OK, supp...@npmjs.com is now on the allow list. Yishay, if you try to publish again, in theory the NPM messages will go straight to private@. Let us know if that isn't happening. I'll try to look for moderator messages but they often go to junk and I can't control settings for my corporate email.
FWIW, Here's a link to some doc on the EZMLM robot that runs ASF mailing lists. https://untroubled.org/ezmlm/manual/ The command I sent was executed by sending an email to private-allow-subscribe-support=npmjs....@royale.apache.org Any list moderator can send to these sort of email addresses and the robot will parse the address and execute a command. We can subscribe and unsubscribe people, allow them to send and not receive, get a list of all subscribers and more. HTH, -Alex On 3/31/22, 8:44 AM, "Josh Tynjala" <joshtynj...@bowlerhat.dev> wrote: Do it. -- Josh Tynjala Bowler Hat LLC <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbowlerhat.dev%2F&data=04%7C01%7Caharui%40adobe.com%7C382be41135db42c6bbff08da132d6383%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843382910921619%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=oh6FobNIVBZdKNPjOh%2BF8aZbB3WvNY9Dl9nijoLzK2g%3D&reserved=0> On Wed, Mar 30, 2022 at 11:24 PM Alex Harui <aha...@adobe.com.invalid> wrote: > Each mailing list has an "allow" subscriber list that is different from > the regular subscriber list. "allow" can send but can't receive. The > syntax can be extracted from the moderator emails. If we get consensus to > try it, I'll send the command. > > On 3/30/22, 11:17 PM, "Piotr Zarzycki" <piotrzarzyck...@gmail.com> wrote: > > I don’t know how to whitelist that email but I will try to figure it > out > soon. > > On Thu, 31 Mar 2022 at 06:06, Alex Harui <aha...@adobe.com.invalid> > wrote: > > > Yishay, maybe you can also be a moderator? It might also be > possible to > > allow emails from npm without moderation. I don't remember if we > tried > > that. It works on the other lists. There might be a restriction on > > private@. > > > > -Alex > > > > On 3/30/22, 7:55 PM, "Yishay Weiss" <yishayj...@hotmail.com> wrote: > > > > Piotr, being the moderator, is receiving them but it’s hard for > me to > > do anything from my side because I can’t login without a OTP. > > > > I’m guessing we need to either create an automation token, or > change > > the module settings to not require 2FA [1]. > > > > [1] Securely Automating npm publish with the New npm Automation > Tokens > > - DEV Community< > > > https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdev.to%2Fbnb%2Fsecurely-automating-npm-publish-with-the-new-npm-automation-tokens-oei&data=04%7C01%7Caharui%40adobe.com%7C382be41135db42c6bbff08da132d6383%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843382910921619%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=FAhB2Dg%2FZPEsGckPEXcxT65vcQqt6YkGFaJ9IkCJ%2Blo%3D&reserved=0 > > > > > > > From: Alex Harui<mailto:aha...@adobe.com.INVALID> > > Sent: Tuesday, March 29, 2022 7:05 PM > > To: dev@royale.apache.org<mailto:dev@royale.apache.org> > > Cc: OmPrakash Muppirala<mailto:bigosma...@gmail.com> > > Subject: Re: NPM Credentials Problem Blocking Release > > > > I get some emails from NPM to apache-royale-owner. I can > forward them > > to private@royale.a.o if they aren't also going there. > > > > One has the subject: [npm] OTP for logging in to your account: > > apache-royale-owner > > The other: Your npm password reset > > > > -Alex > > > > On 3/29/22, 3:37 AM, "Yishay Weiss" <yishayj...@hotmail.com> > wrote: > > > > Ok, looks like we’ve figured it out for now with a temp > password. > > 2FA does not seem to be a requirement. We will update the private > list with > > the new credentials when that’s ready. > > > > From: Piotr Zarzycki<mailto:piotrzarzyck...@gmail.com> > > Sent: Tuesday, March 29, 2022 11:18 AM > > To: Apache Royale Development<mailto:dev@royale.apache.org> > > Cc: OmPrakash Muppirala<mailto:bigosma...@gmail.com> > > Subject: Re: NPM Credentials Problem Blocking Release > > > > Yes it goes to private as I see... > > > > wt., 29 mar 2022 o 09:47 Yishay Weiss < > yishayj...@hotmail.com> > > napisał(a): > > > > > I’m not sure which email the new password gets sent to. > Does it > > go to > > > priv...@royale.release.org<mailto: > priv...@royale.release.org> ? > > > > > > Also, I see some npm requests to do 2FA which we have > ignored. > > It’s > > > probably best to avoid that if possible to keep the release > > scriptable. > > > > > > @OmPrakash Muppirala<mailto:bigosma...@gmail.com>, are > you the > > one who > > > set this up? Can you help out? > > > > > > Thanks. > > > > > > [exec] http request PUT > > > > > > https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C382be41135db42c6bbff08da132d6383%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843382910921619%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=pFeznO0SBwibJPEMEDyBfEG%2F6qx1bLfE2%2BaA8mUV4NQ%3D&reserved=0 > > > [exec] info attempt registry request try #1 at > 10:39:44 AM > > > [exec] http request PUT > > > > > > https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F%40apache-royale%252froyale-js&data=04%7C01%7Caharui%40adobe.com%7C382be41135db42c6bbff08da132d6383%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843382910921619%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=kXQOkbWdWMYMqn6xGdPL3f7vB4PSuhLRynMlZGgBNAc%3D&reserved=0 > > > [exec] http 401 > > > > > > https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C382be41135db42c6bbff08da132d6383%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843382910921619%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=pFeznO0SBwibJPEMEDyBfEG%2F6qx1bLfE2%2BaA8mUV4NQ%3D&reserved=0 > > > [exec] WARN notice Please check your email for a > one-time > > password > > > (OTP) > > > [exec] WARN adduser Incorrect username or password > > > [exec] WARN adduser You can reset your account by > visiting: > > > [exec] WARN adduser > > > [exec] WARN adduser > > > https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fnpmjs.org%2Fforgot&data=04%7C01%7Caharui%40adobe.com%7C382be41135db42c6bbff08da132d6383%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843382910921619%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=3sONnnnCtAKBcD7JjDxPTZ3SRsKphpZvEEV2b2o%2BGt4%3D&reserved=0 > > > [exec] WARN adduser > > > [exec] > > > > > C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51 > > > [exec] throw new Error(error); > > > [exec] ^ > > > [exec] > > > [exec] Error: Error: failed to authenticate: A One > Time > > Password > > > (OTP) by email is required. : > > -/user/org.couchdb.user:apache-royale-owner > > > [exec] at > > > > > > C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51:14 > > > [exec] at > > > > > > C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14 > > > [exec] at > > > > > > C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16 > > > [exec] at f > > > > > > (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25) > > > [exec] at > > > > > > C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10 > > > [exec] at > > > > > > C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12 > > > [exec] at f > > > > > > (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25) > > > [exec] at RegClient.<anonymous> > > > > > > (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12) > > > [exec] at Request._callback > > > > > > (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14) > > > [exec] at Request.self.callback > > > > > > (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22) > > > [exec] at Request.emit (events.js:315:20) > > > [exec] at Request.<anonymous> > > > > > > (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10) > > > [exec] at Request.emit (events.js:315:20) > > > [exec] at IncomingMessage.<anonymous> > > > > > > (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12) > > > [exec] at Object.onceWrapper (events.js:421:28) > > > [exec] at IncomingMessage.emit (events.js:327:22) > > > > > > BUILD FAILED > > > C:\dev\release_royale\releasecandidate.xml:1116: The > following > > error > > > occurred while executing this line: > > > C:\dev\release_royale\releasecandidate.xml:1400: exec > returned: 1 > > > > > > Total time: 7 minutes 26 seconds > > > > > > > > > > -- > > > > Piotr Zarzycki > > > > > > > > -- > > Piotr Zarzycki > >
