this line:
>>>>> C:\dev\release_royale\releasecandidate.xml:1400: exec
>>> returned: 1
>>>>>
>>>>> Total time: 7 minutes 26 seconds
>>>>>
>>>>>
>>>>
>>>> --
>>>>
>>>> Piotr Zarzycki
>>>>
>>>>
>>>>
>>>> --
>>>
>>> Piotr Zarzycki
>>>
>>>
>>
>
Re: NPM Credentials Problem Blocking Release
Posted by Alex Harui <ah...@adobe.com.INVALID>.
Hi Yishay,
All of my Royale stuff is on another old laptop and I won't have access to it for another 7 days.
It could be that Ant is not running in a mode that allows for a prompt. I don't remember if we had OTP when publishing in the past.
-Alex
On 4/1/22, 10:51 AM, "Yishay Weiss" <yi...@hotmail.com> wrote:
Thanks, they’re coming through now.
Being new to npm publishing I have not been able to modify the ant scripts to make this work. So any help would be appreciated. The script fails on adduser [1].
I’ve tried adding an .npmrc file under royale-asjs with
//registry.npmjs.org/:_authToken=<…>
But that didn’t help.
Any ideas?
[1]
[exec] Publishing to NPM: @apache-royale/royale-js version: 0.9.9...
[exec] info attempt registry request try #1 at 8:37:34 PM
[exec] http request PUT https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=qZz1dfVh7b0vEnRtDOolW1fN8RUpKzvQvlYL%2BianIcY%3D&reserved=0
[exec] info attempt registry request try #1 at 8:37:35 PM
[exec] http request PUT https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F%40apache-royale%252froyale-js&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=GnR46nQQgvnX%2B%2BilSiYNefzPrz%2FiLC5KZg3o%2Bi%2B5%2B3Q%3D&reserved=0
[exec] http 401 https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=qZz1dfVh7b0vEnRtDOolW1fN8RUpKzvQvlYL%2BianIcY%3D&reserved=0
[exec] WARN notice Please use the one-time password (OTP) from your authenticator application
[exec] WARN adduser Incorrect username or password
[exec] WARN adduser You can reset your account by visiting:
[exec] WARN adduser
[exec] WARN adduser https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fnpmjs.org%2Fforgot&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=J4%2BiLN%2FedAJiTavC0obA3clNCiL0kl6IOlOar%2FnKqF0%3D&reserved=0
[exec] WARN adduser
[exec] C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:52
[exec] throw new Error(error);
[exec] ^
[exec]
[exec] Error: Error: failed to authenticate: Could not authenticate apache-royale-owner: bad otp : -/user/org.couchdb.user:apache-royale-owner
[exec] at C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:52:14
[exec] at C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14
[exec] at C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16
[exec] at f (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
[exec] at C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10
[exec] at C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12
[exec] at f (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
[exec] at RegClient.<anonymous> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12)
[exec] at Request._callback (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14)
[exec] at Request.self.callback (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22)
[exec] at Request.emit (events.js:315:20)
[exec] at Request.<anonymous> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10)
[exec] at Request.emit (events.js:315:20)
[exec] at IncomingMessage.<anonymous> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12)
[exec] at Object.onceWrapper (events.js:421:28)
[exec] at IncomingMessage.emit (events.js:327:22)
BUILD FAILED
C:\dev\release_royale\releasecandidate.xml:1363: exec returned: 1
From: Alex Harui<ma...@adobe.com.INVALID>
Sent: Friday, April 1, 2022 12:25 AM
To: dev@royale.apache.org<ma...@royale.apache.org>
Subject: Re: NPM Credentials Problem Blocking Release
Infra says the actual sender is not support@npmjs.com. They have implemented a custom solution. Yishay, can you try again?
Thanks,
-Alex
On 3/31/22, 1:39 PM, "Alex Harui" <ah...@adobe.com.INVALID> wrote:
Yeah, not sure why that didn't work. I'll email infra.
On 3/31/22, 12:53 PM, "Harbs" <ha...@gmail.com> wrote:
I don’t know why it didn’t work.
We should probably ask Infra.
> On Mar 31, 2022, at 10:23 PM, Yishay Weiss <yi...@hotmail.com> wrote:
>
> I thought Alex fixed it so it doesn’t need you to approve… It’s expired and you should see a couple of more such messages.
>
> From: Harbs<ma...@gmail.com>
> Sent: Thursday, March 31, 2022 10:06 PM
> To: Apache Royale Development<ma...@royale.apache.org>
> Subject: Re: NPM Credentials Problem Blocking Release
>
> I approved and should have added it again to the allow list.
>
> It came through. If it expired already, try again. Hopefully it’ll work...
>
>> On Mar 31, 2022, at 10:01 PM, Yishay Weiss <yi...@hotmail.com> wrote:
>>
>> I just tried logging in, got the OTP sent message, but am not seeing it in private.
>>
>> From: Alex Harui<ma...@adobe.com.INVALID>
>> Sent: Thursday, March 31, 2022 7:44 PM
>> To: dev@royale.apache.org<ma...@royale.apache.org>
>> Subject: Re: NPM Credentials Problem Blocking Release
>>
>> OK, support@npmjs.com is now on the allow list. Yishay, if you try to publish again, in theory the NPM messages will go straight to private@. Let us know if that isn't happening. I'll try to look for moderator messages but they often go to junk and I can't control settings for my corporate email.
>>
>> FWIW, Here's a link to some doc on the EZMLM robot that runs ASF mailing lists. https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Funtroubled.org%2Fezmlm%2Fmanual%2F&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=uLzD96tz3sBhkMOvNdyDZ%2Fy7D4FWZmlXNkNMJFEimfI%3D&reserved=0
>>
>> The command I sent was executed by sending an email to private-allow-subscribe-support=npmjs.com@royale.apache.org
>> Any list moderator can send to these sort of email addresses and the robot will parse the address and execute a command. We can subscribe and unsubscribe people, allow them to send and not receive, get a list of all subscribers and more.
>>
>> HTH,
>> -Alex
>>
>> On 3/31/22, 8:44 AM, "Josh Tynjala" <jo...@bowlerhat.dev> wrote:
>>
>> Do it.
>>
>> --
>> Josh Tynjala
>> Bowler Hat LLC <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbowlerhat.dev%2F&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=qGYKjnY8ozbWgy89acmDDOkAZ63NmByrnmSW1DLLEXM%3D&reserved=0>
>>
>>
>> On Wed, Mar 30, 2022 at 11:24 PM Alex Harui <ah...@adobe.com.invalid>
>> wrote:
>>
>>> Each mailing list has an "allow" subscriber list that is different from
>>> the regular subscriber list. "allow" can send but can't receive. The
>>> syntax can be extracted from the moderator emails. If we get consensus to
>>> try it, I'll send the command.
>>>
>>> On 3/30/22, 11:17 PM, "Piotr Zarzycki" <pi...@gmail.com> wrote:
>>>
>>> I don’t know how to whitelist that email but I will try to figure it
>>> out
>>> soon.
>>>
>>> On Thu, 31 Mar 2022 at 06:06, Alex Harui <ah...@adobe.com.invalid>
>>> wrote:
>>>
>>>> Yishay, maybe you can also be a moderator? It might also be
>>> possible to
>>>> allow emails from npm without moderation. I don't remember if we
>>> tried
>>>> that. It works on the other lists. There might be a restriction on
>>>> private@.
>>>>
>>>> -Alex
>>>>
>>>> On 3/30/22, 7:55 PM, "Yishay Weiss" <yi...@hotmail.com> wrote:
>>>>
>>>> Piotr, being the moderator, is receiving them but it’s hard for
>>> me to
>>>> do anything from my side because I can’t login without a OTP.
>>>>
>>>> I’m guessing we need to either create an automation token, or
>>> change
>>>> the module settings to not require 2FA [1].
>>>>
>>>> [1] Securely Automating npm publish with the New npm Automation
>>> Tokens
>>>> - DEV Community<
>>>>
>>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdev.to%2Fbnb%2Fsecurely-automating-npm-publish-with-the-new-npm-automation-tokens-oei&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=hAsQoFRmUHDC4x6Ch0ZNbJ7rQP%2BCXJ2%2B05BUnR49tS0%3D&reserved=0
>>>>>
>>>>
>>>> From: Alex Harui<ma...@adobe.com.INVALID>
>>>> Sent: Tuesday, March 29, 2022 7:05 PM
>>>> To: dev@royale.apache.org<ma...@royale.apache.org>
>>>> Cc: OmPrakash Muppirala<ma...@gmail.com>
>>>> Subject: Re: NPM Credentials Problem Blocking Release
>>>>
>>>> I get some emails from NPM to apache-royale-owner. I can
>>> forward them
>>>> to private@royale.a.o if they aren't also going there.
>>>>
>>>> One has the subject: [npm] OTP for logging in to your account:
>>>> apache-royale-owner
>>>> The other: Your npm password reset
>>>>
>>>> -Alex
>>>>
>>>> On 3/29/22, 3:37 AM, "Yishay Weiss" <yi...@hotmail.com>
>>> wrote:
>>>>
>>>> Ok, looks like we’ve figured it out for now with a temp
>>> password.
>>>> 2FA does not seem to be a requirement. We will update the private
>>> list with
>>>> the new credentials when that’s ready.
>>>>
>>>> From: Piotr Zarzycki<ma...@gmail.com>
>>>> Sent: Tuesday, March 29, 2022 11:18 AM
>>>> To: Apache Royale Development<ma...@royale.apache.org>
>>>> Cc: OmPrakash Muppirala<ma...@gmail.com>
>>>> Subject: Re: NPM Credentials Problem Blocking Release
>>>>
>>>> Yes it goes to private as I see...
>>>>
>>>> wt., 29 mar 2022 o 09:47 Yishay Weiss <
>>> yishayjobs@hotmail.com>
>>>> napisał(a):
>>>>
>>>>> I’m not sure which email the new password gets sent to.
>>> Does it
>>>> go to
>>>>> private@royale.release.org<mailto:
>>> private@royale.release.org> ?
>>>>>
>>>>> Also, I see some npm requests to do 2FA which we have
>>> ignored.
>>>> It’s
>>>>> probably best to avoid that if possible to keep the release
>>>> scriptable.
>>>>>
>>>>> @OmPrakash Muppirala<ma...@gmail.com>, are
>>> you the
>>>> one who
>>>>> set this up? Can you help out?
>>>>>
>>>>> Thanks.
>>>>>
>>>>> [exec] http request PUT
>>>>>
>>>>
>>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=qZz1dfVh7b0vEnRtDOolW1fN8RUpKzvQvlYL%2BianIcY%3D&reserved=0
>>>>> [exec] info attempt registry request try #1 at
>>> 10:39:44 AM
>>>>> [exec] http request PUT
>>>>>
>>>>
>>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F%40apache-royale%252froyale-js&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=GnR46nQQgvnX%2B%2BilSiYNefzPrz%2FiLC5KZg3o%2Bi%2B5%2B3Q%3D&reserved=0
>>>>> [exec] http 401
>>>>>
>>>>
>>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=qZz1dfVh7b0vEnRtDOolW1fN8RUpKzvQvlYL%2BianIcY%3D&reserved=0
>>>>> [exec] WARN notice Please check your email for a
>>> one-time
>>>> password
>>>>> (OTP)
>>>>> [exec] WARN adduser Incorrect username or password
>>>>> [exec] WARN adduser You can reset your account by
>>> visiting:
>>>>> [exec] WARN adduser
>>>>> [exec] WARN adduser
>>>>
>>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fnpmjs.org%2Fforgot&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=J4%2BiLN%2FedAJiTavC0obA3clNCiL0kl6IOlOar%2FnKqF0%3D&reserved=0
>>>>> [exec] WARN adduser
>>>>> [exec]
>>>>>
>>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51
>>>>> [exec] throw new Error(error);
>>>>> [exec] ^
>>>>> [exec]
>>>>> [exec] Error: Error: failed to authenticate: A One
>>> Time
>>>> Password
>>>>> (OTP) by email is required. :
>>>> -/user/org.couchdb.user:apache-royale-owner
>>>>> [exec] at
>>>>>
>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51:14
>>>>> [exec] at
>>>>>
>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14
>>>>> [exec] at
>>>>>
>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16
>>>>> [exec] at f
>>>>>
>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
>>>>> [exec] at
>>>>>
>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10
>>>>> [exec] at
>>>>>
>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12
>>>>> [exec] at f
>>>>>
>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
>>>>> [exec] at RegClient.<anonymous>
>>>>>
>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12)
>>>>> [exec] at Request._callback
>>>>>
>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14)
>>>>> [exec] at Request.self.callback
>>>>>
>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22)
>>>>> [exec] at Request.emit (events.js:315:20)
>>>>> [exec] at Request.<anonymous>
>>>>>
>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10)
>>>>> [exec] at Request.emit (events.js:315:20)
>>>>> [exec] at IncomingMessage.<anonymous>
>>>>>
>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12)
>>>>> [exec] at Object.onceWrapper (events.js:421:28)
>>>>> [exec] at IncomingMessage.emit (events.js:327:22)
>>>>>
>>>>> BUILD FAILED
>>>>> C:\dev\release_royale\releasecandidate.xml:1116: The
>>> following
>>>> error
>>>>> occurred while executing this line:
>>>>> C:\dev\release_royale\releasecandidate.xml:1400: exec
>>> returned: 1
>>>>>
>>>>> Total time: 7 minutes 26 seconds
>>>>>
>>>>>
>>>>
>>>> --
>>>>
>>>> Piotr Zarzycki
>>>>
>>>>
>>>>
>>>> --
>>>
>>> Piotr Zarzycki
>>>
>>>
>>
>
RE: NPM Credentials Problem Blocking Release
Posted by Yishay Weiss <yi...@hotmail.com>.
Thanks, they’re coming through now.
Being new to npm publishing I have not been able to modify the ant scripts to make this work. So any help would be appreciated. The script fails on adduser [1].
I’ve tried adding an .npmrc file under royale-asjs with
//registry.npmjs.org/:_authToken=<…>
But that didn’t help.
Any ideas?
[1]
[exec] Publishing to NPM: @apache-royale/royale-js version: 0.9.9...
[exec] info attempt registry request try #1 at 8:37:34 PM
[exec] http request PUT https://registry.npmjs.org/-/user/org.couchdb.user:apache-royale-owner
[exec] info attempt registry request try #1 at 8:37:35 PM
[exec] http request PUT https://registry.npmjs.org/@apache-royale%2froyale-js
[exec] http 401 https://registry.npmjs.org/-/user/org.couchdb.user:apache-royale-owner
[exec] WARN notice Please use the one-time password (OTP) from your authenticator application
[exec] WARN adduser Incorrect username or password
[exec] WARN adduser You can reset your account by visiting:
[exec] WARN adduser
[exec] WARN adduser https://npmjs.org/forgot
[exec] WARN adduser
[exec] C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:52
[exec] throw new Error(error);
[exec] ^
[exec]
[exec] Error: Error: failed to authenticate: Could not authenticate apache-royale-owner: bad otp : -/user/org.couchdb.user:apache-royale-owner
[exec] at C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:52:14
[exec] at C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14
[exec] at C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16
[exec] at f (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
[exec] at C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10
[exec] at C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12
[exec] at f (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
[exec] at RegClient.<anonymous> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12)
[exec] at Request._callback (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14)
[exec] at Request.self.callback (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22)
[exec] at Request.emit (events.js:315:20)
[exec] at Request.<anonymous> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10)
[exec] at Request.emit (events.js:315:20)
[exec] at IncomingMessage.<anonymous> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12)
[exec] at Object.onceWrapper (events.js:421:28)
[exec] at IncomingMessage.emit (events.js:327:22)
BUILD FAILED
C:\dev\release_royale\releasecandidate.xml:1363: exec returned: 1
From: Alex Harui<ma...@adobe.com.INVALID>
Sent: Friday, April 1, 2022 12:25 AM
To: dev@royale.apache.org<ma...@royale.apache.org>
Subject: Re: NPM Credentials Problem Blocking Release
Infra says the actual sender is not support@npmjs.com. They have implemented a custom solution. Yishay, can you try again?
Thanks,
-Alex
On 3/31/22, 1:39 PM, "Alex Harui" <ah...@adobe.com.INVALID> wrote:
Yeah, not sure why that didn't work. I'll email infra.
On 3/31/22, 12:53 PM, "Harbs" <ha...@gmail.com> wrote:
I don’t know why it didn’t work.
We should probably ask Infra.
> On Mar 31, 2022, at 10:23 PM, Yishay Weiss <yi...@hotmail.com> wrote:
>
> I thought Alex fixed it so it doesn’t need you to approve… It’s expired and you should see a couple of more such messages.
>
> From: Harbs<ma...@gmail.com>
> Sent: Thursday, March 31, 2022 10:06 PM
> To: Apache Royale Development<ma...@royale.apache.org>
> Subject: Re: NPM Credentials Problem Blocking Release
>
> I approved and should have added it again to the allow list.
>
> It came through. If it expired already, try again. Hopefully it’ll work...
>
>> On Mar 31, 2022, at 10:01 PM, Yishay Weiss <yi...@hotmail.com> wrote:
>>
>> I just tried logging in, got the OTP sent message, but am not seeing it in private.
>>
>> From: Alex Harui<ma...@adobe.com.INVALID>
>> Sent: Thursday, March 31, 2022 7:44 PM
>> To: dev@royale.apache.org<ma...@royale.apache.org>
>> Subject: Re: NPM Credentials Problem Blocking Release
>>
>> OK, support@npmjs.com is now on the allow list. Yishay, if you try to publish again, in theory the NPM messages will go straight to private@. Let us know if that isn't happening. I'll try to look for moderator messages but they often go to junk and I can't control settings for my corporate email.
>>
>> FWIW, Here's a link to some doc on the EZMLM robot that runs ASF mailing lists. https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Funtroubled.org%2Fezmlm%2Fmanual%2F&data=04%7C01%7Caharui%40adobe.com%7C68be0ee998c44830bdce08da13566c2f%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843559769367587%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=cz8%2FJnSsJ3Qr8tgHva2xxVDhaS3AfnDLMU4m%2B9MjsbM%3D&reserved=0
>>
>> The command I sent was executed by sending an email to private-allow-subscribe-support=npmjs.com@royale.apache.org
>> Any list moderator can send to these sort of email addresses and the robot will parse the address and execute a command. We can subscribe and unsubscribe people, allow them to send and not receive, get a list of all subscribers and more.
>>
>> HTH,
>> -Alex
>>
>> On 3/31/22, 8:44 AM, "Josh Tynjala" <jo...@bowlerhat.dev> wrote:
>>
>> Do it.
>>
>> --
>> Josh Tynjala
>> Bowler Hat LLC <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbowlerhat.dev%2F&data=04%7C01%7Caharui%40adobe.com%7C68be0ee998c44830bdce08da13566c2f%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843559769367587%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=sNCfmhkjPQPw9drAX02YdqUUp7vRiSt26VMlczaLBTI%3D&reserved=0>
>>
>>
>> On Wed, Mar 30, 2022 at 11:24 PM Alex Harui <ah...@adobe.com.invalid>
>> wrote:
>>
>>> Each mailing list has an "allow" subscriber list that is different from
>>> the regular subscriber list. "allow" can send but can't receive. The
>>> syntax can be extracted from the moderator emails. If we get consensus to
>>> try it, I'll send the command.
>>>
>>> On 3/30/22, 11:17 PM, "Piotr Zarzycki" <pi...@gmail.com> wrote:
>>>
>>> I don’t know how to whitelist that email but I will try to figure it
>>> out
>>> soon.
>>>
>>> On Thu, 31 Mar 2022 at 06:06, Alex Harui <ah...@adobe.com.invalid>
>>> wrote:
>>>
>>>> Yishay, maybe you can also be a moderator? It might also be
>>> possible to
>>>> allow emails from npm without moderation. I don't remember if we
>>> tried
>>>> that. It works on the other lists. There might be a restriction on
>>>> private@.
>>>>
>>>> -Alex
>>>>
>>>> On 3/30/22, 7:55 PM, "Yishay Weiss" <yi...@hotmail.com> wrote:
>>>>
>>>> Piotr, being the moderator, is receiving them but it’s hard for
>>> me to
>>>> do anything from my side because I can’t login without a OTP.
>>>>
>>>> I’m guessing we need to either create an automation token, or
>>> change
>>>> the module settings to not require 2FA [1].
>>>>
>>>> [1] Securely Automating npm publish with the New npm Automation
>>> Tokens
>>>> - DEV Community<
>>>>
>>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdev.to%2Fbnb%2Fsecurely-automating-npm-publish-with-the-new-npm-automation-tokens-oei&data=04%7C01%7Caharui%40adobe.com%7C68be0ee998c44830bdce08da13566c2f%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843559769367587%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=RxuaAukhBNmIFrVV98TrPf3UQbSrmvWsnFmO4hIqPNg%3D&reserved=0
>>>>>
>>>>
>>>> From: Alex Harui<ma...@adobe.com.INVALID>
>>>> Sent: Tuesday, March 29, 2022 7:05 PM
>>>> To: dev@royale.apache.org<ma...@royale.apache.org>
>>>> Cc: OmPrakash Muppirala<ma...@gmail.com>
>>>> Subject: Re: NPM Credentials Problem Blocking Release
>>>>
>>>> I get some emails from NPM to apache-royale-owner. I can
>>> forward them
>>>> to private@royale.a.o if they aren't also going there.
>>>>
>>>> One has the subject: [npm] OTP for logging in to your account:
>>>> apache-royale-owner
>>>> The other: Your npm password reset
>>>>
>>>> -Alex
>>>>
>>>> On 3/29/22, 3:37 AM, "Yishay Weiss" <yi...@hotmail.com>
>>> wrote:
>>>>
>>>> Ok, looks like we’ve figured it out for now with a temp
>>> password.
>>>> 2FA does not seem to be a requirement. We will update the private
>>> list with
>>>> the new credentials when that’s ready.
>>>>
>>>> From: Piotr Zarzycki<ma...@gmail.com>
>>>> Sent: Tuesday, March 29, 2022 11:18 AM
>>>> To: Apache Royale Development<ma...@royale.apache.org>
>>>> Cc: OmPrakash Muppirala<ma...@gmail.com>
>>>> Subject: Re: NPM Credentials Problem Blocking Release
>>>>
>>>> Yes it goes to private as I see...
>>>>
>>>> wt., 29 mar 2022 o 09:47 Yishay Weiss <
>>> yishayjobs@hotmail.com>
>>>> napisał(a):
>>>>
>>>>> I’m not sure which email the new password gets sent to.
>>> Does it
>>>> go to
>>>>> private@royale.release.org<mailto:
>>> private@royale.release.org> ?
>>>>>
>>>>> Also, I see some npm requests to do 2FA which we have
>>> ignored.
>>>> It’s
>>>>> probably best to avoid that if possible to keep the release
>>>> scriptable.
>>>>>
>>>>> @OmPrakash Muppirala<ma...@gmail.com>, are
>>> you the
>>>> one who
>>>>> set this up? Can you help out?
>>>>>
>>>>> Thanks.
>>>>>
>>>>> [exec] http request PUT
>>>>>
>>>>
>>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C68be0ee998c44830bdce08da13566c2f%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843559769367587%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=UAIsMatRC%2BEaz0LcwnwGVgeeYOn7F2NyMmFBms6wBOg%3D&reserved=0
>>>>> [exec] info attempt registry request try #1 at
>>> 10:39:44 AM
>>>>> [exec] http request PUT
>>>>>
>>>>
>>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F%40apache-royale%252froyale-js&data=04%7C01%7Caharui%40adobe.com%7C68be0ee998c44830bdce08da13566c2f%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843559769367587%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=E989p%2F9L3cLtaJUw116JjaB%2BOWIv7PQBE4XI8QeFcfU%3D&reserved=0
>>>>> [exec] http 401
>>>>>
>>>>
>>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C68be0ee998c44830bdce08da13566c2f%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843559769367587%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=UAIsMatRC%2BEaz0LcwnwGVgeeYOn7F2NyMmFBms6wBOg%3D&reserved=0
>>>>> [exec] WARN notice Please check your email for a
>>> one-time
>>>> password
>>>>> (OTP)
>>>>> [exec] WARN adduser Incorrect username or password
>>>>> [exec] WARN adduser You can reset your account by
>>> visiting:
>>>>> [exec] WARN adduser
>>>>> [exec] WARN adduser
>>>>
>>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fnpmjs.org%2Fforgot&data=04%7C01%7Caharui%40adobe.com%7C68be0ee998c44830bdce08da13566c2f%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843559769367587%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=2Dyvsj4gGWGBUKKxVbbbN6z2v5nwR%2FIMdOCivupjPC4%3D&reserved=0
>>>>> [exec] WARN adduser
>>>>> [exec]
>>>>>
>>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51
>>>>> [exec] throw new Error(error);
>>>>> [exec] ^
>>>>> [exec]
>>>>> [exec] Error: Error: failed to authenticate: A One
>>> Time
>>>> Password
>>>>> (OTP) by email is required. :
>>>> -/user/org.couchdb.user:apache-royale-owner
>>>>> [exec] at
>>>>>
>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51:14
>>>>> [exec] at
>>>>>
>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14
>>>>> [exec] at
>>>>>
>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16
>>>>> [exec] at f
>>>>>
>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
>>>>> [exec] at
>>>>>
>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10
>>>>> [exec] at
>>>>>
>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12
>>>>> [exec] at f
>>>>>
>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
>>>>> [exec] at RegClient.<anonymous>
>>>>>
>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12)
>>>>> [exec] at Request._callback
>>>>>
>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14)
>>>>> [exec] at Request.self.callback
>>>>>
>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22)
>>>>> [exec] at Request.emit (events.js:315:20)
>>>>> [exec] at Request.<anonymous>
>>>>>
>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10)
>>>>> [exec] at Request.emit (events.js:315:20)
>>>>> [exec] at IncomingMessage.<anonymous>
>>>>>
>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12)
>>>>> [exec] at Object.onceWrapper (events.js:421:28)
>>>>> [exec] at IncomingMessage.emit (events.js:327:22)
>>>>>
>>>>> BUILD FAILED
>>>>> C:\dev\release_royale\releasecandidate.xml:1116: The
>>> following
>>>> error
>>>>> occurred while executing this line:
>>>>> C:\dev\release_royale\releasecandidate.xml:1400: exec
>>> returned: 1
>>>>>
>>>>> Total time: 7 minutes 26 seconds
>>>>>
>>>>>
>>>>
>>>> --
>>>>
>>>> Piotr Zarzycki
>>>>
>>>>
>>>>
>>>> --
>>>
>>> Piotr Zarzycki
>>>
>>>
>>
>
Re: NPM Credentials Problem Blocking Release
Posted by Alex Harui <ah...@adobe.com.INVALID>.
Infra says the actual sender is not support@npmjs.com. They have implemented a custom solution. Yishay, can you try again?
Thanks,
-Alex
On 3/31/22, 1:39 PM, "Alex Harui" <ah...@adobe.com.INVALID> wrote:
Yeah, not sure why that didn't work. I'll email infra.
On 3/31/22, 12:53 PM, "Harbs" <ha...@gmail.com> wrote:
I don’t know why it didn’t work.
We should probably ask Infra.
> On Mar 31, 2022, at 10:23 PM, Yishay Weiss <yi...@hotmail.com> wrote:
>
> I thought Alex fixed it so it doesn’t need you to approve… It’s expired and you should see a couple of more such messages.
>
> From: Harbs<ma...@gmail.com>
> Sent: Thursday, March 31, 2022 10:06 PM
> To: Apache Royale Development<ma...@royale.apache.org>
> Subject: Re: NPM Credentials Problem Blocking Release
>
> I approved and should have added it again to the allow list.
>
> It came through. If it expired already, try again. Hopefully it’ll work...
>
>> On Mar 31, 2022, at 10:01 PM, Yishay Weiss <yi...@hotmail.com> wrote:
>>
>> I just tried logging in, got the OTP sent message, but am not seeing it in private.
>>
>> From: Alex Harui<ma...@adobe.com.INVALID>
>> Sent: Thursday, March 31, 2022 7:44 PM
>> To: dev@royale.apache.org<ma...@royale.apache.org>
>> Subject: Re: NPM Credentials Problem Blocking Release
>>
>> OK, support@npmjs.com is now on the allow list. Yishay, if you try to publish again, in theory the NPM messages will go straight to private@. Let us know if that isn't happening. I'll try to look for moderator messages but they often go to junk and I can't control settings for my corporate email.
>>
>> FWIW, Here's a link to some doc on the EZMLM robot that runs ASF mailing lists. https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Funtroubled.org%2Fezmlm%2Fmanual%2F&data=04%7C01%7Caharui%40adobe.com%7C68be0ee998c44830bdce08da13566c2f%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843559769367587%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=cz8%2FJnSsJ3Qr8tgHva2xxVDhaS3AfnDLMU4m%2B9MjsbM%3D&reserved=0
>>
>> The command I sent was executed by sending an email to private-allow-subscribe-support=npmjs.com@royale.apache.org
>> Any list moderator can send to these sort of email addresses and the robot will parse the address and execute a command. We can subscribe and unsubscribe people, allow them to send and not receive, get a list of all subscribers and more.
>>
>> HTH,
>> -Alex
>>
>> On 3/31/22, 8:44 AM, "Josh Tynjala" <jo...@bowlerhat.dev> wrote:
>>
>> Do it.
>>
>> --
>> Josh Tynjala
>> Bowler Hat LLC <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbowlerhat.dev%2F&data=04%7C01%7Caharui%40adobe.com%7C68be0ee998c44830bdce08da13566c2f%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843559769367587%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=sNCfmhkjPQPw9drAX02YdqUUp7vRiSt26VMlczaLBTI%3D&reserved=0>
>>
>>
>> On Wed, Mar 30, 2022 at 11:24 PM Alex Harui <ah...@adobe.com.invalid>
>> wrote:
>>
>>> Each mailing list has an "allow" subscriber list that is different from
>>> the regular subscriber list. "allow" can send but can't receive. The
>>> syntax can be extracted from the moderator emails. If we get consensus to
>>> try it, I'll send the command.
>>>
>>> On 3/30/22, 11:17 PM, "Piotr Zarzycki" <pi...@gmail.com> wrote:
>>>
>>> I don’t know how to whitelist that email but I will try to figure it
>>> out
>>> soon.
>>>
>>> On Thu, 31 Mar 2022 at 06:06, Alex Harui <ah...@adobe.com.invalid>
>>> wrote:
>>>
>>>> Yishay, maybe you can also be a moderator? It might also be
>>> possible to
>>>> allow emails from npm without moderation. I don't remember if we
>>> tried
>>>> that. It works on the other lists. There might be a restriction on
>>>> private@.
>>>>
>>>> -Alex
>>>>
>>>> On 3/30/22, 7:55 PM, "Yishay Weiss" <yi...@hotmail.com> wrote:
>>>>
>>>> Piotr, being the moderator, is receiving them but it’s hard for
>>> me to
>>>> do anything from my side because I can’t login without a OTP.
>>>>
>>>> I’m guessing we need to either create an automation token, or
>>> change
>>>> the module settings to not require 2FA [1].
>>>>
>>>> [1] Securely Automating npm publish with the New npm Automation
>>> Tokens
>>>> - DEV Community<
>>>>
>>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdev.to%2Fbnb%2Fsecurely-automating-npm-publish-with-the-new-npm-automation-tokens-oei&data=04%7C01%7Caharui%40adobe.com%7C68be0ee998c44830bdce08da13566c2f%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843559769367587%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=RxuaAukhBNmIFrVV98TrPf3UQbSrmvWsnFmO4hIqPNg%3D&reserved=0
>>>>>
>>>>
>>>> From: Alex Harui<ma...@adobe.com.INVALID>
>>>> Sent: Tuesday, March 29, 2022 7:05 PM
>>>> To: dev@royale.apache.org<ma...@royale.apache.org>
>>>> Cc: OmPrakash Muppirala<ma...@gmail.com>
>>>> Subject: Re: NPM Credentials Problem Blocking Release
>>>>
>>>> I get some emails from NPM to apache-royale-owner. I can
>>> forward them
>>>> to private@royale.a.o if they aren't also going there.
>>>>
>>>> One has the subject: [npm] OTP for logging in to your account:
>>>> apache-royale-owner
>>>> The other: Your npm password reset
>>>>
>>>> -Alex
>>>>
>>>> On 3/29/22, 3:37 AM, "Yishay Weiss" <yi...@hotmail.com>
>>> wrote:
>>>>
>>>> Ok, looks like we’ve figured it out for now with a temp
>>> password.
>>>> 2FA does not seem to be a requirement. We will update the private
>>> list with
>>>> the new credentials when that’s ready.
>>>>
>>>> From: Piotr Zarzycki<ma...@gmail.com>
>>>> Sent: Tuesday, March 29, 2022 11:18 AM
>>>> To: Apache Royale Development<ma...@royale.apache.org>
>>>> Cc: OmPrakash Muppirala<ma...@gmail.com>
>>>> Subject: Re: NPM Credentials Problem Blocking Release
>>>>
>>>> Yes it goes to private as I see...
>>>>
>>>> wt., 29 mar 2022 o 09:47 Yishay Weiss <
>>> yishayjobs@hotmail.com>
>>>> napisał(a):
>>>>
>>>>> I’m not sure which email the new password gets sent to.
>>> Does it
>>>> go to
>>>>> private@royale.release.org<mailto:
>>> private@royale.release.org> ?
>>>>>
>>>>> Also, I see some npm requests to do 2FA which we have
>>> ignored.
>>>> It’s
>>>>> probably best to avoid that if possible to keep the release
>>>> scriptable.
>>>>>
>>>>> @OmPrakash Muppirala<ma...@gmail.com>, are
>>> you the
>>>> one who
>>>>> set this up? Can you help out?
>>>>>
>>>>> Thanks.
>>>>>
>>>>> [exec] http request PUT
>>>>>
>>>>
>>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C68be0ee998c44830bdce08da13566c2f%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843559769367587%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=UAIsMatRC%2BEaz0LcwnwGVgeeYOn7F2NyMmFBms6wBOg%3D&reserved=0
>>>>> [exec] info attempt registry request try #1 at
>>> 10:39:44 AM
>>>>> [exec] http request PUT
>>>>>
>>>>
>>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F%40apache-royale%252froyale-js&data=04%7C01%7Caharui%40adobe.com%7C68be0ee998c44830bdce08da13566c2f%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843559769367587%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=E989p%2F9L3cLtaJUw116JjaB%2BOWIv7PQBE4XI8QeFcfU%3D&reserved=0
>>>>> [exec] http 401
>>>>>
>>>>
>>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C68be0ee998c44830bdce08da13566c2f%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843559769367587%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=UAIsMatRC%2BEaz0LcwnwGVgeeYOn7F2NyMmFBms6wBOg%3D&reserved=0
>>>>> [exec] WARN notice Please check your email for a
>>> one-time
>>>> password
>>>>> (OTP)
>>>>> [exec] WARN adduser Incorrect username or password
>>>>> [exec] WARN adduser You can reset your account by
>>> visiting:
>>>>> [exec] WARN adduser
>>>>> [exec] WARN adduser
>>>>
>>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fnpmjs.org%2Fforgot&data=04%7C01%7Caharui%40adobe.com%7C68be0ee998c44830bdce08da13566c2f%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843559769367587%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=2Dyvsj4gGWGBUKKxVbbbN6z2v5nwR%2FIMdOCivupjPC4%3D&reserved=0
>>>>> [exec] WARN adduser
>>>>> [exec]
>>>>>
>>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51
>>>>> [exec] throw new Error(error);
>>>>> [exec] ^
>>>>> [exec]
>>>>> [exec] Error: Error: failed to authenticate: A One
>>> Time
>>>> Password
>>>>> (OTP) by email is required. :
>>>> -/user/org.couchdb.user:apache-royale-owner
>>>>> [exec] at
>>>>>
>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51:14
>>>>> [exec] at
>>>>>
>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14
>>>>> [exec] at
>>>>>
>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16
>>>>> [exec] at f
>>>>>
>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
>>>>> [exec] at
>>>>>
>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10
>>>>> [exec] at
>>>>>
>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12
>>>>> [exec] at f
>>>>>
>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
>>>>> [exec] at RegClient.<anonymous>
>>>>>
>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12)
>>>>> [exec] at Request._callback
>>>>>
>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14)
>>>>> [exec] at Request.self.callback
>>>>>
>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22)
>>>>> [exec] at Request.emit (events.js:315:20)
>>>>> [exec] at Request.<anonymous>
>>>>>
>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10)
>>>>> [exec] at Request.emit (events.js:315:20)
>>>>> [exec] at IncomingMessage.<anonymous>
>>>>>
>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12)
>>>>> [exec] at Object.onceWrapper (events.js:421:28)
>>>>> [exec] at IncomingMessage.emit (events.js:327:22)
>>>>>
>>>>> BUILD FAILED
>>>>> C:\dev\release_royale\releasecandidate.xml:1116: The
>>> following
>>>> error
>>>>> occurred while executing this line:
>>>>> C:\dev\release_royale\releasecandidate.xml:1400: exec
>>> returned: 1
>>>>>
>>>>> Total time: 7 minutes 26 seconds
>>>>>
>>>>>
>>>>
>>>> --
>>>>
>>>> Piotr Zarzycki
>>>>
>>>>
>>>>
>>>> --
>>>
>>> Piotr Zarzycki
>>>
>>>
>>
>
Re: NPM Credentials Problem Blocking Release
Posted by Alex Harui <ah...@adobe.com.INVALID>.
Yeah, not sure why that didn't work. I'll email infra.
On 3/31/22, 12:53 PM, "Harbs" <ha...@gmail.com> wrote:
I don’t know why it didn’t work.
We should probably ask Infra.
> On Mar 31, 2022, at 10:23 PM, Yishay Weiss <yi...@hotmail.com> wrote:
>
> I thought Alex fixed it so it doesn’t need you to approve… It’s expired and you should see a couple of more such messages.
>
> From: Harbs<ma...@gmail.com>
> Sent: Thursday, March 31, 2022 10:06 PM
> To: Apache Royale Development<ma...@royale.apache.org>
> Subject: Re: NPM Credentials Problem Blocking Release
>
> I approved and should have added it again to the allow list.
>
> It came through. If it expired already, try again. Hopefully it’ll work...
>
>> On Mar 31, 2022, at 10:01 PM, Yishay Weiss <yi...@hotmail.com> wrote:
>>
>> I just tried logging in, got the OTP sent message, but am not seeing it in private.
>>
>> From: Alex Harui<ma...@adobe.com.INVALID>
>> Sent: Thursday, March 31, 2022 7:44 PM
>> To: dev@royale.apache.org<ma...@royale.apache.org>
>> Subject: Re: NPM Credentials Problem Blocking Release
>>
>> OK, support@npmjs.com is now on the allow list. Yishay, if you try to publish again, in theory the NPM messages will go straight to private@. Let us know if that isn't happening. I'll try to look for moderator messages but they often go to junk and I can't control settings for my corporate email.
>>
>> FWIW, Here's a link to some doc on the EZMLM robot that runs ASF mailing lists. https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Funtroubled.org%2Fezmlm%2Fmanual%2F&data=04%7C01%7Caharui%40adobe.com%7Cf40dea351c5b41feedb008da1350196c%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843531994000251%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=8YZCiyweu8T1IhoF965DOXsvZQfloT5zwQAWwR9bD%2BE%3D&reserved=0
>>
>> The command I sent was executed by sending an email to private-allow-subscribe-support=npmjs.com@royale.apache.org
>> Any list moderator can send to these sort of email addresses and the robot will parse the address and execute a command. We can subscribe and unsubscribe people, allow them to send and not receive, get a list of all subscribers and more.
>>
>> HTH,
>> -Alex
>>
>> On 3/31/22, 8:44 AM, "Josh Tynjala" <jo...@bowlerhat.dev> wrote:
>>
>> Do it.
>>
>> --
>> Josh Tynjala
>> Bowler Hat LLC <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbowlerhat.dev%2F&data=04%7C01%7Caharui%40adobe.com%7Cf40dea351c5b41feedb008da1350196c%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843531994000251%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=HXIowfNdhetPK88PRv40pSnWcuAHTFUYNIjLRuQg2Hs%3D&reserved=0>
>>
>>
>> On Wed, Mar 30, 2022 at 11:24 PM Alex Harui <ah...@adobe.com.invalid>
>> wrote:
>>
>>> Each mailing list has an "allow" subscriber list that is different from
>>> the regular subscriber list. "allow" can send but can't receive. The
>>> syntax can be extracted from the moderator emails. If we get consensus to
>>> try it, I'll send the command.
>>>
>>> On 3/30/22, 11:17 PM, "Piotr Zarzycki" <pi...@gmail.com> wrote:
>>>
>>> I don’t know how to whitelist that email but I will try to figure it
>>> out
>>> soon.
>>>
>>> On Thu, 31 Mar 2022 at 06:06, Alex Harui <ah...@adobe.com.invalid>
>>> wrote:
>>>
>>>> Yishay, maybe you can also be a moderator? It might also be
>>> possible to
>>>> allow emails from npm without moderation. I don't remember if we
>>> tried
>>>> that. It works on the other lists. There might be a restriction on
>>>> private@.
>>>>
>>>> -Alex
>>>>
>>>> On 3/30/22, 7:55 PM, "Yishay Weiss" <yi...@hotmail.com> wrote:
>>>>
>>>> Piotr, being the moderator, is receiving them but it’s hard for
>>> me to
>>>> do anything from my side because I can’t login without a OTP.
>>>>
>>>> I’m guessing we need to either create an automation token, or
>>> change
>>>> the module settings to not require 2FA [1].
>>>>
>>>> [1] Securely Automating npm publish with the New npm Automation
>>> Tokens
>>>> - DEV Community<
>>>>
>>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdev.to%2Fbnb%2Fsecurely-automating-npm-publish-with-the-new-npm-automation-tokens-oei&data=04%7C01%7Caharui%40adobe.com%7Cf40dea351c5b41feedb008da1350196c%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843531994000251%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=vFwzQJFhxlPuZ%2Bnfy1QsN1V3TO3dtREcgRkiqTJRVJE%3D&reserved=0
>>>>>
>>>>
>>>> From: Alex Harui<ma...@adobe.com.INVALID>
>>>> Sent: Tuesday, March 29, 2022 7:05 PM
>>>> To: dev@royale.apache.org<ma...@royale.apache.org>
>>>> Cc: OmPrakash Muppirala<ma...@gmail.com>
>>>> Subject: Re: NPM Credentials Problem Blocking Release
>>>>
>>>> I get some emails from NPM to apache-royale-owner. I can
>>> forward them
>>>> to private@royale.a.o if they aren't also going there.
>>>>
>>>> One has the subject: [npm] OTP for logging in to your account:
>>>> apache-royale-owner
>>>> The other: Your npm password reset
>>>>
>>>> -Alex
>>>>
>>>> On 3/29/22, 3:37 AM, "Yishay Weiss" <yi...@hotmail.com>
>>> wrote:
>>>>
>>>> Ok, looks like we’ve figured it out for now with a temp
>>> password.
>>>> 2FA does not seem to be a requirement. We will update the private
>>> list with
>>>> the new credentials when that’s ready.
>>>>
>>>> From: Piotr Zarzycki<ma...@gmail.com>
>>>> Sent: Tuesday, March 29, 2022 11:18 AM
>>>> To: Apache Royale Development<ma...@royale.apache.org>
>>>> Cc: OmPrakash Muppirala<ma...@gmail.com>
>>>> Subject: Re: NPM Credentials Problem Blocking Release
>>>>
>>>> Yes it goes to private as I see...
>>>>
>>>> wt., 29 mar 2022 o 09:47 Yishay Weiss <
>>> yishayjobs@hotmail.com>
>>>> napisał(a):
>>>>
>>>>> I’m not sure which email the new password gets sent to.
>>> Does it
>>>> go to
>>>>> private@royale.release.org<mailto:
>>> private@royale.release.org> ?
>>>>>
>>>>> Also, I see some npm requests to do 2FA which we have
>>> ignored.
>>>> It’s
>>>>> probably best to avoid that if possible to keep the release
>>>> scriptable.
>>>>>
>>>>> @OmPrakash Muppirala<ma...@gmail.com>, are
>>> you the
>>>> one who
>>>>> set this up? Can you help out?
>>>>>
>>>>> Thanks.
>>>>>
>>>>> [exec] http request PUT
>>>>>
>>>>
>>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7Cf40dea351c5b41feedb008da1350196c%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843531994000251%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=e4o40U3FLZMOhCin5zNLH27WpMX1I1G6qMIsqrRMw2M%3D&reserved=0
>>>>> [exec] info attempt registry request try #1 at
>>> 10:39:44 AM
>>>>> [exec] http request PUT
>>>>>
>>>>
>>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F%40apache-royale%252froyale-js&data=04%7C01%7Caharui%40adobe.com%7Cf40dea351c5b41feedb008da1350196c%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843531994000251%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=JFDEU0kGE93PVqC1LwlG%2FByZrTGBVpW6qwN3KfYGUBE%3D&reserved=0
>>>>> [exec] http 401
>>>>>
>>>>
>>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7Cf40dea351c5b41feedb008da1350196c%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843531994000251%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=e4o40U3FLZMOhCin5zNLH27WpMX1I1G6qMIsqrRMw2M%3D&reserved=0
>>>>> [exec] WARN notice Please check your email for a
>>> one-time
>>>> password
>>>>> (OTP)
>>>>> [exec] WARN adduser Incorrect username or password
>>>>> [exec] WARN adduser You can reset your account by
>>> visiting:
>>>>> [exec] WARN adduser
>>>>> [exec] WARN adduser
>>>>
>>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fnpmjs.org%2Fforgot&data=04%7C01%7Caharui%40adobe.com%7Cf40dea351c5b41feedb008da1350196c%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843531994000251%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=6m1Yzx1SepHyC9isyUOTCK5PaEvLlBjw%2FXO6C%2B7JRPM%3D&reserved=0
>>>>> [exec] WARN adduser
>>>>> [exec]
>>>>>
>>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51
>>>>> [exec] throw new Error(error);
>>>>> [exec] ^
>>>>> [exec]
>>>>> [exec] Error: Error: failed to authenticate: A One
>>> Time
>>>> Password
>>>>> (OTP) by email is required. :
>>>> -/user/org.couchdb.user:apache-royale-owner
>>>>> [exec] at
>>>>>
>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51:14
>>>>> [exec] at
>>>>>
>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14
>>>>> [exec] at
>>>>>
>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16
>>>>> [exec] at f
>>>>>
>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
>>>>> [exec] at
>>>>>
>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10
>>>>> [exec] at
>>>>>
>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12
>>>>> [exec] at f
>>>>>
>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
>>>>> [exec] at RegClient.<anonymous>
>>>>>
>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12)
>>>>> [exec] at Request._callback
>>>>>
>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14)
>>>>> [exec] at Request.self.callback
>>>>>
>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22)
>>>>> [exec] at Request.emit (events.js:315:20)
>>>>> [exec] at Request.<anonymous>
>>>>>
>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10)
>>>>> [exec] at Request.emit (events.js:315:20)
>>>>> [exec] at IncomingMessage.<anonymous>
>>>>>
>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12)
>>>>> [exec] at Object.onceWrapper (events.js:421:28)
>>>>> [exec] at IncomingMessage.emit (events.js:327:22)
>>>>>
>>>>> BUILD FAILED
>>>>> C:\dev\release_royale\releasecandidate.xml:1116: The
>>> following
>>>> error
>>>>> occurred while executing this line:
>>>>> C:\dev\release_royale\releasecandidate.xml:1400: exec
>>> returned: 1
>>>>>
>>>>> Total time: 7 minutes 26 seconds
>>>>>
>>>>>
>>>>
>>>> --
>>>>
>>>> Piotr Zarzycki
>>>>
>>>>
>>>>
>>>> --
>>>
>>> Piotr Zarzycki
>>>
>>>
>>
>
Re: NPM Credentials Problem Blocking Release
Posted by Harbs <ha...@gmail.com>.
I don’t know why it didn’t work.
We should probably ask Infra.
> On Mar 31, 2022, at 10:23 PM, Yishay Weiss <yi...@hotmail.com> wrote:
>
> I thought Alex fixed it so it doesn’t need you to approve… It’s expired and you should see a couple of more such messages.
>
> From: Harbs<ma...@gmail.com>
> Sent: Thursday, March 31, 2022 10:06 PM
> To: Apache Royale Development<ma...@royale.apache.org>
> Subject: Re: NPM Credentials Problem Blocking Release
>
> I approved and should have added it again to the allow list.
>
> It came through. If it expired already, try again. Hopefully it’ll work...
>
>> On Mar 31, 2022, at 10:01 PM, Yishay Weiss <yi...@hotmail.com> wrote:
>>
>> I just tried logging in, got the OTP sent message, but am not seeing it in private.
>>
>> From: Alex Harui<ma...@adobe.com.INVALID>
>> Sent: Thursday, March 31, 2022 7:44 PM
>> To: dev@royale.apache.org<ma...@royale.apache.org>
>> Subject: Re: NPM Credentials Problem Blocking Release
>>
>> OK, support@npmjs.com is now on the allow list. Yishay, if you try to publish again, in theory the NPM messages will go straight to private@. Let us know if that isn't happening. I'll try to look for moderator messages but they often go to junk and I can't control settings for my corporate email.
>>
>> FWIW, Here's a link to some doc on the EZMLM robot that runs ASF mailing lists. https://untroubled.org/ezmlm/manual/
>>
>> The command I sent was executed by sending an email to private-allow-subscribe-support=npmjs.com@royale.apache.org
>> Any list moderator can send to these sort of email addresses and the robot will parse the address and execute a command. We can subscribe and unsubscribe people, allow them to send and not receive, get a list of all subscribers and more.
>>
>> HTH,
>> -Alex
>>
>> On 3/31/22, 8:44 AM, "Josh Tynjala" <jo...@bowlerhat.dev> wrote:
>>
>> Do it.
>>
>> --
>> Josh Tynjala
>> Bowler Hat LLC <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbowlerhat.dev%2F&data=04%7C01%7Caharui%40adobe.com%7C382be41135db42c6bbff08da132d6383%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843382910921619%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=oh6FobNIVBZdKNPjOh%2BF8aZbB3WvNY9Dl9nijoLzK2g%3D&reserved=0>
>>
>>
>> On Wed, Mar 30, 2022 at 11:24 PM Alex Harui <ah...@adobe.com.invalid>
>> wrote:
>>
>>> Each mailing list has an "allow" subscriber list that is different from
>>> the regular subscriber list. "allow" can send but can't receive. The
>>> syntax can be extracted from the moderator emails. If we get consensus to
>>> try it, I'll send the command.
>>>
>>> On 3/30/22, 11:17 PM, "Piotr Zarzycki" <pi...@gmail.com> wrote:
>>>
>>> I don’t know how to whitelist that email but I will try to figure it
>>> out
>>> soon.
>>>
>>> On Thu, 31 Mar 2022 at 06:06, Alex Harui <ah...@adobe.com.invalid>
>>> wrote:
>>>
>>>> Yishay, maybe you can also be a moderator? It might also be
>>> possible to
>>>> allow emails from npm without moderation. I don't remember if we
>>> tried
>>>> that. It works on the other lists. There might be a restriction on
>>>> private@.
>>>>
>>>> -Alex
>>>>
>>>> On 3/30/22, 7:55 PM, "Yishay Weiss" <yi...@hotmail.com> wrote:
>>>>
>>>> Piotr, being the moderator, is receiving them but it’s hard for
>>> me to
>>>> do anything from my side because I can’t login without a OTP.
>>>>
>>>> I’m guessing we need to either create an automation token, or
>>> change
>>>> the module settings to not require 2FA [1].
>>>>
>>>> [1] Securely Automating npm publish with the New npm Automation
>>> Tokens
>>>> - DEV Community<
>>>>
>>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdev.to%2Fbnb%2Fsecurely-automating-npm-publish-with-the-new-npm-automation-tokens-oei&data=04%7C01%7Caharui%40adobe.com%7C382be41135db42c6bbff08da132d6383%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843382910921619%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=FAhB2Dg%2FZPEsGckPEXcxT65vcQqt6YkGFaJ9IkCJ%2Blo%3D&reserved=0
>>>>>
>>>>
>>>> From: Alex Harui<ma...@adobe.com.INVALID>
>>>> Sent: Tuesday, March 29, 2022 7:05 PM
>>>> To: dev@royale.apache.org<ma...@royale.apache.org>
>>>> Cc: OmPrakash Muppirala<ma...@gmail.com>
>>>> Subject: Re: NPM Credentials Problem Blocking Release
>>>>
>>>> I get some emails from NPM to apache-royale-owner. I can
>>> forward them
>>>> to private@royale.a.o if they aren't also going there.
>>>>
>>>> One has the subject: [npm] OTP for logging in to your account:
>>>> apache-royale-owner
>>>> The other: Your npm password reset
>>>>
>>>> -Alex
>>>>
>>>> On 3/29/22, 3:37 AM, "Yishay Weiss" <yi...@hotmail.com>
>>> wrote:
>>>>
>>>> Ok, looks like we’ve figured it out for now with a temp
>>> password.
>>>> 2FA does not seem to be a requirement. We will update the private
>>> list with
>>>> the new credentials when that’s ready.
>>>>
>>>> From: Piotr Zarzycki<ma...@gmail.com>
>>>> Sent: Tuesday, March 29, 2022 11:18 AM
>>>> To: Apache Royale Development<ma...@royale.apache.org>
>>>> Cc: OmPrakash Muppirala<ma...@gmail.com>
>>>> Subject: Re: NPM Credentials Problem Blocking Release
>>>>
>>>> Yes it goes to private as I see...
>>>>
>>>> wt., 29 mar 2022 o 09:47 Yishay Weiss <
>>> yishayjobs@hotmail.com>
>>>> napisał(a):
>>>>
>>>>> I’m not sure which email the new password gets sent to.
>>> Does it
>>>> go to
>>>>> private@royale.release.org<mailto:
>>> private@royale.release.org> ?
>>>>>
>>>>> Also, I see some npm requests to do 2FA which we have
>>> ignored.
>>>> It’s
>>>>> probably best to avoid that if possible to keep the release
>>>> scriptable.
>>>>>
>>>>> @OmPrakash Muppirala<ma...@gmail.com>, are
>>> you the
>>>> one who
>>>>> set this up? Can you help out?
>>>>>
>>>>> Thanks.
>>>>>
>>>>> [exec] http request PUT
>>>>>
>>>>
>>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C382be41135db42c6bbff08da132d6383%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843382910921619%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=pFeznO0SBwibJPEMEDyBfEG%2F6qx1bLfE2%2BaA8mUV4NQ%3D&reserved=0
>>>>> [exec] info attempt registry request try #1 at
>>> 10:39:44 AM
>>>>> [exec] http request PUT
>>>>>
>>>>
>>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F%40apache-royale%252froyale-js&data=04%7C01%7Caharui%40adobe.com%7C382be41135db42c6bbff08da132d6383%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843382910921619%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=kXQOkbWdWMYMqn6xGdPL3f7vB4PSuhLRynMlZGgBNAc%3D&reserved=0
>>>>> [exec] http 401
>>>>>
>>>>
>>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C382be41135db42c6bbff08da132d6383%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843382910921619%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=pFeznO0SBwibJPEMEDyBfEG%2F6qx1bLfE2%2BaA8mUV4NQ%3D&reserved=0
>>>>> [exec] WARN notice Please check your email for a
>>> one-time
>>>> password
>>>>> (OTP)
>>>>> [exec] WARN adduser Incorrect username or password
>>>>> [exec] WARN adduser You can reset your account by
>>> visiting:
>>>>> [exec] WARN adduser
>>>>> [exec] WARN adduser
>>>>
>>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fnpmjs.org%2Fforgot&data=04%7C01%7Caharui%40adobe.com%7C382be41135db42c6bbff08da132d6383%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843382910921619%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=3sONnnnCtAKBcD7JjDxPTZ3SRsKphpZvEEV2b2o%2BGt4%3D&reserved=0
>>>>> [exec] WARN adduser
>>>>> [exec]
>>>>>
>>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51
>>>>> [exec] throw new Error(error);
>>>>> [exec] ^
>>>>> [exec]
>>>>> [exec] Error: Error: failed to authenticate: A One
>>> Time
>>>> Password
>>>>> (OTP) by email is required. :
>>>> -/user/org.couchdb.user:apache-royale-owner
>>>>> [exec] at
>>>>>
>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51:14
>>>>> [exec] at
>>>>>
>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14
>>>>> [exec] at
>>>>>
>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16
>>>>> [exec] at f
>>>>>
>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
>>>>> [exec] at
>>>>>
>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10
>>>>> [exec] at
>>>>>
>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12
>>>>> [exec] at f
>>>>>
>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
>>>>> [exec] at RegClient.<anonymous>
>>>>>
>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12)
>>>>> [exec] at Request._callback
>>>>>
>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14)
>>>>> [exec] at Request.self.callback
>>>>>
>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22)
>>>>> [exec] at Request.emit (events.js:315:20)
>>>>> [exec] at Request.<anonymous>
>>>>>
>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10)
>>>>> [exec] at Request.emit (events.js:315:20)
>>>>> [exec] at IncomingMessage.<anonymous>
>>>>>
>>>>
>>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12)
>>>>> [exec] at Object.onceWrapper (events.js:421:28)
>>>>> [exec] at IncomingMessage.emit (events.js:327:22)
>>>>>
>>>>> BUILD FAILED
>>>>> C:\dev\release_royale\releasecandidate.xml:1116: The
>>> following
>>>> error
>>>>> occurred while executing this line:
>>>>> C:\dev\release_royale\releasecandidate.xml:1400: exec
>>> returned: 1
>>>>>
>>>>> Total time: 7 minutes 26 seconds
>>>>>
>>>>>
>>>>
>>>> --
>>>>
>>>> Piotr Zarzycki
>>>>
>>>>
>>>>
>>>> --
>>>
>>> Piotr Zarzycki
>>>
>>>
>>
>
RE: NPM Credentials Problem Blocking Release
Posted by Yishay Weiss <yi...@hotmail.com>.
I thought Alex fixed it so it doesn’t need you to approve… It’s expired and you should see a couple of more such messages.
From: Harbs<ma...@gmail.com>
Sent: Thursday, March 31, 2022 10:06 PM
To: Apache Royale Development<ma...@royale.apache.org>
Subject: Re: NPM Credentials Problem Blocking Release
I approved and should have added it again to the allow list.
It came through. If it expired already, try again. Hopefully it’ll work...
> On Mar 31, 2022, at 10:01 PM, Yishay Weiss <yi...@hotmail.com> wrote:
>
> I just tried logging in, got the OTP sent message, but am not seeing it in private.
>
> From: Alex Harui<ma...@adobe.com.INVALID>
> Sent: Thursday, March 31, 2022 7:44 PM
> To: dev@royale.apache.org<ma...@royale.apache.org>
> Subject: Re: NPM Credentials Problem Blocking Release
>
> OK, support@npmjs.com is now on the allow list. Yishay, if you try to publish again, in theory the NPM messages will go straight to private@. Let us know if that isn't happening. I'll try to look for moderator messages but they often go to junk and I can't control settings for my corporate email.
>
> FWIW, Here's a link to some doc on the EZMLM robot that runs ASF mailing lists. https://untroubled.org/ezmlm/manual/
>
> The command I sent was executed by sending an email to private-allow-subscribe-support=npmjs.com@royale.apache.org
> Any list moderator can send to these sort of email addresses and the robot will parse the address and execute a command. We can subscribe and unsubscribe people, allow them to send and not receive, get a list of all subscribers and more.
>
> HTH,
> -Alex
>
> On 3/31/22, 8:44 AM, "Josh Tynjala" <jo...@bowlerhat.dev> wrote:
>
> Do it.
>
> --
> Josh Tynjala
> Bowler Hat LLC <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbowlerhat.dev%2F&data=04%7C01%7Caharui%40adobe.com%7C382be41135db42c6bbff08da132d6383%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843382910921619%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=oh6FobNIVBZdKNPjOh%2BF8aZbB3WvNY9Dl9nijoLzK2g%3D&reserved=0>
>
>
> On Wed, Mar 30, 2022 at 11:24 PM Alex Harui <ah...@adobe.com.invalid>
> wrote:
>
>> Each mailing list has an "allow" subscriber list that is different from
>> the regular subscriber list. "allow" can send but can't receive. The
>> syntax can be extracted from the moderator emails. If we get consensus to
>> try it, I'll send the command.
>>
>> On 3/30/22, 11:17 PM, "Piotr Zarzycki" <pi...@gmail.com> wrote:
>>
>> I don’t know how to whitelist that email but I will try to figure it
>> out
>> soon.
>>
>> On Thu, 31 Mar 2022 at 06:06, Alex Harui <ah...@adobe.com.invalid>
>> wrote:
>>
>>> Yishay, maybe you can also be a moderator? It might also be
>> possible to
>>> allow emails from npm without moderation. I don't remember if we
>> tried
>>> that. It works on the other lists. There might be a restriction on
>>> private@.
>>>
>>> -Alex
>>>
>>> On 3/30/22, 7:55 PM, "Yishay Weiss" <yi...@hotmail.com> wrote:
>>>
>>> Piotr, being the moderator, is receiving them but it’s hard for
>> me to
>>> do anything from my side because I can’t login without a OTP.
>>>
>>> I’m guessing we need to either create an automation token, or
>> change
>>> the module settings to not require 2FA [1].
>>>
>>> [1] Securely Automating npm publish with the New npm Automation
>> Tokens
>>> - DEV Community<
>>>
>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdev.to%2Fbnb%2Fsecurely-automating-npm-publish-with-the-new-npm-automation-tokens-oei&data=04%7C01%7Caharui%40adobe.com%7C382be41135db42c6bbff08da132d6383%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843382910921619%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=FAhB2Dg%2FZPEsGckPEXcxT65vcQqt6YkGFaJ9IkCJ%2Blo%3D&reserved=0
>>>>
>>>
>>> From: Alex Harui<ma...@adobe.com.INVALID>
>>> Sent: Tuesday, March 29, 2022 7:05 PM
>>> To: dev@royale.apache.org<ma...@royale.apache.org>
>>> Cc: OmPrakash Muppirala<ma...@gmail.com>
>>> Subject: Re: NPM Credentials Problem Blocking Release
>>>
>>> I get some emails from NPM to apache-royale-owner. I can
>> forward them
>>> to private@royale.a.o if they aren't also going there.
>>>
>>> One has the subject: [npm] OTP for logging in to your account:
>>> apache-royale-owner
>>> The other: Your npm password reset
>>>
>>> -Alex
>>>
>>> On 3/29/22, 3:37 AM, "Yishay Weiss" <yi...@hotmail.com>
>> wrote:
>>>
>>> Ok, looks like we’ve figured it out for now with a temp
>> password.
>>> 2FA does not seem to be a requirement. We will update the private
>> list with
>>> the new credentials when that’s ready.
>>>
>>> From: Piotr Zarzycki<ma...@gmail.com>
>>> Sent: Tuesday, March 29, 2022 11:18 AM
>>> To: Apache Royale Development<ma...@royale.apache.org>
>>> Cc: OmPrakash Muppirala<ma...@gmail.com>
>>> Subject: Re: NPM Credentials Problem Blocking Release
>>>
>>> Yes it goes to private as I see...
>>>
>>> wt., 29 mar 2022 o 09:47 Yishay Weiss <
>> yishayjobs@hotmail.com>
>>> napisał(a):
>>>
>>>> I’m not sure which email the new password gets sent to.
>> Does it
>>> go to
>>>> private@royale.release.org<mailto:
>> private@royale.release.org> ?
>>>>
>>>> Also, I see some npm requests to do 2FA which we have
>> ignored.
>>> It’s
>>>> probably best to avoid that if possible to keep the release
>>> scriptable.
>>>>
>>>> @OmPrakash Muppirala<ma...@gmail.com>, are
>> you the
>>> one who
>>>> set this up? Can you help out?
>>>>
>>>> Thanks.
>>>>
>>>> [exec] http request PUT
>>>>
>>>
>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C382be41135db42c6bbff08da132d6383%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843382910921619%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=pFeznO0SBwibJPEMEDyBfEG%2F6qx1bLfE2%2BaA8mUV4NQ%3D&reserved=0
>>>> [exec] info attempt registry request try #1 at
>> 10:39:44 AM
>>>> [exec] http request PUT
>>>>
>>>
>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F%40apache-royale%252froyale-js&data=04%7C01%7Caharui%40adobe.com%7C382be41135db42c6bbff08da132d6383%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843382910921619%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=kXQOkbWdWMYMqn6xGdPL3f7vB4PSuhLRynMlZGgBNAc%3D&reserved=0
>>>> [exec] http 401
>>>>
>>>
>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C382be41135db42c6bbff08da132d6383%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843382910921619%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=pFeznO0SBwibJPEMEDyBfEG%2F6qx1bLfE2%2BaA8mUV4NQ%3D&reserved=0
>>>> [exec] WARN notice Please check your email for a
>> one-time
>>> password
>>>> (OTP)
>>>> [exec] WARN adduser Incorrect username or password
>>>> [exec] WARN adduser You can reset your account by
>> visiting:
>>>> [exec] WARN adduser
>>>> [exec] WARN adduser
>>>
>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fnpmjs.org%2Fforgot&data=04%7C01%7Caharui%40adobe.com%7C382be41135db42c6bbff08da132d6383%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843382910921619%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=3sONnnnCtAKBcD7JjDxPTZ3SRsKphpZvEEV2b2o%2BGt4%3D&reserved=0
>>>> [exec] WARN adduser
>>>> [exec]
>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51
>>>> [exec] throw new Error(error);
>>>> [exec] ^
>>>> [exec]
>>>> [exec] Error: Error: failed to authenticate: A One
>> Time
>>> Password
>>>> (OTP) by email is required. :
>>> -/user/org.couchdb.user:apache-royale-owner
>>>> [exec] at
>>>>
>>>
>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51:14
>>>> [exec] at
>>>>
>>>
>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14
>>>> [exec] at
>>>>
>>>
>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16
>>>> [exec] at f
>>>>
>>>
>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
>>>> [exec] at
>>>>
>>>
>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10
>>>> [exec] at
>>>>
>>>
>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12
>>>> [exec] at f
>>>>
>>>
>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
>>>> [exec] at RegClient.<anonymous>
>>>>
>>>
>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12)
>>>> [exec] at Request._callback
>>>>
>>>
>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14)
>>>> [exec] at Request.self.callback
>>>>
>>>
>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22)
>>>> [exec] at Request.emit (events.js:315:20)
>>>> [exec] at Request.<anonymous>
>>>>
>>>
>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10)
>>>> [exec] at Request.emit (events.js:315:20)
>>>> [exec] at IncomingMessage.<anonymous>
>>>>
>>>
>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12)
>>>> [exec] at Object.onceWrapper (events.js:421:28)
>>>> [exec] at IncomingMessage.emit (events.js:327:22)
>>>>
>>>> BUILD FAILED
>>>> C:\dev\release_royale\releasecandidate.xml:1116: The
>> following
>>> error
>>>> occurred while executing this line:
>>>> C:\dev\release_royale\releasecandidate.xml:1400: exec
>> returned: 1
>>>>
>>>> Total time: 7 minutes 26 seconds
>>>>
>>>>
>>>
>>> --
>>>
>>> Piotr Zarzycki
>>>
>>>
>>>
>>> --
>>
>> Piotr Zarzycki
>>
>>
>
Re: NPM Credentials Problem Blocking Release
Posted by Harbs <ha...@gmail.com>.
I approved and should have added it again to the allow list.
It came through. If it expired already, try again. Hopefully it’ll work...
> On Mar 31, 2022, at 10:01 PM, Yishay Weiss <yi...@hotmail.com> wrote:
>
> I just tried logging in, got the OTP sent message, but am not seeing it in private.
>
> From: Alex Harui<ma...@adobe.com.INVALID>
> Sent: Thursday, March 31, 2022 7:44 PM
> To: dev@royale.apache.org<ma...@royale.apache.org>
> Subject: Re: NPM Credentials Problem Blocking Release
>
> OK, support@npmjs.com is now on the allow list. Yishay, if you try to publish again, in theory the NPM messages will go straight to private@. Let us know if that isn't happening. I'll try to look for moderator messages but they often go to junk and I can't control settings for my corporate email.
>
> FWIW, Here's a link to some doc on the EZMLM robot that runs ASF mailing lists. https://untroubled.org/ezmlm/manual/
>
> The command I sent was executed by sending an email to private-allow-subscribe-support=npmjs.com@royale.apache.org
> Any list moderator can send to these sort of email addresses and the robot will parse the address and execute a command. We can subscribe and unsubscribe people, allow them to send and not receive, get a list of all subscribers and more.
>
> HTH,
> -Alex
>
> On 3/31/22, 8:44 AM, "Josh Tynjala" <jo...@bowlerhat.dev> wrote:
>
> Do it.
>
> --
> Josh Tynjala
> Bowler Hat LLC <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbowlerhat.dev%2F&data=04%7C01%7Caharui%40adobe.com%7C382be41135db42c6bbff08da132d6383%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843382910921619%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=oh6FobNIVBZdKNPjOh%2BF8aZbB3WvNY9Dl9nijoLzK2g%3D&reserved=0>
>
>
> On Wed, Mar 30, 2022 at 11:24 PM Alex Harui <ah...@adobe.com.invalid>
> wrote:
>
>> Each mailing list has an "allow" subscriber list that is different from
>> the regular subscriber list. "allow" can send but can't receive. The
>> syntax can be extracted from the moderator emails. If we get consensus to
>> try it, I'll send the command.
>>
>> On 3/30/22, 11:17 PM, "Piotr Zarzycki" <pi...@gmail.com> wrote:
>>
>> I don’t know how to whitelist that email but I will try to figure it
>> out
>> soon.
>>
>> On Thu, 31 Mar 2022 at 06:06, Alex Harui <ah...@adobe.com.invalid>
>> wrote:
>>
>>> Yishay, maybe you can also be a moderator? It might also be
>> possible to
>>> allow emails from npm without moderation. I don't remember if we
>> tried
>>> that. It works on the other lists. There might be a restriction on
>>> private@.
>>>
>>> -Alex
>>>
>>> On 3/30/22, 7:55 PM, "Yishay Weiss" <yi...@hotmail.com> wrote:
>>>
>>> Piotr, being the moderator, is receiving them but it’s hard for
>> me to
>>> do anything from my side because I can’t login without a OTP.
>>>
>>> I’m guessing we need to either create an automation token, or
>> change
>>> the module settings to not require 2FA [1].
>>>
>>> [1] Securely Automating npm publish with the New npm Automation
>> Tokens
>>> - DEV Community<
>>>
>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdev.to%2Fbnb%2Fsecurely-automating-npm-publish-with-the-new-npm-automation-tokens-oei&data=04%7C01%7Caharui%40adobe.com%7C382be41135db42c6bbff08da132d6383%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843382910921619%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=FAhB2Dg%2FZPEsGckPEXcxT65vcQqt6YkGFaJ9IkCJ%2Blo%3D&reserved=0
>>>>
>>>
>>> From: Alex Harui<ma...@adobe.com.INVALID>
>>> Sent: Tuesday, March 29, 2022 7:05 PM
>>> To: dev@royale.apache.org<ma...@royale.apache.org>
>>> Cc: OmPrakash Muppirala<ma...@gmail.com>
>>> Subject: Re: NPM Credentials Problem Blocking Release
>>>
>>> I get some emails from NPM to apache-royale-owner. I can
>> forward them
>>> to private@royale.a.o if they aren't also going there.
>>>
>>> One has the subject: [npm] OTP for logging in to your account:
>>> apache-royale-owner
>>> The other: Your npm password reset
>>>
>>> -Alex
>>>
>>> On 3/29/22, 3:37 AM, "Yishay Weiss" <yi...@hotmail.com>
>> wrote:
>>>
>>> Ok, looks like we’ve figured it out for now with a temp
>> password.
>>> 2FA does not seem to be a requirement. We will update the private
>> list with
>>> the new credentials when that’s ready.
>>>
>>> From: Piotr Zarzycki<ma...@gmail.com>
>>> Sent: Tuesday, March 29, 2022 11:18 AM
>>> To: Apache Royale Development<ma...@royale.apache.org>
>>> Cc: OmPrakash Muppirala<ma...@gmail.com>
>>> Subject: Re: NPM Credentials Problem Blocking Release
>>>
>>> Yes it goes to private as I see...
>>>
>>> wt., 29 mar 2022 o 09:47 Yishay Weiss <
>> yishayjobs@hotmail.com>
>>> napisał(a):
>>>
>>>> I’m not sure which email the new password gets sent to.
>> Does it
>>> go to
>>>> private@royale.release.org<mailto:
>> private@royale.release.org> ?
>>>>
>>>> Also, I see some npm requests to do 2FA which we have
>> ignored.
>>> It’s
>>>> probably best to avoid that if possible to keep the release
>>> scriptable.
>>>>
>>>> @OmPrakash Muppirala<ma...@gmail.com>, are
>> you the
>>> one who
>>>> set this up? Can you help out?
>>>>
>>>> Thanks.
>>>>
>>>> [exec] http request PUT
>>>>
>>>
>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C382be41135db42c6bbff08da132d6383%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843382910921619%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=pFeznO0SBwibJPEMEDyBfEG%2F6qx1bLfE2%2BaA8mUV4NQ%3D&reserved=0
>>>> [exec] info attempt registry request try #1 at
>> 10:39:44 AM
>>>> [exec] http request PUT
>>>>
>>>
>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F%40apache-royale%252froyale-js&data=04%7C01%7Caharui%40adobe.com%7C382be41135db42c6bbff08da132d6383%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843382910921619%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=kXQOkbWdWMYMqn6xGdPL3f7vB4PSuhLRynMlZGgBNAc%3D&reserved=0
>>>> [exec] http 401
>>>>
>>>
>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C382be41135db42c6bbff08da132d6383%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843382910921619%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=pFeznO0SBwibJPEMEDyBfEG%2F6qx1bLfE2%2BaA8mUV4NQ%3D&reserved=0
>>>> [exec] WARN notice Please check your email for a
>> one-time
>>> password
>>>> (OTP)
>>>> [exec] WARN adduser Incorrect username or password
>>>> [exec] WARN adduser You can reset your account by
>> visiting:
>>>> [exec] WARN adduser
>>>> [exec] WARN adduser
>>>
>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fnpmjs.org%2Fforgot&data=04%7C01%7Caharui%40adobe.com%7C382be41135db42c6bbff08da132d6383%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843382910921619%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=3sONnnnCtAKBcD7JjDxPTZ3SRsKphpZvEEV2b2o%2BGt4%3D&reserved=0
>>>> [exec] WARN adduser
>>>> [exec]
>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51
>>>> [exec] throw new Error(error);
>>>> [exec] ^
>>>> [exec]
>>>> [exec] Error: Error: failed to authenticate: A One
>> Time
>>> Password
>>>> (OTP) by email is required. :
>>> -/user/org.couchdb.user:apache-royale-owner
>>>> [exec] at
>>>>
>>>
>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51:14
>>>> [exec] at
>>>>
>>>
>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14
>>>> [exec] at
>>>>
>>>
>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16
>>>> [exec] at f
>>>>
>>>
>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
>>>> [exec] at
>>>>
>>>
>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10
>>>> [exec] at
>>>>
>>>
>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12
>>>> [exec] at f
>>>>
>>>
>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
>>>> [exec] at RegClient.<anonymous>
>>>>
>>>
>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12)
>>>> [exec] at Request._callback
>>>>
>>>
>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14)
>>>> [exec] at Request.self.callback
>>>>
>>>
>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22)
>>>> [exec] at Request.emit (events.js:315:20)
>>>> [exec] at Request.<anonymous>
>>>>
>>>
>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10)
>>>> [exec] at Request.emit (events.js:315:20)
>>>> [exec] at IncomingMessage.<anonymous>
>>>>
>>>
>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12)
>>>> [exec] at Object.onceWrapper (events.js:421:28)
>>>> [exec] at IncomingMessage.emit (events.js:327:22)
>>>>
>>>> BUILD FAILED
>>>> C:\dev\release_royale\releasecandidate.xml:1116: The
>> following
>>> error
>>>> occurred while executing this line:
>>>> C:\dev\release_royale\releasecandidate.xml:1400: exec
>> returned: 1
>>>>
>>>> Total time: 7 minutes 26 seconds
>>>>
>>>>
>>>
>>> --
>>>
>>> Piotr Zarzycki
>>>
>>>
>>>
>>> --
>>
>> Piotr Zarzycki
>>
>>
>
RE: NPM Credentials Problem Blocking Release
Posted by Yishay Weiss <yi...@hotmail.com>.
I just tried logging in, got the OTP sent message, but am not seeing it in private.
From: Alex Harui<ma...@adobe.com.INVALID>
Sent: Thursday, March 31, 2022 7:44 PM
To: dev@royale.apache.org<ma...@royale.apache.org>
Subject: Re: NPM Credentials Problem Blocking Release
OK, support@npmjs.com is now on the allow list. Yishay, if you try to publish again, in theory the NPM messages will go straight to private@. Let us know if that isn't happening. I'll try to look for moderator messages but they often go to junk and I can't control settings for my corporate email.
FWIW, Here's a link to some doc on the EZMLM robot that runs ASF mailing lists. https://untroubled.org/ezmlm/manual/
The command I sent was executed by sending an email to private-allow-subscribe-support=npmjs.com@royale.apache.org
Any list moderator can send to these sort of email addresses and the robot will parse the address and execute a command. We can subscribe and unsubscribe people, allow them to send and not receive, get a list of all subscribers and more.
HTH,
-Alex
On 3/31/22, 8:44 AM, "Josh Tynjala" <jo...@bowlerhat.dev> wrote:
Do it.
--
Josh Tynjala
Bowler Hat LLC <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbowlerhat.dev%2F&data=04%7C01%7Caharui%40adobe.com%7C382be41135db42c6bbff08da132d6383%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843382910921619%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=oh6FobNIVBZdKNPjOh%2BF8aZbB3WvNY9Dl9nijoLzK2g%3D&reserved=0>
On Wed, Mar 30, 2022 at 11:24 PM Alex Harui <ah...@adobe.com.invalid>
wrote:
> Each mailing list has an "allow" subscriber list that is different from
> the regular subscriber list. "allow" can send but can't receive. The
> syntax can be extracted from the moderator emails. If we get consensus to
> try it, I'll send the command.
>
> On 3/30/22, 11:17 PM, "Piotr Zarzycki" <pi...@gmail.com> wrote:
>
> I don’t know how to whitelist that email but I will try to figure it
> out
> soon.
>
> On Thu, 31 Mar 2022 at 06:06, Alex Harui <ah...@adobe.com.invalid>
> wrote:
>
> > Yishay, maybe you can also be a moderator? It might also be
> possible to
> > allow emails from npm without moderation. I don't remember if we
> tried
> > that. It works on the other lists. There might be a restriction on
> > private@.
> >
> > -Alex
> >
> > On 3/30/22, 7:55 PM, "Yishay Weiss" <yi...@hotmail.com> wrote:
> >
> > Piotr, being the moderator, is receiving them but it’s hard for
> me to
> > do anything from my side because I can’t login without a OTP.
> >
> > I’m guessing we need to either create an automation token, or
> change
> > the module settings to not require 2FA [1].
> >
> > [1] Securely Automating npm publish with the New npm Automation
> Tokens
> > - DEV Community<
> >
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdev.to%2Fbnb%2Fsecurely-automating-npm-publish-with-the-new-npm-automation-tokens-oei&data=04%7C01%7Caharui%40adobe.com%7C382be41135db42c6bbff08da132d6383%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843382910921619%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=FAhB2Dg%2FZPEsGckPEXcxT65vcQqt6YkGFaJ9IkCJ%2Blo%3D&reserved=0
> > >
> >
> > From: Alex Harui<ma...@adobe.com.INVALID>
> > Sent: Tuesday, March 29, 2022 7:05 PM
> > To: dev@royale.apache.org<ma...@royale.apache.org>
> > Cc: OmPrakash Muppirala<ma...@gmail.com>
> > Subject: Re: NPM Credentials Problem Blocking Release
> >
> > I get some emails from NPM to apache-royale-owner. I can
> forward them
> > to private@royale.a.o if they aren't also going there.
> >
> > One has the subject: [npm] OTP for logging in to your account:
> > apache-royale-owner
> > The other: Your npm password reset
> >
> > -Alex
> >
> > On 3/29/22, 3:37 AM, "Yishay Weiss" <yi...@hotmail.com>
> wrote:
> >
> > Ok, looks like we’ve figured it out for now with a temp
> password.
> > 2FA does not seem to be a requirement. We will update the private
> list with
> > the new credentials when that’s ready.
> >
> > From: Piotr Zarzycki<ma...@gmail.com>
> > Sent: Tuesday, March 29, 2022 11:18 AM
> > To: Apache Royale Development<ma...@royale.apache.org>
> > Cc: OmPrakash Muppirala<ma...@gmail.com>
> > Subject: Re: NPM Credentials Problem Blocking Release
> >
> > Yes it goes to private as I see...
> >
> > wt., 29 mar 2022 o 09:47 Yishay Weiss <
> yishayjobs@hotmail.com>
> > napisał(a):
> >
> > > I’m not sure which email the new password gets sent to.
> Does it
> > go to
> > > private@royale.release.org<mailto:
> private@royale.release.org> ?
> > >
> > > Also, I see some npm requests to do 2FA which we have
> ignored.
> > It’s
> > > probably best to avoid that if possible to keep the release
> > scriptable.
> > >
> > > @OmPrakash Muppirala<ma...@gmail.com>, are
> you the
> > one who
> > > set this up? Can you help out?
> > >
> > > Thanks.
> > >
> > > [exec] http request PUT
> > >
> >
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C382be41135db42c6bbff08da132d6383%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843382910921619%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=pFeznO0SBwibJPEMEDyBfEG%2F6qx1bLfE2%2BaA8mUV4NQ%3D&reserved=0
> > > [exec] info attempt registry request try #1 at
> 10:39:44 AM
> > > [exec] http request PUT
> > >
> >
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F%40apache-royale%252froyale-js&data=04%7C01%7Caharui%40adobe.com%7C382be41135db42c6bbff08da132d6383%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843382910921619%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=kXQOkbWdWMYMqn6xGdPL3f7vB4PSuhLRynMlZGgBNAc%3D&reserved=0
> > > [exec] http 401
> > >
> >
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C382be41135db42c6bbff08da132d6383%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843382910921619%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=pFeznO0SBwibJPEMEDyBfEG%2F6qx1bLfE2%2BaA8mUV4NQ%3D&reserved=0
> > > [exec] WARN notice Please check your email for a
> one-time
> > password
> > > (OTP)
> > > [exec] WARN adduser Incorrect username or password
> > > [exec] WARN adduser You can reset your account by
> visiting:
> > > [exec] WARN adduser
> > > [exec] WARN adduser
> >
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fnpmjs.org%2Fforgot&data=04%7C01%7Caharui%40adobe.com%7C382be41135db42c6bbff08da132d6383%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843382910921619%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=3sONnnnCtAKBcD7JjDxPTZ3SRsKphpZvEEV2b2o%2BGt4%3D&reserved=0
> > > [exec] WARN adduser
> > > [exec]
> > >
> > C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51
> > > [exec] throw new Error(error);
> > > [exec] ^
> > > [exec]
> > > [exec] Error: Error: failed to authenticate: A One
> Time
> > Password
> > > (OTP) by email is required. :
> > -/user/org.couchdb.user:apache-royale-owner
> > > [exec] at
> > >
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51:14
> > > [exec] at
> > >
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14
> > > [exec] at
> > >
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16
> > > [exec] at f
> > >
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
> > > [exec] at
> > >
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10
> > > [exec] at
> > >
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12
> > > [exec] at f
> > >
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
> > > [exec] at RegClient.<anonymous>
> > >
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12)
> > > [exec] at Request._callback
> > >
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14)
> > > [exec] at Request.self.callback
> > >
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22)
> > > [exec] at Request.emit (events.js:315:20)
> > > [exec] at Request.<anonymous>
> > >
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10)
> > > [exec] at Request.emit (events.js:315:20)
> > > [exec] at IncomingMessage.<anonymous>
> > >
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12)
> > > [exec] at Object.onceWrapper (events.js:421:28)
> > > [exec] at IncomingMessage.emit (events.js:327:22)
> > >
> > > BUILD FAILED
> > > C:\dev\release_royale\releasecandidate.xml:1116: The
> following
> > error
> > > occurred while executing this line:
> > > C:\dev\release_royale\releasecandidate.xml:1400: exec
> returned: 1
> > >
> > > Total time: 7 minutes 26 seconds
> > >
> > >
> >
> > --
> >
> > Piotr Zarzycki
> >
> >
> >
> > --
>
> Piotr Zarzycki
>
>
Re: NPM Credentials Problem Blocking Release
Posted by Alex Harui <ah...@adobe.com.INVALID>.
OK, support@npmjs.com is now on the allow list. Yishay, if you try to publish again, in theory the NPM messages will go straight to private@. Let us know if that isn't happening. I'll try to look for moderator messages but they often go to junk and I can't control settings for my corporate email.
FWIW, Here's a link to some doc on the EZMLM robot that runs ASF mailing lists. https://untroubled.org/ezmlm/manual/
The command I sent was executed by sending an email to private-allow-subscribe-support=npmjs.com@royale.apache.org
Any list moderator can send to these sort of email addresses and the robot will parse the address and execute a command. We can subscribe and unsubscribe people, allow them to send and not receive, get a list of all subscribers and more.
HTH,
-Alex
On 3/31/22, 8:44 AM, "Josh Tynjala" <jo...@bowlerhat.dev> wrote:
Do it.
--
Josh Tynjala
Bowler Hat LLC <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbowlerhat.dev%2F&data=04%7C01%7Caharui%40adobe.com%7C382be41135db42c6bbff08da132d6383%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843382910921619%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=oh6FobNIVBZdKNPjOh%2BF8aZbB3WvNY9Dl9nijoLzK2g%3D&reserved=0>
On Wed, Mar 30, 2022 at 11:24 PM Alex Harui <ah...@adobe.com.invalid>
wrote:
> Each mailing list has an "allow" subscriber list that is different from
> the regular subscriber list. "allow" can send but can't receive. The
> syntax can be extracted from the moderator emails. If we get consensus to
> try it, I'll send the command.
>
> On 3/30/22, 11:17 PM, "Piotr Zarzycki" <pi...@gmail.com> wrote:
>
> I don’t know how to whitelist that email but I will try to figure it
> out
> soon.
>
> On Thu, 31 Mar 2022 at 06:06, Alex Harui <ah...@adobe.com.invalid>
> wrote:
>
> > Yishay, maybe you can also be a moderator? It might also be
> possible to
> > allow emails from npm without moderation. I don't remember if we
> tried
> > that. It works on the other lists. There might be a restriction on
> > private@.
> >
> > -Alex
> >
> > On 3/30/22, 7:55 PM, "Yishay Weiss" <yi...@hotmail.com> wrote:
> >
> > Piotr, being the moderator, is receiving them but it’s hard for
> me to
> > do anything from my side because I can’t login without a OTP.
> >
> > I’m guessing we need to either create an automation token, or
> change
> > the module settings to not require 2FA [1].
> >
> > [1] Securely Automating npm publish with the New npm Automation
> Tokens
> > - DEV Community<
> >
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdev.to%2Fbnb%2Fsecurely-automating-npm-publish-with-the-new-npm-automation-tokens-oei&data=04%7C01%7Caharui%40adobe.com%7C382be41135db42c6bbff08da132d6383%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843382910921619%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=FAhB2Dg%2FZPEsGckPEXcxT65vcQqt6YkGFaJ9IkCJ%2Blo%3D&reserved=0
> > >
> >
> > From: Alex Harui<ma...@adobe.com.INVALID>
> > Sent: Tuesday, March 29, 2022 7:05 PM
> > To: dev@royale.apache.org<ma...@royale.apache.org>
> > Cc: OmPrakash Muppirala<ma...@gmail.com>
> > Subject: Re: NPM Credentials Problem Blocking Release
> >
> > I get some emails from NPM to apache-royale-owner. I can
> forward them
> > to private@royale.a.o if they aren't also going there.
> >
> > One has the subject: [npm] OTP for logging in to your account:
> > apache-royale-owner
> > The other: Your npm password reset
> >
> > -Alex
> >
> > On 3/29/22, 3:37 AM, "Yishay Weiss" <yi...@hotmail.com>
> wrote:
> >
> > Ok, looks like we’ve figured it out for now with a temp
> password.
> > 2FA does not seem to be a requirement. We will update the private
> list with
> > the new credentials when that’s ready.
> >
> > From: Piotr Zarzycki<ma...@gmail.com>
> > Sent: Tuesday, March 29, 2022 11:18 AM
> > To: Apache Royale Development<ma...@royale.apache.org>
> > Cc: OmPrakash Muppirala<ma...@gmail.com>
> > Subject: Re: NPM Credentials Problem Blocking Release
> >
> > Yes it goes to private as I see...
> >
> > wt., 29 mar 2022 o 09:47 Yishay Weiss <
> yishayjobs@hotmail.com>
> > napisał(a):
> >
> > > I’m not sure which email the new password gets sent to.
> Does it
> > go to
> > > private@royale.release.org<mailto:
> private@royale.release.org> ?
> > >
> > > Also, I see some npm requests to do 2FA which we have
> ignored.
> > It’s
> > > probably best to avoid that if possible to keep the release
> > scriptable.
> > >
> > > @OmPrakash Muppirala<ma...@gmail.com>, are
> you the
> > one who
> > > set this up? Can you help out?
> > >
> > > Thanks.
> > >
> > > [exec] http request PUT
> > >
> >
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C382be41135db42c6bbff08da132d6383%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843382910921619%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=pFeznO0SBwibJPEMEDyBfEG%2F6qx1bLfE2%2BaA8mUV4NQ%3D&reserved=0
> > > [exec] info attempt registry request try #1 at
> 10:39:44 AM
> > > [exec] http request PUT
> > >
> >
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F%40apache-royale%252froyale-js&data=04%7C01%7Caharui%40adobe.com%7C382be41135db42c6bbff08da132d6383%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843382910921619%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=kXQOkbWdWMYMqn6xGdPL3f7vB4PSuhLRynMlZGgBNAc%3D&reserved=0
> > > [exec] http 401
> > >
> >
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C382be41135db42c6bbff08da132d6383%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843382910921619%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=pFeznO0SBwibJPEMEDyBfEG%2F6qx1bLfE2%2BaA8mUV4NQ%3D&reserved=0
> > > [exec] WARN notice Please check your email for a
> one-time
> > password
> > > (OTP)
> > > [exec] WARN adduser Incorrect username or password
> > > [exec] WARN adduser You can reset your account by
> visiting:
> > > [exec] WARN adduser
> > > [exec] WARN adduser
> >
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fnpmjs.org%2Fforgot&data=04%7C01%7Caharui%40adobe.com%7C382be41135db42c6bbff08da132d6383%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843382910921619%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=3sONnnnCtAKBcD7JjDxPTZ3SRsKphpZvEEV2b2o%2BGt4%3D&reserved=0
> > > [exec] WARN adduser
> > > [exec]
> > >
> > C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51
> > > [exec] throw new Error(error);
> > > [exec] ^
> > > [exec]
> > > [exec] Error: Error: failed to authenticate: A One
> Time
> > Password
> > > (OTP) by email is required. :
> > -/user/org.couchdb.user:apache-royale-owner
> > > [exec] at
> > >
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51:14
> > > [exec] at
> > >
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14
> > > [exec] at
> > >
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16
> > > [exec] at f
> > >
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
> > > [exec] at
> > >
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10
> > > [exec] at
> > >
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12
> > > [exec] at f
> > >
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
> > > [exec] at RegClient.<anonymous>
> > >
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12)
> > > [exec] at Request._callback
> > >
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14)
> > > [exec] at Request.self.callback
> > >
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22)
> > > [exec] at Request.emit (events.js:315:20)
> > > [exec] at Request.<anonymous>
> > >
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10)
> > > [exec] at Request.emit (events.js:315:20)
> > > [exec] at IncomingMessage.<anonymous>
> > >
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12)
> > > [exec] at Object.onceWrapper (events.js:421:28)
> > > [exec] at IncomingMessage.emit (events.js:327:22)
> > >
> > > BUILD FAILED
> > > C:\dev\release_royale\releasecandidate.xml:1116: The
> following
> > error
> > > occurred while executing this line:
> > > C:\dev\release_royale\releasecandidate.xml:1400: exec
> returned: 1
> > >
> > > Total time: 7 minutes 26 seconds
> > >
> > >
> >
> > --
> >
> > Piotr Zarzycki
> >
> >
> >
> > --
>
> Piotr Zarzycki
>
>
Re: NPM Credentials Problem Blocking Release
Posted by Josh Tynjala <jo...@bowlerhat.dev>.
Do it.
--
Josh Tynjala
Bowler Hat LLC <https://bowlerhat.dev>
On Wed, Mar 30, 2022 at 11:24 PM Alex Harui <ah...@adobe.com.invalid>
wrote:
> Each mailing list has an "allow" subscriber list that is different from
> the regular subscriber list. "allow" can send but can't receive. The
> syntax can be extracted from the moderator emails. If we get consensus to
> try it, I'll send the command.
>
> On 3/30/22, 11:17 PM, "Piotr Zarzycki" <pi...@gmail.com> wrote:
>
> I don’t know how to whitelist that email but I will try to figure it
> out
> soon.
>
> On Thu, 31 Mar 2022 at 06:06, Alex Harui <ah...@adobe.com.invalid>
> wrote:
>
> > Yishay, maybe you can also be a moderator? It might also be
> possible to
> > allow emails from npm without moderation. I don't remember if we
> tried
> > that. It works on the other lists. There might be a restriction on
> > private@.
> >
> > -Alex
> >
> > On 3/30/22, 7:55 PM, "Yishay Weiss" <yi...@hotmail.com> wrote:
> >
> > Piotr, being the moderator, is receiving them but it’s hard for
> me to
> > do anything from my side because I can’t login without a OTP.
> >
> > I’m guessing we need to either create an automation token, or
> change
> > the module settings to not require 2FA [1].
> >
> > [1] Securely Automating npm publish with the New npm Automation
> Tokens
> > - DEV Community<
> >
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdev.to%2Fbnb%2Fsecurely-automating-npm-publish-with-the-new-npm-automation-tokens-oei&data=04%7C01%7Caharui%40adobe.com%7Cd763bfd46d7c41e8734f08da12dded53%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843042611038186%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=1dvCskjyZZcjaNcu%2B3QzrlFr6u9QNmIHTWMUUei0nds%3D&reserved=0
> > >
> >
> > From: Alex Harui<ma...@adobe.com.INVALID>
> > Sent: Tuesday, March 29, 2022 7:05 PM
> > To: dev@royale.apache.org<ma...@royale.apache.org>
> > Cc: OmPrakash Muppirala<ma...@gmail.com>
> > Subject: Re: NPM Credentials Problem Blocking Release
> >
> > I get some emails from NPM to apache-royale-owner. I can
> forward them
> > to private@royale.a.o if they aren't also going there.
> >
> > One has the subject: [npm] OTP for logging in to your account:
> > apache-royale-owner
> > The other: Your npm password reset
> >
> > -Alex
> >
> > On 3/29/22, 3:37 AM, "Yishay Weiss" <yi...@hotmail.com>
> wrote:
> >
> > Ok, looks like we’ve figured it out for now with a temp
> password.
> > 2FA does not seem to be a requirement. We will update the private
> list with
> > the new credentials when that’s ready.
> >
> > From: Piotr Zarzycki<ma...@gmail.com>
> > Sent: Tuesday, March 29, 2022 11:18 AM
> > To: Apache Royale Development<ma...@royale.apache.org>
> > Cc: OmPrakash Muppirala<ma...@gmail.com>
> > Subject: Re: NPM Credentials Problem Blocking Release
> >
> > Yes it goes to private as I see...
> >
> > wt., 29 mar 2022 o 09:47 Yishay Weiss <
> yishayjobs@hotmail.com>
> > napisał(a):
> >
> > > I’m not sure which email the new password gets sent to.
> Does it
> > go to
> > > private@royale.release.org<mailto:
> private@royale.release.org> ?
> > >
> > > Also, I see some npm requests to do 2FA which we have
> ignored.
> > It’s
> > > probably best to avoid that if possible to keep the release
> > scriptable.
> > >
> > > @OmPrakash Muppirala<ma...@gmail.com>, are
> you the
> > one who
> > > set this up? Can you help out?
> > >
> > > Thanks.
> > >
> > > [exec] http request PUT
> > >
> >
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7Cd763bfd46d7c41e8734f08da12dded53%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843042611038186%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=e4ksDZx0b1Qf7TANes%2FVzDTTeTz%2FGUjvRY%2FeaBKVFrY%3D&reserved=0
> > > [exec] info attempt registry request try #1 at
> 10:39:44 AM
> > > [exec] http request PUT
> > >
> >
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F%40apache-royale%252froyale-js&data=04%7C01%7Caharui%40adobe.com%7Cd763bfd46d7c41e8734f08da12dded53%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843042611038186%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=Nl%2F1FxLRwboepOlBdzD1jhvo7cH4KCrOnoXVI5C1UJw%3D&reserved=0
> > > [exec] http 401
> > >
> >
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7Cd763bfd46d7c41e8734f08da12dded53%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843042611038186%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=e4ksDZx0b1Qf7TANes%2FVzDTTeTz%2FGUjvRY%2FeaBKVFrY%3D&reserved=0
> > > [exec] WARN notice Please check your email for a
> one-time
> > password
> > > (OTP)
> > > [exec] WARN adduser Incorrect username or password
> > > [exec] WARN adduser You can reset your account by
> visiting:
> > > [exec] WARN adduser
> > > [exec] WARN adduser
> >
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fnpmjs.org%2Fforgot&data=04%7C01%7Caharui%40adobe.com%7Cd763bfd46d7c41e8734f08da12dded53%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843042611038186%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=N9PQce4Szm5O6n8VZn6r6kDuqxVeWsT6WRydxujAlaw%3D&reserved=0
> > > [exec] WARN adduser
> > > [exec]
> > >
> > C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51
> > > [exec] throw new Error(error);
> > > [exec] ^
> > > [exec]
> > > [exec] Error: Error: failed to authenticate: A One
> Time
> > Password
> > > (OTP) by email is required. :
> > -/user/org.couchdb.user:apache-royale-owner
> > > [exec] at
> > >
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51:14
> > > [exec] at
> > >
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14
> > > [exec] at
> > >
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16
> > > [exec] at f
> > >
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
> > > [exec] at
> > >
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10
> > > [exec] at
> > >
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12
> > > [exec] at f
> > >
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
> > > [exec] at RegClient.<anonymous>
> > >
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12)
> > > [exec] at Request._callback
> > >
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14)
> > > [exec] at Request.self.callback
> > >
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22)
> > > [exec] at Request.emit (events.js:315:20)
> > > [exec] at Request.<anonymous>
> > >
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10)
> > > [exec] at Request.emit (events.js:315:20)
> > > [exec] at IncomingMessage.<anonymous>
> > >
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12)
> > > [exec] at Object.onceWrapper (events.js:421:28)
> > > [exec] at IncomingMessage.emit (events.js:327:22)
> > >
> > > BUILD FAILED
> > > C:\dev\release_royale\releasecandidate.xml:1116: The
> following
> > error
> > > occurred while executing this line:
> > > C:\dev\release_royale\releasecandidate.xml:1400: exec
> returned: 1
> > >
> > > Total time: 7 minutes 26 seconds
> > >
> > >
> >
> > --
> >
> > Piotr Zarzycki
> >
> >
> >
> > --
>
> Piotr Zarzycki
>
>
Re: NPM Credentials Problem Blocking Release
Posted by Piotr Zarzycki <pi...@gmail.com>.
+1 to try it
On Thu, 31 Mar 2022 at 08:24, Alex Harui <ah...@adobe.com.invalid> wrote:
> Each mailing list has an "allow" subscriber list that is different from
> the regular subscriber list. "allow" can send but can't receive. The
> syntax can be extracted from the moderator emails. If we get consensus to
> try it, I'll send the command.
>
> On 3/30/22, 11:17 PM, "Piotr Zarzycki" <pi...@gmail.com> wrote:
>
> I don’t know how to whitelist that email but I will try to figure it
> out
> soon.
>
> On Thu, 31 Mar 2022 at 06:06, Alex Harui <ah...@adobe.com.invalid>
> wrote:
>
> > Yishay, maybe you can also be a moderator? It might also be
> possible to
> > allow emails from npm without moderation. I don't remember if we
> tried
> > that. It works on the other lists. There might be a restriction on
> > private@.
> >
> > -Alex
> >
> > On 3/30/22, 7:55 PM, "Yishay Weiss" <yi...@hotmail.com> wrote:
> >
> > Piotr, being the moderator, is receiving them but it’s hard for
> me to
> > do anything from my side because I can’t login without a OTP.
> >
> > I’m guessing we need to either create an automation token, or
> change
> > the module settings to not require 2FA [1].
> >
> > [1] Securely Automating npm publish with the New npm Automation
> Tokens
> > - DEV Community<
> >
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdev.to%2Fbnb%2Fsecurely-automating-npm-publish-with-the-new-npm-automation-tokens-oei&data=04%7C01%7Caharui%40adobe.com%7Cd763bfd46d7c41e8734f08da12dded53%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843042611038186%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=1dvCskjyZZcjaNcu%2B3QzrlFr6u9QNmIHTWMUUei0nds%3D&reserved=0
> > >
> >
> > From: Alex Harui<ma...@adobe.com.INVALID>
> > Sent: Tuesday, March 29, 2022 7:05 PM
> > To: dev@royale.apache.org<ma...@royale.apache.org>
> > Cc: OmPrakash Muppirala<ma...@gmail.com>
> > Subject: Re: NPM Credentials Problem Blocking Release
> >
> > I get some emails from NPM to apache-royale-owner. I can
> forward them
> > to private@royale.a.o if they aren't also going there.
> >
> > One has the subject: [npm] OTP for logging in to your account:
> > apache-royale-owner
> > The other: Your npm password reset
> >
> > -Alex
> >
> > On 3/29/22, 3:37 AM, "Yishay Weiss" <yi...@hotmail.com>
> wrote:
> >
> > Ok, looks like we’ve figured it out for now with a temp
> password.
> > 2FA does not seem to be a requirement. We will update the private
> list with
> > the new credentials when that’s ready.
> >
> > From: Piotr Zarzycki<ma...@gmail.com>
> > Sent: Tuesday, March 29, 2022 11:18 AM
> > To: Apache Royale Development<ma...@royale.apache.org>
> > Cc: OmPrakash Muppirala<ma...@gmail.com>
> > Subject: Re: NPM Credentials Problem Blocking Release
> >
> > Yes it goes to private as I see...
> >
> > wt., 29 mar 2022 o 09:47 Yishay Weiss <
> yishayjobs@hotmail.com>
> > napisał(a):
> >
> > > I’m not sure which email the new password gets sent to.
> Does it
> > go to
> > > private@royale.release.org<mailto:
> private@royale.release.org> ?
> > >
> > > Also, I see some npm requests to do 2FA which we have
> ignored.
> > It’s
> > > probably best to avoid that if possible to keep the release
> > scriptable.
> > >
> > > @OmPrakash Muppirala<ma...@gmail.com>, are
> you the
> > one who
> > > set this up? Can you help out?
> > >
> > > Thanks.
> > >
> > > [exec] http request PUT
> > >
> >
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7Cd763bfd46d7c41e8734f08da12dded53%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843042611038186%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=e4ksDZx0b1Qf7TANes%2FVzDTTeTz%2FGUjvRY%2FeaBKVFrY%3D&reserved=0
> > > [exec] info attempt registry request try #1 at
> 10:39:44 AM
> > > [exec] http request PUT
> > >
> >
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F%40apache-royale%252froyale-js&data=04%7C01%7Caharui%40adobe.com%7Cd763bfd46d7c41e8734f08da12dded53%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843042611038186%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=Nl%2F1FxLRwboepOlBdzD1jhvo7cH4KCrOnoXVI5C1UJw%3D&reserved=0
> > > [exec] http 401
> > >
> >
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7Cd763bfd46d7c41e8734f08da12dded53%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843042611038186%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=e4ksDZx0b1Qf7TANes%2FVzDTTeTz%2FGUjvRY%2FeaBKVFrY%3D&reserved=0
> > > [exec] WARN notice Please check your email for a
> one-time
> > password
> > > (OTP)
> > > [exec] WARN adduser Incorrect username or password
> > > [exec] WARN adduser You can reset your account by
> visiting:
> > > [exec] WARN adduser
> > > [exec] WARN adduser
> >
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fnpmjs.org%2Fforgot&data=04%7C01%7Caharui%40adobe.com%7Cd763bfd46d7c41e8734f08da12dded53%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843042611038186%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=N9PQce4Szm5O6n8VZn6r6kDuqxVeWsT6WRydxujAlaw%3D&reserved=0
> > > [exec] WARN adduser
> > > [exec]
> > >
> > C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51
> > > [exec] throw new Error(error);
> > > [exec] ^
> > > [exec]
> > > [exec] Error: Error: failed to authenticate: A One
> Time
> > Password
> > > (OTP) by email is required. :
> > -/user/org.couchdb.user:apache-royale-owner
> > > [exec] at
> > >
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51:14
> > > [exec] at
> > >
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14
> > > [exec] at
> > >
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16
> > > [exec] at f
> > >
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
> > > [exec] at
> > >
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10
> > > [exec] at
> > >
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12
> > > [exec] at f
> > >
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
> > > [exec] at RegClient.<anonymous>
> > >
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12)
> > > [exec] at Request._callback
> > >
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14)
> > > [exec] at Request.self.callback
> > >
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22)
> > > [exec] at Request.emit (events.js:315:20)
> > > [exec] at Request.<anonymous>
> > >
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10)
> > > [exec] at Request.emit (events.js:315:20)
> > > [exec] at IncomingMessage.<anonymous>
> > >
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12)
> > > [exec] at Object.onceWrapper (events.js:421:28)
> > > [exec] at IncomingMessage.emit (events.js:327:22)
> > >
> > > BUILD FAILED
> > > C:\dev\release_royale\releasecandidate.xml:1116: The
> following
> > error
> > > occurred while executing this line:
> > > C:\dev\release_royale\releasecandidate.xml:1400: exec
> returned: 1
> > >
> > > Total time: 7 minutes 26 seconds
> > >
> > >
> >
> > --
> >
> > Piotr Zarzycki
> >
> >
> >
> > --
>
> Piotr Zarzycki
>
> --
Piotr Zarzycki
Re: NPM Credentials Problem Blocking Release
Posted by Harbs <ha...@gmail.com>.
Go for it. :)
> On Mar 31, 2022, at 9:24 AM, Alex Harui <ah...@adobe.com.INVALID> wrote:
>
> If we get consensus to try it, I'll send the command.
Re: NPM Credentials Problem Blocking Release
Posted by Alex Harui <ah...@adobe.com.INVALID>.
Each mailing list has an "allow" subscriber list that is different from the regular subscriber list. "allow" can send but can't receive. The syntax can be extracted from the moderator emails. If we get consensus to try it, I'll send the command.
On 3/30/22, 11:17 PM, "Piotr Zarzycki" <pi...@gmail.com> wrote:
I don’t know how to whitelist that email but I will try to figure it out
soon.
On Thu, 31 Mar 2022 at 06:06, Alex Harui <ah...@adobe.com.invalid> wrote:
> Yishay, maybe you can also be a moderator? It might also be possible to
> allow emails from npm without moderation. I don't remember if we tried
> that. It works on the other lists. There might be a restriction on
> private@.
>
> -Alex
>
> On 3/30/22, 7:55 PM, "Yishay Weiss" <yi...@hotmail.com> wrote:
>
> Piotr, being the moderator, is receiving them but it’s hard for me to
> do anything from my side because I can’t login without a OTP.
>
> I’m guessing we need to either create an automation token, or change
> the module settings to not require 2FA [1].
>
> [1] Securely Automating npm publish with the New npm Automation Tokens
> - DEV Community<
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdev.to%2Fbnb%2Fsecurely-automating-npm-publish-with-the-new-npm-automation-tokens-oei&data=04%7C01%7Caharui%40adobe.com%7Cd763bfd46d7c41e8734f08da12dded53%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843042611038186%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=1dvCskjyZZcjaNcu%2B3QzrlFr6u9QNmIHTWMUUei0nds%3D&reserved=0
> >
>
> From: Alex Harui<ma...@adobe.com.INVALID>
> Sent: Tuesday, March 29, 2022 7:05 PM
> To: dev@royale.apache.org<ma...@royale.apache.org>
> Cc: OmPrakash Muppirala<ma...@gmail.com>
> Subject: Re: NPM Credentials Problem Blocking Release
>
> I get some emails from NPM to apache-royale-owner. I can forward them
> to private@royale.a.o if they aren't also going there.
>
> One has the subject: [npm] OTP for logging in to your account:
> apache-royale-owner
> The other: Your npm password reset
>
> -Alex
>
> On 3/29/22, 3:37 AM, "Yishay Weiss" <yi...@hotmail.com> wrote:
>
> Ok, looks like we’ve figured it out for now with a temp password.
> 2FA does not seem to be a requirement. We will update the private list with
> the new credentials when that’s ready.
>
> From: Piotr Zarzycki<ma...@gmail.com>
> Sent: Tuesday, March 29, 2022 11:18 AM
> To: Apache Royale Development<ma...@royale.apache.org>
> Cc: OmPrakash Muppirala<ma...@gmail.com>
> Subject: Re: NPM Credentials Problem Blocking Release
>
> Yes it goes to private as I see...
>
> wt., 29 mar 2022 o 09:47 Yishay Weiss <yi...@hotmail.com>
> napisał(a):
>
> > I’m not sure which email the new password gets sent to. Does it
> go to
> > private@royale.release.org<ma...@royale.release.org> ?
> >
> > Also, I see some npm requests to do 2FA which we have ignored.
> It’s
> > probably best to avoid that if possible to keep the release
> scriptable.
> >
> > @OmPrakash Muppirala<ma...@gmail.com>, are you the
> one who
> > set this up? Can you help out?
> >
> > Thanks.
> >
> > [exec] http request PUT
> >
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7Cd763bfd46d7c41e8734f08da12dded53%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843042611038186%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=e4ksDZx0b1Qf7TANes%2FVzDTTeTz%2FGUjvRY%2FeaBKVFrY%3D&reserved=0
> > [exec] info attempt registry request try #1 at 10:39:44 AM
> > [exec] http request PUT
> >
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F%40apache-royale%252froyale-js&data=04%7C01%7Caharui%40adobe.com%7Cd763bfd46d7c41e8734f08da12dded53%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843042611038186%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=Nl%2F1FxLRwboepOlBdzD1jhvo7cH4KCrOnoXVI5C1UJw%3D&reserved=0
> > [exec] http 401
> >
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7Cd763bfd46d7c41e8734f08da12dded53%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843042611038186%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=e4ksDZx0b1Qf7TANes%2FVzDTTeTz%2FGUjvRY%2FeaBKVFrY%3D&reserved=0
> > [exec] WARN notice Please check your email for a one-time
> password
> > (OTP)
> > [exec] WARN adduser Incorrect username or password
> > [exec] WARN adduser You can reset your account by visiting:
> > [exec] WARN adduser
> > [exec] WARN adduser
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fnpmjs.org%2Fforgot&data=04%7C01%7Caharui%40adobe.com%7Cd763bfd46d7c41e8734f08da12dded53%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843042611038186%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=N9PQce4Szm5O6n8VZn6r6kDuqxVeWsT6WRydxujAlaw%3D&reserved=0
> > [exec] WARN adduser
> > [exec]
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51
> > [exec] throw new Error(error);
> > [exec] ^
> > [exec]
> > [exec] Error: Error: failed to authenticate: A One Time
> Password
> > (OTP) by email is required. :
> -/user/org.couchdb.user:apache-royale-owner
> > [exec] at
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51:14
> > [exec] at
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14
> > [exec] at
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16
> > [exec] at f
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
> > [exec] at
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10
> > [exec] at
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12
> > [exec] at f
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
> > [exec] at RegClient.<anonymous>
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12)
> > [exec] at Request._callback
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14)
> > [exec] at Request.self.callback
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22)
> > [exec] at Request.emit (events.js:315:20)
> > [exec] at Request.<anonymous>
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10)
> > [exec] at Request.emit (events.js:315:20)
> > [exec] at IncomingMessage.<anonymous>
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12)
> > [exec] at Object.onceWrapper (events.js:421:28)
> > [exec] at IncomingMessage.emit (events.js:327:22)
> >
> > BUILD FAILED
> > C:\dev\release_royale\releasecandidate.xml:1116: The following
> error
> > occurred while executing this line:
> > C:\dev\release_royale\releasecandidate.xml:1400: exec returned: 1
> >
> > Total time: 7 minutes 26 seconds
> >
> >
>
> --
>
> Piotr Zarzycki
>
>
>
> --
Piotr Zarzycki
Re: NPM Credentials Problem Blocking Release
Posted by Piotr Zarzycki <pi...@gmail.com>.
I don’t know how to whitelist that email but I will try to figure it out
soon.
On Thu, 31 Mar 2022 at 06:06, Alex Harui <ah...@adobe.com.invalid> wrote:
> Yishay, maybe you can also be a moderator? It might also be possible to
> allow emails from npm without moderation. I don't remember if we tried
> that. It works on the other lists. There might be a restriction on
> private@.
>
> -Alex
>
> On 3/30/22, 7:55 PM, "Yishay Weiss" <yi...@hotmail.com> wrote:
>
> Piotr, being the moderator, is receiving them but it’s hard for me to
> do anything from my side because I can’t login without a OTP.
>
> I’m guessing we need to either create an automation token, or change
> the module settings to not require 2FA [1].
>
> [1] Securely Automating npm publish with the New npm Automation Tokens
> - DEV Community<
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdev.to%2Fbnb%2Fsecurely-automating-npm-publish-with-the-new-npm-automation-tokens-oei&data=04%7C01%7Caharui%40adobe.com%7C00a09d293fbf45aa894308da12c1cf74%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637842921304206011%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=0mmbASMd9Sx39EL75wIFJ%2FrSZ1yhYRfkpT%2BaBJeNc3U%3D&reserved=0
> >
>
> From: Alex Harui<ma...@adobe.com.INVALID>
> Sent: Tuesday, March 29, 2022 7:05 PM
> To: dev@royale.apache.org<ma...@royale.apache.org>
> Cc: OmPrakash Muppirala<ma...@gmail.com>
> Subject: Re: NPM Credentials Problem Blocking Release
>
> I get some emails from NPM to apache-royale-owner. I can forward them
> to private@royale.a.o if they aren't also going there.
>
> One has the subject: [npm] OTP for logging in to your account:
> apache-royale-owner
> The other: Your npm password reset
>
> -Alex
>
> On 3/29/22, 3:37 AM, "Yishay Weiss" <yi...@hotmail.com> wrote:
>
> Ok, looks like we’ve figured it out for now with a temp password.
> 2FA does not seem to be a requirement. We will update the private list with
> the new credentials when that’s ready.
>
> From: Piotr Zarzycki<ma...@gmail.com>
> Sent: Tuesday, March 29, 2022 11:18 AM
> To: Apache Royale Development<ma...@royale.apache.org>
> Cc: OmPrakash Muppirala<ma...@gmail.com>
> Subject: Re: NPM Credentials Problem Blocking Release
>
> Yes it goes to private as I see...
>
> wt., 29 mar 2022 o 09:47 Yishay Weiss <yi...@hotmail.com>
> napisał(a):
>
> > I’m not sure which email the new password gets sent to. Does it
> go to
> > private@royale.release.org<ma...@royale.release.org> ?
> >
> > Also, I see some npm requests to do 2FA which we have ignored.
> It’s
> > probably best to avoid that if possible to keep the release
> scriptable.
> >
> > @OmPrakash Muppirala<ma...@gmail.com>, are you the
> one who
> > set this up? Can you help out?
> >
> > Thanks.
> >
> > [exec] http request PUT
> >
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C00a09d293fbf45aa894308da12c1cf74%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637842921304206011%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=XeLsl2Kp7PFcBrgheenAc7A20Wz%2B3X%2FubFZMtfWzVz4%3D&reserved=0
> > [exec] info attempt registry request try #1 at 10:39:44 AM
> > [exec] http request PUT
> >
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F%40apache-royale%252froyale-js&data=04%7C01%7Caharui%40adobe.com%7C00a09d293fbf45aa894308da12c1cf74%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637842921304206011%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=6zamXahGjUfR70z9yLpst3RWEYFOx8CQtUbcgciBdcQ%3D&reserved=0
> > [exec] http 401
> >
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C00a09d293fbf45aa894308da12c1cf74%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637842921304206011%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=XeLsl2Kp7PFcBrgheenAc7A20Wz%2B3X%2FubFZMtfWzVz4%3D&reserved=0
> > [exec] WARN notice Please check your email for a one-time
> password
> > (OTP)
> > [exec] WARN adduser Incorrect username or password
> > [exec] WARN adduser You can reset your account by visiting:
> > [exec] WARN adduser
> > [exec] WARN adduser
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fnpmjs.org%2Fforgot&data=04%7C01%7Caharui%40adobe.com%7C00a09d293fbf45aa894308da12c1cf74%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637842921304206011%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=WUtm%2B6FvuLVHEXsHUocHeWYh29xmYqygKPlZQDtWu30%3D&reserved=0
> > [exec] WARN adduser
> > [exec]
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51
> > [exec] throw new Error(error);
> > [exec] ^
> > [exec]
> > [exec] Error: Error: failed to authenticate: A One Time
> Password
> > (OTP) by email is required. :
> -/user/org.couchdb.user:apache-royale-owner
> > [exec] at
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51:14
> > [exec] at
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14
> > [exec] at
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16
> > [exec] at f
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
> > [exec] at
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10
> > [exec] at
> >
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12
> > [exec] at f
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
> > [exec] at RegClient.<anonymous>
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12)
> > [exec] at Request._callback
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14)
> > [exec] at Request.self.callback
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22)
> > [exec] at Request.emit (events.js:315:20)
> > [exec] at Request.<anonymous>
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10)
> > [exec] at Request.emit (events.js:315:20)
> > [exec] at IncomingMessage.<anonymous>
> >
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12)
> > [exec] at Object.onceWrapper (events.js:421:28)
> > [exec] at IncomingMessage.emit (events.js:327:22)
> >
> > BUILD FAILED
> > C:\dev\release_royale\releasecandidate.xml:1116: The following
> error
> > occurred while executing this line:
> > C:\dev\release_royale\releasecandidate.xml:1400: exec returned: 1
> >
> > Total time: 7 minutes 26 seconds
> >
> >
>
> --
>
> Piotr Zarzycki
>
>
>
> --
Piotr Zarzycki
Re: NPM Credentials Problem Blocking Release
Posted by Alex Harui <ah...@adobe.com.INVALID>.
Yishay, maybe you can also be a moderator? It might also be possible to allow emails from npm without moderation. I don't remember if we tried that. It works on the other lists. There might be a restriction on private@.
-Alex
On 3/30/22, 7:55 PM, "Yishay Weiss" <yi...@hotmail.com> wrote:
Piotr, being the moderator, is receiving them but it’s hard for me to do anything from my side because I can’t login without a OTP.
I’m guessing we need to either create an automation token, or change the module settings to not require 2FA [1].
[1] Securely Automating npm publish with the New npm Automation Tokens - DEV Community<https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdev.to%2Fbnb%2Fsecurely-automating-npm-publish-with-the-new-npm-automation-tokens-oei&data=04%7C01%7Caharui%40adobe.com%7C00a09d293fbf45aa894308da12c1cf74%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637842921304206011%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=0mmbASMd9Sx39EL75wIFJ%2FrSZ1yhYRfkpT%2BaBJeNc3U%3D&reserved=0>
From: Alex Harui<ma...@adobe.com.INVALID>
Sent: Tuesday, March 29, 2022 7:05 PM
To: dev@royale.apache.org<ma...@royale.apache.org>
Cc: OmPrakash Muppirala<ma...@gmail.com>
Subject: Re: NPM Credentials Problem Blocking Release
I get some emails from NPM to apache-royale-owner. I can forward them to private@royale.a.o if they aren't also going there.
One has the subject: [npm] OTP for logging in to your account: apache-royale-owner
The other: Your npm password reset
-Alex
On 3/29/22, 3:37 AM, "Yishay Weiss" <yi...@hotmail.com> wrote:
Ok, looks like we’ve figured it out for now with a temp password. 2FA does not seem to be a requirement. We will update the private list with the new credentials when that’s ready.
From: Piotr Zarzycki<ma...@gmail.com>
Sent: Tuesday, March 29, 2022 11:18 AM
To: Apache Royale Development<ma...@royale.apache.org>
Cc: OmPrakash Muppirala<ma...@gmail.com>
Subject: Re: NPM Credentials Problem Blocking Release
Yes it goes to private as I see...
wt., 29 mar 2022 o 09:47 Yishay Weiss <yi...@hotmail.com> napisał(a):
> I’m not sure which email the new password gets sent to. Does it go to
> private@royale.release.org<ma...@royale.release.org> ?
>
> Also, I see some npm requests to do 2FA which we have ignored. It’s
> probably best to avoid that if possible to keep the release scriptable.
>
> @OmPrakash Muppirala<ma...@gmail.com>, are you the one who
> set this up? Can you help out?
>
> Thanks.
>
> [exec] http request PUT
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C00a09d293fbf45aa894308da12c1cf74%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637842921304206011%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=XeLsl2Kp7PFcBrgheenAc7A20Wz%2B3X%2FubFZMtfWzVz4%3D&reserved=0
> [exec] info attempt registry request try #1 at 10:39:44 AM
> [exec] http request PUT
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F%40apache-royale%252froyale-js&data=04%7C01%7Caharui%40adobe.com%7C00a09d293fbf45aa894308da12c1cf74%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637842921304206011%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=6zamXahGjUfR70z9yLpst3RWEYFOx8CQtUbcgciBdcQ%3D&reserved=0
> [exec] http 401
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C00a09d293fbf45aa894308da12c1cf74%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637842921304206011%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=XeLsl2Kp7PFcBrgheenAc7A20Wz%2B3X%2FubFZMtfWzVz4%3D&reserved=0
> [exec] WARN notice Please check your email for a one-time password
> (OTP)
> [exec] WARN adduser Incorrect username or password
> [exec] WARN adduser You can reset your account by visiting:
> [exec] WARN adduser
> [exec] WARN adduser https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fnpmjs.org%2Fforgot&data=04%7C01%7Caharui%40adobe.com%7C00a09d293fbf45aa894308da12c1cf74%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637842921304206011%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=WUtm%2B6FvuLVHEXsHUocHeWYh29xmYqygKPlZQDtWu30%3D&reserved=0
> [exec] WARN adduser
> [exec]
> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51
> [exec] throw new Error(error);
> [exec] ^
> [exec]
> [exec] Error: Error: failed to authenticate: A One Time Password
> (OTP) by email is required. : -/user/org.couchdb.user:apache-royale-owner
> [exec] at
> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51:14
> [exec] at
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14
> [exec] at
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16
> [exec] at f
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
> [exec] at
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10
> [exec] at
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12
> [exec] at f
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
> [exec] at RegClient.<anonymous>
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12)
> [exec] at Request._callback
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14)
> [exec] at Request.self.callback
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22)
> [exec] at Request.emit (events.js:315:20)
> [exec] at Request.<anonymous>
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10)
> [exec] at Request.emit (events.js:315:20)
> [exec] at IncomingMessage.<anonymous>
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12)
> [exec] at Object.onceWrapper (events.js:421:28)
> [exec] at IncomingMessage.emit (events.js:327:22)
>
> BUILD FAILED
> C:\dev\release_royale\releasecandidate.xml:1116: The following error
> occurred while executing this line:
> C:\dev\release_royale\releasecandidate.xml:1400: exec returned: 1
>
> Total time: 7 minutes 26 seconds
>
>
--
Piotr Zarzycki
RE: NPM Credentials Problem Blocking Release
Posted by Yishay Weiss <yi...@hotmail.com>.
Piotr, being the moderator, is receiving them but it’s hard for me to do anything from my side because I can’t login without a OTP.
I’m guessing we need to either create an automation token, or change the module settings to not require 2FA [1].
[1] Securely Automating npm publish with the New npm Automation Tokens - DEV Community<https://dev.to/bnb/securely-automating-npm-publish-with-the-new-npm-automation-tokens-oei>
From: Alex Harui<ma...@adobe.com.INVALID>
Sent: Tuesday, March 29, 2022 7:05 PM
To: dev@royale.apache.org<ma...@royale.apache.org>
Cc: OmPrakash Muppirala<ma...@gmail.com>
Subject: Re: NPM Credentials Problem Blocking Release
I get some emails from NPM to apache-royale-owner. I can forward them to private@royale.a.o if they aren't also going there.
One has the subject: [npm] OTP for logging in to your account: apache-royale-owner
The other: Your npm password reset
-Alex
On 3/29/22, 3:37 AM, "Yishay Weiss" <yi...@hotmail.com> wrote:
Ok, looks like we’ve figured it out for now with a temp password. 2FA does not seem to be a requirement. We will update the private list with the new credentials when that’s ready.
From: Piotr Zarzycki<ma...@gmail.com>
Sent: Tuesday, March 29, 2022 11:18 AM
To: Apache Royale Development<ma...@royale.apache.org>
Cc: OmPrakash Muppirala<ma...@gmail.com>
Subject: Re: NPM Credentials Problem Blocking Release
Yes it goes to private as I see...
wt., 29 mar 2022 o 09:47 Yishay Weiss <yi...@hotmail.com> napisał(a):
> I’m not sure which email the new password gets sent to. Does it go to
> private@royale.release.org<ma...@royale.release.org> ?
>
> Also, I see some npm requests to do 2FA which we have ignored. It’s
> probably best to avoid that if possible to keep the release scriptable.
>
> @OmPrakash Muppirala<ma...@gmail.com>, are you the one who
> set this up? Can you help out?
>
> Thanks.
>
> [exec] http request PUT
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C1082934a53d64648deb608da117002f6%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637841470483689500%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=ea4qnyW7pDiom%2FCB5xfPR1lN3BS380m7TIBHXfS%2F38s%3D&reserved=0
> [exec] info attempt registry request try #1 at 10:39:44 AM
> [exec] http request PUT
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F%40apache-royale%252froyale-js&data=04%7C01%7Caharui%40adobe.com%7C1082934a53d64648deb608da117002f6%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637841470483689500%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=R3tUC6rE4OSSK35RUnrFDGIwnEQki24XnQz3ZYYgyHU%3D&reserved=0
> [exec] http 401
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C1082934a53d64648deb608da117002f6%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637841470483689500%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=ea4qnyW7pDiom%2FCB5xfPR1lN3BS380m7TIBHXfS%2F38s%3D&reserved=0
> [exec] WARN notice Please check your email for a one-time password
> (OTP)
> [exec] WARN adduser Incorrect username or password
> [exec] WARN adduser You can reset your account by visiting:
> [exec] WARN adduser
> [exec] WARN adduser https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fnpmjs.org%2Fforgot&data=04%7C01%7Caharui%40adobe.com%7C1082934a53d64648deb608da117002f6%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637841470483689500%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=3AcQt7gWy%2BXA9cZ9m%2FpDV5ndai35xndxhWJ%2Fxj6d7XM%3D&reserved=0
> [exec] WARN adduser
> [exec]
> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51
> [exec] throw new Error(error);
> [exec] ^
> [exec]
> [exec] Error: Error: failed to authenticate: A One Time Password
> (OTP) by email is required. : -/user/org.couchdb.user:apache-royale-owner
> [exec] at
> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51:14
> [exec] at
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14
> [exec] at
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16
> [exec] at f
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
> [exec] at
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10
> [exec] at
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12
> [exec] at f
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
> [exec] at RegClient.<anonymous>
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12)
> [exec] at Request._callback
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14)
> [exec] at Request.self.callback
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22)
> [exec] at Request.emit (events.js:315:20)
> [exec] at Request.<anonymous>
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10)
> [exec] at Request.emit (events.js:315:20)
> [exec] at IncomingMessage.<anonymous>
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12)
> [exec] at Object.onceWrapper (events.js:421:28)
> [exec] at IncomingMessage.emit (events.js:327:22)
>
> BUILD FAILED
> C:\dev\release_royale\releasecandidate.xml:1116: The following error
> occurred while executing this line:
> C:\dev\release_royale\releasecandidate.xml:1400: exec returned: 1
>
> Total time: 7 minutes 26 seconds
>
>
--
Piotr Zarzycki
Re: NPM Credentials Problem Blocking Release
Posted by Alex Harui <ah...@adobe.com.INVALID>.
I get some emails from NPM to apache-royale-owner. I can forward them to private@royale.a.o if they aren't also going there.
One has the subject: [npm] OTP for logging in to your account: apache-royale-owner
The other: Your npm password reset
-Alex
On 3/29/22, 3:37 AM, "Yishay Weiss" <yi...@hotmail.com> wrote:
Ok, looks like we’ve figured it out for now with a temp password. 2FA does not seem to be a requirement. We will update the private list with the new credentials when that’s ready.
From: Piotr Zarzycki<ma...@gmail.com>
Sent: Tuesday, March 29, 2022 11:18 AM
To: Apache Royale Development<ma...@royale.apache.org>
Cc: OmPrakash Muppirala<ma...@gmail.com>
Subject: Re: NPM Credentials Problem Blocking Release
Yes it goes to private as I see...
wt., 29 mar 2022 o 09:47 Yishay Weiss <yi...@hotmail.com> napisał(a):
> I’m not sure which email the new password gets sent to. Does it go to
> private@royale.release.org<ma...@royale.release.org> ?
>
> Also, I see some npm requests to do 2FA which we have ignored. It’s
> probably best to avoid that if possible to keep the release scriptable.
>
> @OmPrakash Muppirala<ma...@gmail.com>, are you the one who
> set this up? Can you help out?
>
> Thanks.
>
> [exec] http request PUT
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C1082934a53d64648deb608da117002f6%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637841470483689500%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=ea4qnyW7pDiom%2FCB5xfPR1lN3BS380m7TIBHXfS%2F38s%3D&reserved=0
> [exec] info attempt registry request try #1 at 10:39:44 AM
> [exec] http request PUT
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F%40apache-royale%252froyale-js&data=04%7C01%7Caharui%40adobe.com%7C1082934a53d64648deb608da117002f6%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637841470483689500%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=R3tUC6rE4OSSK35RUnrFDGIwnEQki24XnQz3ZYYgyHU%3D&reserved=0
> [exec] http 401
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C1082934a53d64648deb608da117002f6%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637841470483689500%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=ea4qnyW7pDiom%2FCB5xfPR1lN3BS380m7TIBHXfS%2F38s%3D&reserved=0
> [exec] WARN notice Please check your email for a one-time password
> (OTP)
> [exec] WARN adduser Incorrect username or password
> [exec] WARN adduser You can reset your account by visiting:
> [exec] WARN adduser
> [exec] WARN adduser https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fnpmjs.org%2Fforgot&data=04%7C01%7Caharui%40adobe.com%7C1082934a53d64648deb608da117002f6%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637841470483689500%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=3AcQt7gWy%2BXA9cZ9m%2FpDV5ndai35xndxhWJ%2Fxj6d7XM%3D&reserved=0
> [exec] WARN adduser
> [exec]
> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51
> [exec] throw new Error(error);
> [exec] ^
> [exec]
> [exec] Error: Error: failed to authenticate: A One Time Password
> (OTP) by email is required. : -/user/org.couchdb.user:apache-royale-owner
> [exec] at
> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51:14
> [exec] at
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14
> [exec] at
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16
> [exec] at f
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
> [exec] at
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10
> [exec] at
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12
> [exec] at f
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
> [exec] at RegClient.<anonymous>
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12)
> [exec] at Request._callback
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14)
> [exec] at Request.self.callback
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22)
> [exec] at Request.emit (events.js:315:20)
> [exec] at Request.<anonymous>
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10)
> [exec] at Request.emit (events.js:315:20)
> [exec] at IncomingMessage.<anonymous>
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12)
> [exec] at Object.onceWrapper (events.js:421:28)
> [exec] at IncomingMessage.emit (events.js:327:22)
>
> BUILD FAILED
> C:\dev\release_royale\releasecandidate.xml:1116: The following error
> occurred while executing this line:
> C:\dev\release_royale\releasecandidate.xml:1400: exec returned: 1
>
> Total time: 7 minutes 26 seconds
>
>
--
Piotr Zarzycki
RE: NPM Credentials Problem Blocking Release
Posted by Yishay Weiss <yi...@hotmail.com>.
Ok, looks like we’ve figured it out for now with a temp password. 2FA does not seem to be a requirement. We will update the private list with the new credentials when that’s ready.
From: Piotr Zarzycki<ma...@gmail.com>
Sent: Tuesday, March 29, 2022 11:18 AM
To: Apache Royale Development<ma...@royale.apache.org>
Cc: OmPrakash Muppirala<ma...@gmail.com>
Subject: Re: NPM Credentials Problem Blocking Release
Yes it goes to private as I see...
wt., 29 mar 2022 o 09:47 Yishay Weiss <yi...@hotmail.com> napisał(a):
> I’m not sure which email the new password gets sent to. Does it go to
> private@royale.release.org<ma...@royale.release.org> ?
>
> Also, I see some npm requests to do 2FA which we have ignored. It’s
> probably best to avoid that if possible to keep the release scriptable.
>
> @OmPrakash Muppirala<ma...@gmail.com>, are you the one who
> set this up? Can you help out?
>
> Thanks.
>
> [exec] http request PUT
> https://registry.npmjs.org/-/user/org.couchdb.user:apache-royale-owner
> [exec] info attempt registry request try #1 at 10:39:44 AM
> [exec] http request PUT
> https://registry.npmjs.org/@apache-royale%2froyale-js
> [exec] http 401
> https://registry.npmjs.org/-/user/org.couchdb.user:apache-royale-owner
> [exec] WARN notice Please check your email for a one-time password
> (OTP)
> [exec] WARN adduser Incorrect username or password
> [exec] WARN adduser You can reset your account by visiting:
> [exec] WARN adduser
> [exec] WARN adduser https://npmjs.org/forgot
> [exec] WARN adduser
> [exec]
> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51
> [exec] throw new Error(error);
> [exec] ^
> [exec]
> [exec] Error: Error: failed to authenticate: A One Time Password
> (OTP) by email is required. : -/user/org.couchdb.user:apache-royale-owner
> [exec] at
> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51:14
> [exec] at
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14
> [exec] at
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16
> [exec] at f
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
> [exec] at
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10
> [exec] at
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12
> [exec] at f
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
> [exec] at RegClient.<anonymous>
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12)
> [exec] at Request._callback
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14)
> [exec] at Request.self.callback
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22)
> [exec] at Request.emit (events.js:315:20)
> [exec] at Request.<anonymous>
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10)
> [exec] at Request.emit (events.js:315:20)
> [exec] at IncomingMessage.<anonymous>
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12)
> [exec] at Object.onceWrapper (events.js:421:28)
> [exec] at IncomingMessage.emit (events.js:327:22)
>
> BUILD FAILED
> C:\dev\release_royale\releasecandidate.xml:1116: The following error
> occurred while executing this line:
> C:\dev\release_royale\releasecandidate.xml:1400: exec returned: 1
>
> Total time: 7 minutes 26 seconds
>
>
--
Piotr Zarzycki
Re: NPM Credentials Problem Blocking Release
Posted by Piotr Zarzycki <pi...@gmail.com>.
Yes it goes to private as I see...
wt., 29 mar 2022 o 09:47 Yishay Weiss <yi...@hotmail.com> napisał(a):
> I’m not sure which email the new password gets sent to. Does it go to
> private@royale.release.org<ma...@royale.release.org> ?
>
> Also, I see some npm requests to do 2FA which we have ignored. It’s
> probably best to avoid that if possible to keep the release scriptable.
>
> @OmPrakash Muppirala<ma...@gmail.com>, are you the one who
> set this up? Can you help out?
>
> Thanks.
>
> [exec] http request PUT
> https://registry.npmjs.org/-/user/org.couchdb.user:apache-royale-owner
> [exec] info attempt registry request try #1 at 10:39:44 AM
> [exec] http request PUT
> https://registry.npmjs.org/@apache-royale%2froyale-js
> [exec] http 401
> https://registry.npmjs.org/-/user/org.couchdb.user:apache-royale-owner
> [exec] WARN notice Please check your email for a one-time password
> (OTP)
> [exec] WARN adduser Incorrect username or password
> [exec] WARN adduser You can reset your account by visiting:
> [exec] WARN adduser
> [exec] WARN adduser https://npmjs.org/forgot
> [exec] WARN adduser
> [exec]
> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51
> [exec] throw new Error(error);
> [exec] ^
> [exec]
> [exec] Error: Error: failed to authenticate: A One Time Password
> (OTP) by email is required. : -/user/org.couchdb.user:apache-royale-owner
> [exec] at
> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51:14
> [exec] at
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14
> [exec] at
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16
> [exec] at f
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
> [exec] at
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10
> [exec] at
> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12
> [exec] at f
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
> [exec] at RegClient.<anonymous>
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12)
> [exec] at Request._callback
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14)
> [exec] at Request.self.callback
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22)
> [exec] at Request.emit (events.js:315:20)
> [exec] at Request.<anonymous>
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10)
> [exec] at Request.emit (events.js:315:20)
> [exec] at IncomingMessage.<anonymous>
> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12)
> [exec] at Object.onceWrapper (events.js:421:28)
> [exec] at IncomingMessage.emit (events.js:327:22)
>
> BUILD FAILED
> C:\dev\release_royale\releasecandidate.xml:1116: The following error
> occurred while executing this line:
> C:\dev\release_royale\releasecandidate.xml:1400: exec returned: 1
>
> Total time: 7 minutes 26 seconds
>
>
--
Piotr Zarzycki