Skip to content

fix(ci): publish GitHub package under org scope#12

Merged
Jess Sullivan (Jesssullivan) merged 1 commit into
mainfrom
codex/tin713-gh-packages-scope
Apr 28, 2026
Merged

fix(ci): publish GitHub package under org scope#12
Jess Sullivan (Jesssullivan) merged 1 commit into
mainfrom
codex/tin713-gh-packages-scope

Conversation

@Jesssullivan

@Jesssullivan Jess Sullivan (Jesssullivan) commented Apr 28, 2026

Copy link
Copy Markdown
Collaborator

Summary

  • keep npm publishing as @tummycrypt/tinyland-auth-pg
  • change the GitHub Packages mirror name to @tinyland-inc/tinyland-auth-pg in CI and Publish
  • preserve the reusable workflow behavior that rewrites package.json only in the GitHub Packages publish workspace

Why

GitHub Packages npm scopes are owner-bound. The v0.2.4 release published to npm successfully, but the GitHub Packages mirror failed with:

npm error 403 403 Forbidden - PUT https://npm.pkg.github.com/@tummycrypt%2ftinyland-auth-pg - Permission not_found: owner not found

Using the repository owner scope should let the mirror publish as @tinyland-inc/tinyland-auth-pg without changing the public npm artifact.

Validation

  • git diff --check
  • local assertion that both workflows use @tinyland-inc/tinyland-auth-pg and no longer pass the @tummycrypt mirror name

Refs TIN-713.

@greptile-apps

greptile-apps Bot commented Apr 28, 2026

Copy link
Copy Markdown

Greptile Summary

This PR corrects the GitHub Packages publish scope from @tummycrypt/tinyland-auth-pg to @tinyland-inc/tinyland-auth-pg in both ci.yml and publish.yml, resolving the 403 owner not found error that blocked the v0.2.4 mirror. The public npm artifact under @tummycrypt/tinyland-auth-pg is untouched; only the GitHub Packages mirror name is renamed.

Confidence Score: 5/5

Safe to merge — targeted two-line fix that corrects the GitHub Packages owner scope with no other side effects.

Both changes are a single-line rename of a string literal in each workflow file. The root cause (owner-bound scope requirement) is well understood, the fix directly addresses it, and all other workflow parameters — permissions, dry_run, secret forwarding — remain correct and unchanged.

No files require special attention.

Important Files Changed

Filename Overview
.github/workflows/ci.yml Single-line change updates github_package_name scope from @tummycrypt to @tinyland-inc; dry_run remains true and permissions unchanged.
.github/workflows/publish.yml Same single-line scope rename; packages: write permission and NPM_TOKEN secret forwarding are already correct for publishing.

Sequence Diagram

sequenceDiagram
    participant GHA as GitHub Actions
    participant NPM as npmjs.com registry
    participant GHPKG as GitHub Packages (npm.pkg.github.com)

    GHA->>NPM: publish @tummycrypt/tinyland-auth-pg (NPM_TOKEN)
    NPM-->>GHA: 200 OK

    Note over GHA,GHPKG: Before this PR
    GHA->>GHPKG: publish @tummycrypt/tinyland-auth-pg (GITHUB_TOKEN)
    GHPKG-->>GHA: 403 owner not found

    Note over GHA,GHPKG: After this PR
    GHA->>GHPKG: publish @tinyland-inc/tinyland-auth-pg (GITHUB_TOKEN)
    GHPKG-->>GHA: 200 OK
Loading

Reviews (1): Last reviewed commit: "fix(ci): publish github package under or..." | Re-trigger Greptile

@Jesssullivan Jess Sullivan (Jesssullivan) merged commit 1d79c2d into main Apr 28, 2026
5 checks passed
@Jesssullivan Jess Sullivan (Jesssullivan) deleted the codex/tin713-gh-packages-scope branch April 28, 2026 21:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@Jesssullivan Jess Sullivan (Jesssullivan)

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Jesssullivan