Yeah, not sure why that didn't work. I'll email infra.
On 3/31/22, 12:53 PM, "Harbs" <[email protected]> wrote:
I don’t know why it didn’t work.
We should probably ask Infra.
> On Mar 31, 2022, at 10:23 PM, Yishay Weiss <[email protected]> wrote:
>
> I thought Alex fixed it so it doesn’t need you to approve… It’s expired
and you should see a couple of more such messages.
>
> From: Harbs<mailto:[email protected]>
> Sent: Thursday, March 31, 2022 10:06 PM
> To: Apache Royale Development<mailto:[email protected]>
> Subject: Re: NPM Credentials Problem Blocking Release
>
> I approved and should have added it again to the allow list.
>
> It came through. If it expired already, try again. Hopefully it’ll work...
>
>> On Mar 31, 2022, at 10:01 PM, Yishay Weiss <[email protected]>
wrote:
>>
>> I just tried logging in, got the OTP sent message, but am not seeing it
in private.
>>
>> From: Alex Harui<mailto:[email protected]>
>> Sent: Thursday, March 31, 2022 7:44 PM
>> To: [email protected]<mailto:[email protected]>
>> Subject: Re: NPM Credentials Problem Blocking Release
>>
>> OK, [email protected] is now on the allow list. Yishay, if you try to
publish again, in theory the NPM messages will go straight to private@. Let us
know if that isn't happening. I'll try to look for moderator messages but they
often go to junk and I can't control settings for my corporate email.
>>
>> FWIW, Here's a link to some doc on the EZMLM robot that runs ASF mailing
lists.
https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Funtroubled.org%2Fezmlm%2Fmanual%2F&data=04%7C01%7Caharui%40adobe.com%7Cf40dea351c5b41feedb008da1350196c%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843531994000251%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=8YZCiyweu8T1IhoF965DOXsvZQfloT5zwQAWwR9bD%2BE%3D&reserved=0
>>
>> The command I sent was executed by sending an email to
[email protected]
>> Any list moderator can send to these sort of email addresses and the
robot will parse the address and execute a command. We can subscribe and
unsubscribe people, allow them to send and not receive, get a list of all
subscribers and more.
>>
>> HTH,
>> -Alex
>>
>> On 3/31/22, 8:44 AM, "Josh Tynjala" <[email protected]> wrote:
>>
>> Do it.
>>
>> --
>> Josh Tynjala
>> Bowler Hat LLC
<https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbowlerhat.dev%2F&data=04%7C01%7Caharui%40adobe.com%7Cf40dea351c5b41feedb008da1350196c%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843531994000251%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=HXIowfNdhetPK88PRv40pSnWcuAHTFUYNIjLRuQg2Hs%3D&reserved=0>
>>
>>
>> On Wed, Mar 30, 2022 at 11:24 PM Alex Harui <[email protected]>
>> wrote:
>>
>>> Each mailing list has an "allow" subscriber list that is different from
>>> the regular subscriber list. "allow" can send but can't receive. The
>>> syntax can be extracted from the moderator emails. If we get consensus
to
>>> try it, I'll send the command.
>>>
>>> On 3/30/22, 11:17 PM, "Piotr Zarzycki" <[email protected]>
wrote:
>>>
>>> I don’t know how to whitelist that email but I will try to figure it
>>> out
>>> soon.
>>>
>>> On Thu, 31 Mar 2022 at 06:06, Alex Harui <[email protected]>
>>> wrote:
>>>
>>>> Yishay, maybe you can also be a moderator? It might also be
>>> possible to
>>>> allow emails from npm without moderation. I don't remember if we
>>> tried
>>>> that. It works on the other lists. There might be a restriction on
>>>> private@.
>>>>
>>>> -Alex
>>>>
>>>> On 3/30/22, 7:55 PM, "Yishay Weiss" <[email protected]> wrote:
>>>>
>>>> Piotr, being the moderator, is receiving them but it’s hard for
>>> me to
>>>> do anything from my side because I can’t login without a OTP.
>>>>
>>>> I’m guessing we need to either create an automation token, or
>>> change
>>>> the module settings to not require 2FA [1].
>>>>
>>>> [1] Securely Automating npm publish with the New npm Automation
>>> Tokens
>>>> - DEV Community<
>>>>
>>>
https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdev.to%2Fbnb%2Fsecurely-automating-npm-publish-with-the-new-npm-automation-tokens-oei&data=04%7C01%7Caharui%40adobe.com%7Cf40dea351c5b41feedb008da1350196c%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843531994000251%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=vFwzQJFhxlPuZ%2Bnfy1QsN1V3TO3dtREcgRkiqTJRVJE%3D&reserved=0
>>>>>
>>>>
>>>> From: Alex Harui<mailto:[email protected]>
>>>> Sent: Tuesday, March 29, 2022 7:05 PM
>>>> To: [email protected]<mailto:[email protected]>
>>>> Cc: OmPrakash Muppirala<mailto:[email protected]>
>>>> Subject: Re: NPM Credentials Problem Blocking Release
>>>>
>>>> I get some emails from NPM to apache-royale-owner. I can
>>> forward them
>>>> to [email protected] if they aren't also going there.
>>>>
>>>> One has the subject: [npm] OTP for logging in to your account:
>>>> apache-royale-owner
>>>> The other: Your npm password reset
>>>>
>>>> -Alex
>>>>
>>>> On 3/29/22, 3:37 AM, "Yishay Weiss" <[email protected]>
>>> wrote:
>>>>
>>>> Ok, looks like we’ve figured it out for now with a temp
>>> password.
>>>> 2FA does not seem to be a requirement. We will update the private
>>> list with
>>>> the new credentials when that’s ready.
>>>>
>>>> From: Piotr Zarzycki<mailto:[email protected]>
>>>> Sent: Tuesday, March 29, 2022 11:18 AM
>>>> To: Apache Royale Development<mailto:[email protected]>
>>>> Cc: OmPrakash Muppirala<mailto:[email protected]>
>>>> Subject: Re: NPM Credentials Problem Blocking Release
>>>>
>>>> Yes it goes to private as I see...
>>>>
>>>> wt., 29 mar 2022 o 09:47 Yishay Weiss <
>>> [email protected]>
>>>> napisał(a):
>>>>
>>>>> I’m not sure which email the new password gets sent to.
>>> Does it
>>>> go to
>>>>> [email protected]<mailto:
>>> [email protected]> ?
>>>>>
>>>>> Also, I see some npm requests to do 2FA which we have
>>> ignored.
>>>> It’s
>>>>> probably best to avoid that if possible to keep the release
>>>> scriptable.
>>>>>
>>>>> @OmPrakash Muppirala<mailto:[email protected]>, are
>>> you the
>>>> one who
>>>>> set this up? Can you help out?
>>>>>
>>>>> Thanks.
>>>>>
>>>>> [exec] http request PUT
>>>>>
>>>>
>>>
https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7Cf40dea351c5b41feedb008da1350196c%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843531994000251%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=e4o40U3FLZMOhCin5zNLH27WpMX1I1G6qMIsqrRMw2M%3D&reserved=0
>>>>> [exec] info attempt registry request try #1 at
>>> 10:39:44 AM
>>>>> [exec] http request PUT
>>>>>
>>>>
>>>
https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F%40apache-royale%252froyale-js&data=04%7C01%7Caharui%40adobe.com%7Cf40dea351c5b41feedb008da1350196c%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843531994000251%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=JFDEU0kGE93PVqC1LwlG%2FByZrTGBVpW6qwN3KfYGUBE%3D&reserved=0
>>>>> [exec] http 401
>>>>>
>>>>
>>>
https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7Cf40dea351c5b41feedb008da1350196c%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843531994000251%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=e4o40U3FLZMOhCin5zNLH27WpMX1I1G6qMIsqrRMw2M%3D&reserved=0
>>>>> [exec] WARN notice Please check your email for a
>>> one-time
>>>> password
>>>>> (OTP)
>>>>> [exec] WARN adduser Incorrect username or password
>>>>> [exec] WARN adduser You can reset your account by
>>> visiting:
>>>>> [exec] WARN adduser
>>>>> [exec] WARN adduser
>>>>
>>>
https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fnpmjs.org%2Fforgot&data=04%7C01%7Caharui%40adobe.com%7Cf40dea351c5b41feedb008da1350196c%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637843531994000251%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=6m1Yzx1SepHyC9isyUOTCK5PaEvLlBjw%2FXO6C%2B7JRPM%3D&reserved=0
>>>>> [exec] WARN adduser
>>>>> [exec]
>>>>>
>>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51
>>>>> [exec] throw new Error(error);
>>>>> [exec] ^
>>>>> [exec]
>>>>> [exec] Error: Error: failed to authenticate: A One
>>> Time
>>>> Password
>>>>> (OTP) by email is required. :
>>>> -/user/org.couchdb.user:apache-royale-owner
>>>>> [exec] at
>>>>>
>>>>
>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51:14
>>>>> [exec] at
>>>>>
>>>>
>>>
C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14
>>>>> [exec] at
>>>>>
>>>>
>>>
C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16
>>>>> [exec] at f
>>>>>
>>>>
>>>
(C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
>>>>> [exec] at
>>>>>
>>>>
>>>
C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10
>>>>> [exec] at
>>>>>
>>>>
>>>
C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12
>>>>> [exec] at f
>>>>>
>>>>
>>>
(C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25)
>>>>> [exec] at RegClient.<anonymous>
>>>>>
>>>>
>>>
(C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12)
>>>>> [exec] at Request._callback
>>>>>
>>>>
>>>
(C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14)
>>>>> [exec] at Request.self.callback
>>>>>
>>>>
>>>
(C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22)
>>>>> [exec] at Request.emit (events.js:315:20)
>>>>> [exec] at Request.<anonymous>
>>>>>
>>>>
>>>
(C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10)
>>>>> [exec] at Request.emit (events.js:315:20)
>>>>> [exec] at IncomingMessage.<anonymous>
>>>>>
>>>>
>>>
(C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12)
>>>>> [exec] at Object.onceWrapper (events.js:421:28)
>>>>> [exec] at IncomingMessage.emit (events.js:327:22)
>>>>>
>>>>> BUILD FAILED
>>>>> C:\dev\release_royale\releasecandidate.xml:1116: The
>>> following
>>>> error
>>>>> occurred while executing this line:
>>>>> C:\dev\release_royale\releasecandidate.xml:1400: exec
>>> returned: 1
>>>>>
>>>>> Total time: 7 minutes 26 seconds
>>>>>
>>>>>
>>>>
>>>> --
>>>>
>>>> Piotr Zarzycki
>>>>
>>>>
>>>>
>>>> --
>>>
>>> Piotr Zarzycki
>>>
>>>
>>
>
