The non-interactivity happens before ant, in publish.js. I ended up doing it interactively on the CLI.
Reading their docs [1]it looks like 2FA will be enforced at some point, so we should aim IMO to work with that. Manually, I just switched the settings to 2FA and then used my mobile authenticator to provide the OTP (I’ve reverted it back to no 2FA). I could not get the automation token (which I’ve generated) [2] to work. [1] Enrolling all npm publishers in enhanced login verification and next steps for two-factor authentication enforcement | The GitHub Blog<https://github.blog/2021-12-07-enrolling-npm-publishers-enhanced-login-verification-two-factor-authentication-enforcement/> [2] Creating and viewing access tokens | npm Docs (npmjs.com)<https://docs.npmjs.com/creating-and-viewing-access-tokens#creating-access-tokens> From: Alex Harui<mailto:aha...@adobe.com.INVALID> Sent: Friday, April 1, 2022 9:04 PM To: dev@royale.apache.org<mailto:dev@royale.apache.org> Subject: Re: NPM Credentials Problem Blocking Release Hi Yishay, All of my Royale stuff is on another old laptop and I won't have access to it for another 7 days. It could be that Ant is not running in a mode that allows for a prompt. I don't remember if we had OTP when publishing in the past. -Alex On 4/1/22, 10:51 AM, "Yishay Weiss" <yishayj...@hotmail.com> wrote: Thanks, they’re coming through now. Being new to npm publishing I have not been able to modify the ant scripts to make this work. So any help would be appreciated. The script fails on adduser [1]. I’ve tried adding an .npmrc file under royale-asjs with //registry.npmjs.org/:_authToken=<…> But that didn’t help. Any ideas? [1] [exec] Publishing to NPM: @apache-royale/royale-js version: 0.9.9... [exec] info attempt registry request try #1 at 8:37:34 PM [exec] http request PUT https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=qZz1dfVh7b0vEnRtDOolW1fN8RUpKzvQvlYL%2BianIcY%3D&reserved=0 [exec] info attempt registry request try #1 at 8:37:35 PM [exec] http request PUT https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F%40apache-royale%252froyale-js&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=GnR46nQQgvnX%2B%2BilSiYNefzPrz%2FiLC5KZg3o%2Bi%2B5%2B3Q%3D&reserved=0 [exec] http 401 https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=qZz1dfVh7b0vEnRtDOolW1fN8RUpKzvQvlYL%2BianIcY%3D&reserved=0 [exec] WARN notice Please use the one-time password (OTP) from your authenticator application [exec] WARN adduser Incorrect username or password [exec] WARN adduser You can reset your account by visiting: [exec] WARN adduser [exec] WARN adduser https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fnpmjs.org%2Fforgot&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=J4%2BiLN%2FedAJiTavC0obA3clNCiL0kl6IOlOar%2FnKqF0%3D&reserved=0 [exec] WARN adduser [exec] C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:52 [exec] throw new Error(error); [exec] ^ [exec] [exec] Error: Error: failed to authenticate: Could not authenticate apache-royale-owner: bad otp : -/user/org.couchdb.user:apache-royale-owner [exec] at C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:52:14 [exec] at C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14 [exec] at C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16 [exec] at f (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25) [exec] at C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10 [exec] at C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12 [exec] at f (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25) [exec] at RegClient.<anonymous> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12) [exec] at Request._callback (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14) [exec] at Request.self.callback (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22) [exec] at Request.emit (events.js:315:20) [exec] at Request.<anonymous> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10) [exec] at Request.emit (events.js:315:20) [exec] at IncomingMessage.<anonymous> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12) [exec] at Object.onceWrapper (events.js:421:28) [exec] at IncomingMessage.emit (events.js:327:22) BUILD FAILED C:\dev\release_royale\releasecandidate.xml:1363: exec returned: 1 From: Alex Harui<mailto:aha...@adobe.com.INVALID> Sent: Friday, April 1, 2022 12:25 AM To: dev@royale.apache.org<mailto:dev@royale.apache.org> Subject: Re: NPM Credentials Problem Blocking Release Infra says the actual sender is not supp...@npmjs.com. They have implemented a custom solution. Yishay, can you try again? Thanks, -Alex On 3/31/22, 1:39 PM, "Alex Harui" <aha...@adobe.com.INVALID> wrote: Yeah, not sure why that didn't work. I'll email infra. On 3/31/22, 12:53 PM, "Harbs" <harbs.li...@gmail.com> wrote: I don’t know why it didn’t work. We should probably ask Infra. > On Mar 31, 2022, at 10:23 PM, Yishay Weiss <yishayj...@hotmail.com> wrote: > > I thought Alex fixed it so it doesn’t need you to approve… It’s expired and you should see a couple of more such messages. > > From: Harbs<mailto:harbs.li...@gmail.com> > Sent: Thursday, March 31, 2022 10:06 PM > To: Apache Royale Development<mailto:dev@royale.apache.org> > Subject: Re: NPM Credentials Problem Blocking Release > > I approved and should have added it again to the allow list. > > It came through. If it expired already, try again. Hopefully it’ll work... > >> On Mar 31, 2022, at 10:01 PM, Yishay Weiss <yishayj...@hotmail.com> wrote: >> >> I just tried logging in, got the OTP sent message, but am not seeing it in private. >> >> From: Alex Harui<mailto:aha...@adobe.com.INVALID> >> Sent: Thursday, March 31, 2022 7:44 PM >> To: dev@royale.apache.org<mailto:dev@royale.apache.org> >> Subject: Re: NPM Credentials Problem Blocking Release >> >> OK, supp...@npmjs.com is now on the allow list. Yishay, if you try to publish again, in theory the NPM messages will go straight to private@. Let us know if that isn't happening. I'll try to look for moderator messages but they often go to junk and I can't control settings for my corporate email. >> >> FWIW, Here's a link to some doc on the EZMLM robot that runs ASF mailing lists. https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Funtroubled.org%2Fezmlm%2Fmanual%2F&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=uLzD96tz3sBhkMOvNdyDZ%2Fy7D4FWZmlXNkNMJFEimfI%3D&reserved=0 >> >> The command I sent was executed by sending an email to private-allow-subscribe-support=npmjs....@royale.apache.org >> Any list moderator can send to these sort of email addresses and the robot will parse the address and execute a command. We can subscribe and unsubscribe people, allow them to send and not receive, get a list of all subscribers and more. >> >> HTH, >> -Alex >> >> On 3/31/22, 8:44 AM, "Josh Tynjala" <joshtynj...@bowlerhat.dev> wrote: >> >> Do it. >> >> -- >> Josh Tynjala >> Bowler Hat LLC <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbowlerhat.dev%2F&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=qGYKjnY8ozbWgy89acmDDOkAZ63NmByrnmSW1DLLEXM%3D&reserved=0> >> >> >> On Wed, Mar 30, 2022 at 11:24 PM Alex Harui <aha...@adobe.com.invalid> >> wrote: >> >>> Each mailing list has an "allow" subscriber list that is different from >>> the regular subscriber list. "allow" can send but can't receive. The >>> syntax can be extracted from the moderator emails. If we get consensus to >>> try it, I'll send the command. >>> >>> On 3/30/22, 11:17 PM, "Piotr Zarzycki" <piotrzarzyck...@gmail.com> wrote: >>> >>> I don’t know how to whitelist that email but I will try to figure it >>> out >>> soon. >>> >>> On Thu, 31 Mar 2022 at 06:06, Alex Harui <aha...@adobe.com.invalid> >>> wrote: >>> >>>> Yishay, maybe you can also be a moderator? It might also be >>> possible to >>>> allow emails from npm without moderation. I don't remember if we >>> tried >>>> that. It works on the other lists. There might be a restriction on >>>> private@. >>>> >>>> -Alex >>>> >>>> On 3/30/22, 7:55 PM, "Yishay Weiss" <yishayj...@hotmail.com> wrote: >>>> >>>> Piotr, being the moderator, is receiving them but it’s hard for >>> me to >>>> do anything from my side because I can’t login without a OTP. >>>> >>>> I’m guessing we need to either create an automation token, or >>> change >>>> the module settings to not require 2FA [1]. >>>> >>>> [1] Securely Automating npm publish with the New npm Automation >>> Tokens >>>> - DEV Community< >>>> >>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdev.to%2Fbnb%2Fsecurely-automating-npm-publish-with-the-new-npm-automation-tokens-oei&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=hAsQoFRmUHDC4x6Ch0ZNbJ7rQP%2BCXJ2%2B05BUnR49tS0%3D&reserved=0 >>>>> >>>> >>>> From: Alex Harui<mailto:aha...@adobe.com.INVALID> >>>> Sent: Tuesday, March 29, 2022 7:05 PM >>>> To: dev@royale.apache.org<mailto:dev@royale.apache.org> >>>> Cc: OmPrakash Muppirala<mailto:bigosma...@gmail.com> >>>> Subject: Re: NPM Credentials Problem Blocking Release >>>> >>>> I get some emails from NPM to apache-royale-owner. I can >>> forward them >>>> to private@royale.a.o if they aren't also going there. >>>> >>>> One has the subject: [npm] OTP for logging in to your account: >>>> apache-royale-owner >>>> The other: Your npm password reset >>>> >>>> -Alex >>>> >>>> On 3/29/22, 3:37 AM, "Yishay Weiss" <yishayj...@hotmail.com> >>> wrote: >>>> >>>> Ok, looks like we’ve figured it out for now with a temp >>> password. >>>> 2FA does not seem to be a requirement. We will update the private >>> list with >>>> the new credentials when that’s ready. >>>> >>>> From: Piotr Zarzycki<mailto:piotrzarzyck...@gmail.com> >>>> Sent: Tuesday, March 29, 2022 11:18 AM >>>> To: Apache Royale Development<mailto:dev@royale.apache.org> >>>> Cc: OmPrakash Muppirala<mailto:bigosma...@gmail.com> >>>> Subject: Re: NPM Credentials Problem Blocking Release >>>> >>>> Yes it goes to private as I see... >>>> >>>> wt., 29 mar 2022 o 09:47 Yishay Weiss < >>> yishayj...@hotmail.com> >>>> napisał(a): >>>> >>>>> I’m not sure which email the new password gets sent to. >>> Does it >>>> go to >>>>> priv...@royale.release.org<mailto: >>> priv...@royale.release.org> ? >>>>> >>>>> Also, I see some npm requests to do 2FA which we have >>> ignored. >>>> It’s >>>>> probably best to avoid that if possible to keep the release >>>> scriptable. >>>>> >>>>> @OmPrakash Muppirala<mailto:bigosma...@gmail.com>, are >>> you the >>>> one who >>>>> set this up? Can you help out? >>>>> >>>>> Thanks. >>>>> >>>>> [exec] http request PUT >>>>> >>>> >>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=qZz1dfVh7b0vEnRtDOolW1fN8RUpKzvQvlYL%2BianIcY%3D&reserved=0 >>>>> [exec] info attempt registry request try #1 at >>> 10:39:44 AM >>>>> [exec] http request PUT >>>>> >>>> >>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F%40apache-royale%252froyale-js&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=GnR46nQQgvnX%2B%2BilSiYNefzPrz%2FiLC5KZg3o%2Bi%2B5%2B3Q%3D&reserved=0 >>>>> [exec] http 401 >>>>> >>>> >>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fregistry.npmjs.org%2F-%2Fuser%2Forg.couchdb.user%3Aapache-royale-owner&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=qZz1dfVh7b0vEnRtDOolW1fN8RUpKzvQvlYL%2BianIcY%3D&reserved=0 >>>>> [exec] WARN notice Please check your email for a >>> one-time >>>> password >>>>> (OTP) >>>>> [exec] WARN adduser Incorrect username or password >>>>> [exec] WARN adduser You can reset your account by >>> visiting: >>>>> [exec] WARN adduser >>>>> [exec] WARN adduser >>>> >>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fnpmjs.org%2Fforgot&data=04%7C01%7Caharui%40adobe.com%7C47bc1f20448e4405a53308da1407e7c7%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637844322683641253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=J4%2BiLN%2FedAJiTavC0obA3clNCiL0kl6IOlOar%2FnKqF0%3D&reserved=0 >>>>> [exec] WARN adduser >>>>> [exec] >>>>> >>>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51 >>>>> [exec] throw new Error(error); >>>>> [exec] ^ >>>>> [exec] >>>>> [exec] Error: Error: failed to authenticate: A One >>> Time >>>> Password >>>>> (OTP) by email is required. : >>>> -/user/org.couchdb.user:apache-royale-owner >>>>> [exec] at >>>>> >>>> >>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51:14 >>>>> [exec] at >>>>> >>>> >>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14 >>>>> [exec] at >>>>> >>>> >>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16 >>>>> [exec] at f >>>>> >>>> >>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25) >>>>> [exec] at >>>>> >>>> >>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10 >>>>> [exec] at >>>>> >>>> >>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12 >>>>> [exec] at f >>>>> >>>> >>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25) >>>>> [exec] at RegClient.<anonymous> >>>>> >>>> >>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12) >>>>> [exec] at Request._callback >>>>> >>>> >>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14) >>>>> [exec] at Request.self.callback >>>>> >>>> >>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22) >>>>> [exec] at Request.emit (events.js:315:20) >>>>> [exec] at Request.<anonymous> >>>>> >>>> >>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10) >>>>> [exec] at Request.emit (events.js:315:20) >>>>> [exec] at IncomingMessage.<anonymous> >>>>> >>>> >>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12) >>>>> [exec] at Object.onceWrapper (events.js:421:28) >>>>> [exec] at IncomingMessage.emit (events.js:327:22) >>>>> >>>>> BUILD FAILED >>>>> C:\dev\release_royale\releasecandidate.xml:1116: The >>> following >>>> error >>>>> occurred while executing this line: >>>>> C:\dev\release_royale\releasecandidate.xml:1400: exec >>> returned: 1 >>>>> >>>>> Total time: 7 minutes 26 seconds >>>>> >>>>> >>>> >>>> -- >>>> >>>> Piotr Zarzycki >>>> >>>> >>>> >>>> -- >>> >>> Piotr Zarzycki >>> >>> >> >
