Yishay, I have no idea what he is talking about and how to full fill that request. I'm trying to make you a moderator of that list. Look into jira comments - I'm having some problems - once they resolve it I will make you moderator.
wt., 23 maj 2023 o 19:07 Yishay Weiss <yishayj...@hotmail.com> napisał(a): > @ha...@in-tools.com <ha...@in-tools.com>, @Piotr Zarzycki > <piotrzarzyck...@gmail.com>, from what I understand they need [1] the > return-path header. I think either of you can find that by opening the > attached eml file you received in a text editor. You can post it in the > Jira and see if that gets it going. > > [1] https://issues.apache.org/jira/browse/INFRA-24625 > ------------------------------ > *From:* Yishay Weiss <yishayj...@hotmail.com> > *Sent:* Tuesday, May 23, 2023 7:20 PM > *To:* dev@royale.apache.org <dev@royale.apache.org> > *Subject:* Re: NPM Credentials Problem Blocking Release > > Thanks, Harbs. We are trying to whiie-list the domain so we don't have to > rely on moderators to login. Can you try replying to all? One of the > addresses should have the 'allow' str which theoretically should white-list > [1] > > [1] Mailing list moderation - Apache Infrastructure Website< > https://infra.apache.org/mailing-list-moderation.html#allowing_posts> > ________________________________ > From: Harbs <harbs.li...@gmail.com> > Sent: Tuesday, May 23, 2023 5:24 PM > To: dev@royale.apache.org <dev@royale.apache.org> > Subject: Re: NPM Credentials Problem Blocking Release > > I sent the code to Yishay via Slack. Does that work? > > > On May 23, 2023, at 5:22 PM, Harbs <harbs.li...@gmail.com> wrote: > > > > I’m getting the moderation emails with the code. Will that help? > > > >> On May 23, 2023, at 5:13 PM, Piotr Zarzycki <piotrzarzyck...@gmail.com> > wrote: > >> > >> Hi Guys, > >> > >> I still need to accept one time password which are coming from npm > >> addresses. We have tried with Yishay white list that email but it didn't > >> work for some reason. I have raised following issue in INFR [1] > >> > >> [1] https://issues.apache.org/jira/browse/INFRA-24625 > >> > >> Thanks, > >> Piotr > >> > >> sob., 2 kwi 2022 o 09:58 Yishay Weiss <yishayj...@hotmail.com> > napisał(a): > >> > >>> The non-interactivity happens before ant, in publish.js. I ended up > doing > >>> it interactively on the CLI. > >>> > >>> Reading their docs [1]it looks like 2FA will be enforced at some > point, so > >>> we should aim IMO to work with that. Manually, I just switched the > settings > >>> to 2FA and then used my mobile authenticator to provide the OTP (I’ve > >>> reverted it back to no 2FA). I could not get the automation token > (which > >>> I’ve generated) [2] to work. > >>> > >>> [1] Enrolling all npm publishers in enhanced login verification and > next > >>> steps for two-factor authentication enforcement | The GitHub Blog< > >>> > https://github.blog/2021-12-07-enrolling-npm-publishers-enhanced-login-verification-two-factor-authentication-enforcement/ > >>>> > >>> > >>> [2] Creating and viewing access tokens | npm Docs (npmjs.com)< > >>> > https://docs.npmjs.com/creating-and-viewing-access-tokens#creating-access-tokens > >>>> > >>> > >>> > >>> From: Alex Harui<mailto:aha...@adobe.com.INVALID > <aha...@adobe.com.INVALID>> > >>> Sent: Friday, April 1, 2022 9:04 PM > >>> To: dev@royale.apache.org<mailto:dev@royale.apache.org> > >>> Subject: Re: NPM Credentials Problem Blocking Release > >>> > >>> Hi Yishay, > >>> > >>> All of my Royale stuff is on another old laptop and I won't have > access to > >>> it for another 7 days. > >>> > >>> It could be that Ant is not running in a mode that allows for a > prompt. I > >>> don't remember if we had OTP when publishing in the past. > >>> > >>> -Alex > >>> > >>> On 4/1/22, 10:51 AM, "Yishay Weiss" <yishayj...@hotmail.com> wrote: > >>> > >>> Thanks, they’re coming through now. > >>> > >>> Being new to npm publishing I have not been able to modify the ant > >>> scripts to make this work. So any help would be appreciated. The script > >>> fails on adduser [1]. > >>> > >>> I’ve tried adding an .npmrc file under royale-asjs with > >>> > >>> //registry.npmjs.org/:_authToken=<…> > >>> > >>> But that didn’t help. > >>> > >>> Any ideas? > >>> > >>> [1] > >>> [exec] Publishing to NPM: @apache-royale/royale-js version: > >>> 0.9.9... > >>> [exec] info attempt registry request try #1 at 8:37:34 PM > >>> [exec] http request PUT > >>> https://registry.npmjs.org/-/user/org.couchdb.user:apache-royale-owner > >>> [exec] info attempt registry request try #1 at 8:37:35 PM > >>> [exec] http request PUT > >>> https://registry.npmjs.org/@apache-royale%2froyale-js > >>> [exec] http 401 > >>> https://registry.npmjs.org/-/user/org.couchdb.user:apache-royale-owner > >>> [exec] WARN notice Please use the one-time password (OTP) from > >>> your authenticator application > >>> [exec] WARN adduser Incorrect username or password > >>> [exec] WARN adduser You can reset your account by visiting: > >>> [exec] WARN adduser > >>> [exec] WARN adduser > >>> https://npmjs.org/forgot > >>> [exec] WARN adduser > >>> [exec] > >>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:52 > >>> [exec] throw new Error(error); > >>> [exec] ^ > >>> [exec] > >>> [exec] Error: Error: failed to authenticate: Could not > >>> authenticate apache-royale-owner: bad otp : > >>> -/user/org.couchdb.user:apache-royale-owner > >>> [exec] at > >>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:52:14 > >>> [exec] at > >>> > C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14 > >>> [exec] at > >>> > C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16 > >>> [exec] at f > >>> > (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25) > >>> [exec] at > >>> > C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10 > >>> [exec] at > >>> > C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12 > >>> [exec] at f > >>> > (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25) > >>> [exec] at RegClient.<anonymous> > >>> > (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12) > >>> [exec] at Request._callback > >>> > (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14) > >>> [exec] at Request.self.callback > >>> > (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22) > >>> [exec] at Request.emit (events.js:315:20) > >>> [exec] at Request.<anonymous> > >>> > (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10) > >>> [exec] at Request.emit (events.js:315:20) > >>> [exec] at IncomingMessage.<anonymous> > >>> > (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12) > >>> [exec] at Object.onceWrapper (events.js:421:28) > >>> [exec] at IncomingMessage.emit (events.js:327:22) > >>> > >>> BUILD FAILED > >>> C:\dev\release_royale\releasecandidate.xml:1363: exec returned: 1 > >>> > >>> From: Alex Harui<mailto:aha...@adobe.com.INVALID > <aha...@adobe.com.INVALID>> > >>> Sent: Friday, April 1, 2022 12:25 AM > >>> To: dev@royale.apache.org<mailto:dev@royale.apache.org> > >>> Subject: Re: NPM Credentials Problem Blocking Release > >>> > >>> Infra says the actual sender is not supp...@npmjs.com. They have > >>> implemented a custom solution. Yishay, can you try again? > >>> > >>> Thanks, > >>> -Alex > >>> > >>> On 3/31/22, 1:39 PM, "Alex Harui" <aha...@adobe.com.INVALID> wrote: > >>> > >>> Yeah, not sure why that didn't work. I'll email infra. > >>> > >>> On 3/31/22, 12:53 PM, "Harbs" <harbs.li...@gmail.com> wrote: > >>> > >>> I don’t know why it didn’t work. > >>> > >>> We should probably ask Infra. > >>> > >>>> On Mar 31, 2022, at 10:23 PM, Yishay Weiss < > >>> yishayj...@hotmail.com> wrote: > >>>> > >>>> I thought Alex fixed it so it doesn’t need you to approve… > >>> It’s expired and you should see a couple of more such messages. > >>>> > >>>> From: Harbs<mailto:harbs.li...@gmail.com <harbs.li...@gmail.com>> > >>>> Sent: Thursday, March 31, 2022 10:06 PM > >>>> To: Apache Royale Development<mailto:dev@royale.apache.org > <dev@royale.apache.org>> > >>>> Subject: Re: NPM Credentials Problem Blocking Release > >>>> > >>>> I approved and should have added it again to the allow list. > >>>> > >>>> It came through. If it expired already, try again. Hopefully > >>> it’ll work... > >>>> > >>>>> On Mar 31, 2022, at 10:01 PM, Yishay Weiss < > >>> yishayj...@hotmail.com> wrote: > >>>>> > >>>>> I just tried logging in, got the OTP sent message, but am > >>> not seeing it in private. > >>>>> > >>>>> From: Alex Harui<mailto:aha...@adobe.com.INVALID > <aha...@adobe.com.INVALID>> > >>>>> Sent: Thursday, March 31, 2022 7:44 PM > >>>>> To: dev@royale.apache.org<mailto:dev@royale.apache.org> > >>>>> Subject: Re: NPM Credentials Problem Blocking Release > >>>>> > >>>>> OK, supp...@npmjs.com is now on the allow list. Yishay, > >>> if you try to publish again, in theory the NPM messages will go > straight to > >>> private@. Let us know if that isn't happening. I'll try to look for > >>> moderator messages but they often go to junk and I can't control > settings > >>> for my corporate email. > >>>>> > >>>>> FWIW, Here's a link to some doc on the EZMLM robot that > >>> runs ASF mailing lists. > >>> https://untroubled.org/ezmlm/manual/ > >>>>> > >>>>> The command I sent was executed by sending an email to > >>> private-allow-subscribe-support=npmjs....@royale.apache.org > >>>>> Any list moderator can send to these sort of email > >>> addresses and the robot will parse the address and execute a command. > We > >>> can subscribe and unsubscribe people, allow them to send and not > receive, > >>> get a list of all subscribers and more. > >>>>> > >>>>> HTH, > >>>>> -Alex > >>>>> > >>>>> On 3/31/22, 8:44 AM, "Josh Tynjala" < > >>> joshtynj...@bowlerhat.dev> wrote: > >>>>> > >>>>> Do it. > >>>>> > >>>>> -- > >>>>> Josh Tynjala > >>>>> Bowler Hat LLC < > >>> https://bowlerhat.dev/ > >>>> > >>>>> > >>>>> > >>>>> On Wed, Mar 30, 2022 at 11:24 PM Alex Harui > >>> <aha...@adobe.com.invalid> > >>>>> wrote: > >>>>> > >>>>>> Each mailing list has an "allow" subscriber list that is > >>> different from > >>>>>> the regular subscriber list. "allow" can send but can't > >>> receive. The > >>>>>> syntax can be extracted from the moderator emails. If we > >>> get consensus to > >>>>>> try it, I'll send the command. > >>>>>> > >>>>>> On 3/30/22, 11:17 PM, "Piotr Zarzycki" < > >>> piotrzarzyck...@gmail.com> wrote: > >>>>>> > >>>>>> I don’t know how to whitelist that email but I will try > >>> to figure it > >>>>>> out > >>>>>> soon. > >>>>>> > >>>>>> On Thu, 31 Mar 2022 at 06:06, Alex Harui > >>> <aha...@adobe.com.invalid> > >>>>>> wrote: > >>>>>> > >>>>>>> Yishay, maybe you can also be a moderator? It might also > >>> be > >>>>>> possible to > >>>>>>> allow emails from npm without moderation. I don't > >>> remember if we > >>>>>> tried > >>>>>>> that. It works on the other lists. There might be a > >>> restriction on > >>>>>>> private@. > >>>>>>> > >>>>>>> -Alex > >>>>>>> > >>>>>>> On 3/30/22, 7:55 PM, "Yishay Weiss" < > >>> yishayj...@hotmail.com> wrote: > >>>>>>> > >>>>>>> Piotr, being the moderator, is receiving them but it’s > >>> hard for > >>>>>> me to > >>>>>>> do anything from my side because I can’t login without a > >>> OTP. > >>>>>>> > >>>>>>> I’m guessing we need to either create an automation > >>> token, or > >>>>>> change > >>>>>>> the module settings to not require 2FA [1]. > >>>>>>> > >>>>>>> [1] Securely Automating npm publish with the New npm > >>> Automation > >>>>>> Tokens > >>>>>>> - DEV Community< > >>>>>>> > >>>>>> > >>> > https://dev.to/bnb/securely-automating-npm-publish-with-the-new-npm-automation-tokens-oei > >>>>>>>> > >>>>>>> > >>>>>>> From: Alex Harui<mailto:aha...@adobe.com.INVALID > <aha...@adobe.com.INVALID>> > >>>>>>> Sent: Tuesday, March 29, 2022 7:05 PM > >>>>>>> To: dev@royale.apache.org<mailto:dev@royale.apache.org> > >>>>>>> Cc: OmPrakash Muppirala<mailto:bigosma...@gmail.com > <bigosma...@gmail.com>> > >>>>>>> Subject: Re: NPM Credentials Problem Blocking Release > >>>>>>> > >>>>>>> I get some emails from NPM to apache-royale-owner. I > >>> can > >>>>>> forward them > >>>>>>> to private@royale.a.o if they aren't also going there. > >>>>>>> > >>>>>>> One has the subject: [npm] OTP for logging in to your > >>> account: > >>>>>>> apache-royale-owner > >>>>>>> The other: Your npm password reset > >>>>>>> > >>>>>>> -Alex > >>>>>>> > >>>>>>> On 3/29/22, 3:37 AM, "Yishay Weiss" < > >>> yishayj...@hotmail.com> > >>>>>> wrote: > >>>>>>> > >>>>>>> Ok, looks like we’ve figured it out for now with a > >>> temp > >>>>>> password. > >>>>>>> 2FA does not seem to be a requirement. We will update the > >>> private > >>>>>> list with > >>>>>>> the new credentials when that’s ready. > >>>>>>> > >>>>>>> From: Piotr Zarzycki<mailto: > >>> piotrzarzyck...@gmail.com> > >>>>>>> Sent: Tuesday, March 29, 2022 11:18 AM > >>>>>>> To: Apache Royale Development<mailto: > >>> dev@royale.apache.org> > >>>>>>> Cc: OmPrakash Muppirala<mailto:bigosma...@gmail.com > >>>> > >>>>>>> Subject: Re: NPM Credentials Problem Blocking > >>> Release > >>>>>>> > >>>>>>> Yes it goes to private as I see... > >>>>>>> > >>>>>>> wt., 29 mar 2022 o 09:47 Yishay Weiss < > >>>>>> yishayj...@hotmail.com> > >>>>>>> napisał(a): > >>>>>>> > >>>>>>>> I’m not sure which email the new password gets sent to. > >>>>>> Does it > >>>>>>> go to > >>>>>>>> priv...@royale.release.org<mailto: > >>>>>> priv...@royale.release.org> ? > >>>>>>>> > >>>>>>>> Also, I see some npm requests to do 2FA which we have > >>>>>> ignored. > >>>>>>> It’s > >>>>>>>> probably best to avoid that if possible to keep the > >>> release > >>>>>>> scriptable. > >>>>>>>> > >>>>>>>> @OmPrakash Muppirala<mailto:bigosma...@gmail.com > <bigosma...@gmail.com>>, are > >>>>>> you the > >>>>>>> one who > >>>>>>>> set this up? Can you help out? > >>>>>>>> > >>>>>>>> Thanks. > >>>>>>>> > >>>>>>>> [exec] http request PUT > >>>>>>>> > >>>>>>> > >>>>>> > >>> https://registry.npmjs.org/-/user/org.couchdb.user:apache-royale-owner > >>>>>>>> [exec] info attempt registry request try #1 at > >>>>>> 10:39:44 AM > >>>>>>>> [exec] http request PUT > >>>>>>>> > >>>>>>> > >>>>>> > >>> https://registry.npmjs.org/@apache-royale%2froyale-js > >>>>>>>> [exec] http 401 > >>>>>>>> > >>>>>>> > >>>>>> > >>> https://registry.npmjs.org/-/user/org.couchdb.user:apache-royale-owner > >>>>>>>> [exec] WARN notice Please check your email for a > >>>>>> one-time > >>>>>>> password > >>>>>>>> (OTP) > >>>>>>>> [exec] WARN adduser Incorrect username or password > >>>>>>>> [exec] WARN adduser You can reset your account by > >>>>>> visiting: > >>>>>>>> [exec] WARN adduser > >>>>>>>> [exec] WARN adduser > >>>>>>> > >>>>>> > >>> https://npmjs.org/forgot > >>>>>>>> [exec] WARN adduser > >>>>>>>> [exec] > >>>>>>>> > >>>>>>> > >>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51 > >>>>>>>> [exec] throw new Error(error); > >>>>>>>> [exec] ^ > >>>>>>>> [exec] > >>>>>>>> [exec] Error: Error: failed to authenticate: A One > >>>>>> Time > >>>>>>> Password > >>>>>>>> (OTP) by email is required. : > >>>>>>> -/user/org.couchdb.user:apache-royale-owner > >>>>>>>> [exec] at > >>>>>>>> > >>>>>>> > >>>>>> > >>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51:14 > >>>>>>>> [exec] at > >>>>>>>> > >>>>>>> > >>>>>> > >>> > C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14 > >>>>>>>> [exec] at > >>>>>>>> > >>>>>>> > >>>>>> > >>> > C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16 > >>>>>>>> [exec] at f > >>>>>>>> > >>>>>>> > >>>>>> > >>> > (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25) > >>>>>>>> [exec] at > >>>>>>>> > >>>>>>> > >>>>>> > >>> > C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10 > >>>>>>>> [exec] at > >>>>>>>> > >>>>>>> > >>>>>> > >>> > C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12 > >>>>>>>> [exec] at f > >>>>>>>> > >>>>>>> > >>>>>> > >>> > (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25) > >>>>>>>> [exec] at RegClient.<anonymous> > >>>>>>>> > >>>>>>> > >>>>>> > >>> > (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12) > >>>>>>>> [exec] at Request._callback > >>>>>>>> > >>>>>>> > >>>>>> > >>> > (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14) > >>>>>>>> [exec] at Request.self.callback > >>>>>>>> > >>>>>>> > >>>>>> > >>> > (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22) > >>>>>>>> [exec] at Request.emit (events.js:315:20) > >>>>>>>> [exec] at Request.<anonymous> > >>>>>>>> > >>>>>>> > >>>>>> > >>> > (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10) > >>>>>>>> [exec] at Request.emit (events.js:315:20) > >>>>>>>> [exec] at IncomingMessage.<anonymous> > >>>>>>>> > >>>>>>> > >>>>>> > >>> > (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12) > >>>>>>>> [exec] at Object.onceWrapper (events.js:421:28) > >>>>>>>> [exec] at IncomingMessage.emit (events.js:327:22) > >>>>>>>> > >>>>>>>> BUILD FAILED > >>>>>>>> C:\dev\release_royale\releasecandidate.xml:1116: The > >>>>>> following > >>>>>>> error > >>>>>>>> occurred while executing this line: > >>>>>>>> C:\dev\release_royale\releasecandidate.xml:1400: exec > >>>>>> returned: 1 > >>>>>>>> > >>>>>>>> Total time: 7 minutes 26 seconds > >>>>>>>> > >>>>>>>> > >>>>>>> > >>>>>>> -- > >>>>>>> > >>>>>>> Piotr Zarzycki > >>>>>>> > >>>>>>> > >>>>>>> > >>>>>>> -- > >>>>>> > >>>>>> Piotr Zarzycki > >>>>>> > >>>>>> > >>>>> > >>>> > >>> > >>> > >>> > >>> > >>> > >> > >> -- > >> > >> Piotr Zarzycki > > > > -- Piotr Zarzycki
