Remove always-auth configuration handling from action (#1436)

* Remove always-auth configuration handling from setup-node * docs: update README to note always-auth removal Update README to mention removal of always-auth input * Clarify removal of 'always-auth' input in README Updated the description of the 'always-auth' input removal for clarity.
2 weeks ago · b9b25d45f7
parent 633bb92bc0
commit b9b25d45f7
11 changed files with 34 additions and 85 deletions
--- a/README.md
+++ b/README.md
@ -16,6 +16,8 @@ This action provides the following functionality for GitHub Actions users:

 - Caching is now automatically enabled for npm projects when either the `devEngines.packageManager` field or the top-level `packageManager` field in `package.json` is set to `npm`. For other package managers, such as Yarn and pnpm, caching is disabled by default and must be configured manually using the `cache` input.

+- The `always-auth` input has been removed, as it is deprecated and will no longer be supported in future npm releases. To ensure your workflows continue to run without warnings or errors, please remove any references to `always-auth` from your configuration.  
+
 ## Breaking changes in V5 

 - Enabled caching by default with package manager detection if no cache input is provided.
@ -92,10 +94,6 @@ See [action.yml](action.yml)
    # Default: ''
    scope: ''

-    # Set always-auth option in npmrc file.
-    # Default: ''
-    always-auth: ''
-
    # Optional mirror to download binaries from.
    # Artifacts need to match the official Node.js
    # Example:
--- a/tests/authutil.test.ts
+++ b/tests/authutil.test.ts
@ -76,115 +76,102 @@ describe('authutil tests', () => {
  }

  it('Sets up npmrc for npmjs', async () => {
-    await auth.configAuthentication('https://registry.npmjs.org/', 'false');
+    await auth.configAuthentication('https://registry.npmjs.org/');

    expect(fs.statSync(rcFile)).toBeDefined();
    const contents = fs.readFileSync(rcFile, {encoding: 'utf8'});
    const rc = readRcFile(rcFile);
    expect(rc['registry']).toBe('https://registry.npmjs.org/');
-    expect(rc['always-auth']).toBe('false');
  });

  it('Appends trailing slash to registry', async () => {
-    await auth.configAuthentication('https://registry.npmjs.org', 'false');
+    await auth.configAuthentication('https://registry.npmjs.org');

    expect(fs.statSync(rcFile)).toBeDefined();
    const rc = readRcFile(rcFile);
    expect(rc['registry']).toBe('https://registry.npmjs.org/');
-    expect(rc['always-auth']).toBe('false');
  });

  it('Configures scoped npm registries', async () => {
    process.env['INPUT_SCOPE'] = 'myScope';
-    await auth.configAuthentication('https://registry.npmjs.org', 'false');
+    await auth.configAuthentication('https://registry.npmjs.org');

    expect(fs.statSync(rcFile)).toBeDefined();
    const rc = readRcFile(rcFile);
    expect(rc['@myscope:registry']).toBe('https://registry.npmjs.org/');
-    expect(rc['always-auth']).toBe('false');
  });

  it('Automatically configures GPR scope', async () => {
-    await auth.configAuthentication('npm.pkg.github.com', 'false');
+    await auth.configAuthentication('npm.pkg.github.com');

    expect(fs.statSync(rcFile)).toBeDefined();
    const rc = readRcFile(rcFile);
    expect(rc['@ownername:registry']).toBe('npm.pkg.github.com/');
-    expect(rc['always-auth']).toBe('false');
-  });
-
-  it('Sets up npmrc for always-auth true', async () => {
-    await auth.configAuthentication('https://registry.npmjs.org/', 'true');
-    expect(fs.statSync(rcFile)).toBeDefined();
-    const rc = readRcFile(rcFile);
-    expect(rc['registry']).toBe('https://registry.npmjs.org/');
-    expect(rc['always-auth']).toBe('true');
  });

  it('is already set the NODE_AUTH_TOKEN export it', async () => {
    process.env.NODE_AUTH_TOKEN = 'foobar';
-    await auth.configAuthentication('npm.pkg.github.com', 'false');
+    await auth.configAuthentication('npm.pkg.github.com');
    expect(fs.statSync(rcFile)).toBeDefined();
    const rc = readRcFile(rcFile);
    expect(rc['@ownername:registry']).toBe('npm.pkg.github.com/');
-    expect(rc['always-auth']).toBe('false');
    expect(process.env.NODE_AUTH_TOKEN).toEqual('foobar');
  });

  it('configAuthentication should overwrite non-scoped with non-scoped', async () => {
    fs.writeFileSync(rcFile, 'registry=NNN');
-    await auth.configAuthentication('https://registry.npmjs.org/', 'true');
+    await auth.configAuthentication('https://registry.npmjs.org/');
    const contents = fs.readFileSync(rcFile, {encoding: 'utf8'});
    expect(contents).toBe(
-      `//registry.npmjs.org/:_authToken=\${NODE_AUTH_TOKEN}${os.EOL}registry=https://registry.npmjs.org/${os.EOL}always-auth=true`
+      `//registry.npmjs.org/:_authToken=\${NODE_AUTH_TOKEN}${os.EOL}registry=https://registry.npmjs.org/`
    );
  });

  it('configAuthentication should overwrite only non-scoped', async () => {
    fs.writeFileSync(rcFile, `registry=NNN${os.EOL}@myscope:registry=MMM`);
-    await auth.configAuthentication('https://registry.npmjs.org/', 'true');
+    await auth.configAuthentication('https://registry.npmjs.org/');
    const contents = fs.readFileSync(rcFile, {encoding: 'utf8'});
    expect(contents).toBe(
-      `@myscope:registry=MMM${os.EOL}//registry.npmjs.org/:_authToken=\${NODE_AUTH_TOKEN}${os.EOL}registry=https://registry.npmjs.org/${os.EOL}always-auth=true`
+      `@myscope:registry=MMM${os.EOL}//registry.npmjs.org/:_authToken=\${NODE_AUTH_TOKEN}${os.EOL}registry=https://registry.npmjs.org/`
    );
  });

  it('configAuthentication should add non-scoped to scoped', async () => {
    fs.writeFileSync(rcFile, '@myscope:registry=NNN');
-    await auth.configAuthentication('https://registry.npmjs.org/', 'true');
+    await auth.configAuthentication('https://registry.npmjs.org/');
    const contents = fs.readFileSync(rcFile, {encoding: 'utf8'});
    expect(contents).toBe(
-      `@myscope:registry=NNN${os.EOL}//registry.npmjs.org/:_authToken=\${NODE_AUTH_TOKEN}${os.EOL}registry=https://registry.npmjs.org/${os.EOL}always-auth=true`
+      `@myscope:registry=NNN${os.EOL}//registry.npmjs.org/:_authToken=\${NODE_AUTH_TOKEN}${os.EOL}registry=https://registry.npmjs.org/`
    );
  });

  it('configAuthentication should overwrite scoped with scoped', async () => {
    process.env['INPUT_SCOPE'] = 'myscope';
    fs.writeFileSync(rcFile, `@myscope:registry=NNN`);
-    await auth.configAuthentication('https://registry.npmjs.org/', 'true');
+    await auth.configAuthentication('https://registry.npmjs.org/');
    const contents = fs.readFileSync(rcFile, {encoding: 'utf8'});
    expect(contents).toBe(
-      `//registry.npmjs.org/:_authToken=\${NODE_AUTH_TOKEN}${os.EOL}@myscope:registry=https://registry.npmjs.org/${os.EOL}always-auth=true`
+      `//registry.npmjs.org/:_authToken=\${NODE_AUTH_TOKEN}${os.EOL}@myscope:registry=https://registry.npmjs.org/`
    );
  });

  it('configAuthentication should overwrite only scoped', async () => {
    process.env['INPUT_SCOPE'] = 'myscope';
    fs.writeFileSync(rcFile, `registry=NNN${os.EOL}@myscope:registry=MMM`);
-    await auth.configAuthentication('https://registry.npmjs.org/', 'true');
+    await auth.configAuthentication('https://registry.npmjs.org/');
    const contents = fs.readFileSync(rcFile, {encoding: 'utf8'});
    expect(contents).toBe(
-      `registry=NNN${os.EOL}//registry.npmjs.org/:_authToken=\${NODE_AUTH_TOKEN}${os.EOL}@myscope:registry=https://registry.npmjs.org/${os.EOL}always-auth=true`
+      `registry=NNN${os.EOL}//registry.npmjs.org/:_authToken=\${NODE_AUTH_TOKEN}${os.EOL}@myscope:registry=https://registry.npmjs.org/`
    );
  });

  it('configAuthentication should add scoped to non-scoped', async () => {
    process.env['INPUT_SCOPE'] = 'myscope';
    fs.writeFileSync(rcFile, `registry=MMM`);
-    await auth.configAuthentication('https://registry.npmjs.org/', 'true');
+    await auth.configAuthentication('https://registry.npmjs.org/');
    const contents = fs.readFileSync(rcFile, {encoding: 'utf8'});
    expect(contents).toBe(
-      `registry=MMM${os.EOL}//registry.npmjs.org/:_authToken=\${NODE_AUTH_TOKEN}${os.EOL}@myscope:registry=https://registry.npmjs.org/${os.EOL}always-auth=true`
+      `registry=MMM${os.EOL}//registry.npmjs.org/:_authToken=\${NODE_AUTH_TOKEN}${os.EOL}@myscope:registry=https://registry.npmjs.org/`
    );
  });

@ -194,20 +181,20 @@ describe('authutil tests', () => {
      rcFile,
      `@otherscope:registry=NNN${os.EOL}@myscope:registry=MMM`
    );
-    await auth.configAuthentication('https://registry.npmjs.org/', 'true');
+    await auth.configAuthentication('https://registry.npmjs.org/');
    const contents = fs.readFileSync(rcFile, {encoding: 'utf8'});
    expect(contents).toBe(
-      `@otherscope:registry=NNN${os.EOL}//registry.npmjs.org/:_authToken=\${NODE_AUTH_TOKEN}${os.EOL}@myscope:registry=https://registry.npmjs.org/${os.EOL}always-auth=true`
+      `@otherscope:registry=NNN${os.EOL}//registry.npmjs.org/:_authToken=\${NODE_AUTH_TOKEN}${os.EOL}@myscope:registry=https://registry.npmjs.org/`
    );
  });

  it('configAuthentication should add scoped to another scoped', async () => {
    process.env['INPUT_SCOPE'] = 'myscope';
    fs.writeFileSync(rcFile, `@otherscope:registry=MMM`);
-    await auth.configAuthentication('https://registry.npmjs.org/', 'true');
+    await auth.configAuthentication('https://registry.npmjs.org/');
    const contents = fs.readFileSync(rcFile, {encoding: 'utf8'});
    expect(contents).toBe(
-      `@otherscope:registry=MMM${os.EOL}//registry.npmjs.org/:_authToken=\${NODE_AUTH_TOKEN}${os.EOL}@myscope:registry=https://registry.npmjs.org/${os.EOL}always-auth=true`
+      `@otherscope:registry=MMM${os.EOL}//registry.npmjs.org/:_authToken=\${NODE_AUTH_TOKEN}${os.EOL}@myscope:registry=https://registry.npmjs.org/`
    );
  });
 });
--- a/tests/canary-installer.test.ts
+++ b/tests/canary-installer.test.ts
@ -227,7 +227,6 @@ describe('setup-node', () => {
    const versionSpec = '11.15.0';

    inputs['node-version'] = versionSpec;
-    inputs['always-auth'] = false;
    inputs['token'] = 'faketoken';

    // ... but not in the local cache
@ -283,7 +282,6 @@ describe('setup-node', () => {
    const versionSpec = '19.0.0-v8-canary';

    inputs['node-version'] = versionSpec;
-    inputs['always-auth'] = false;
    inputs['token'] = 'faketoken';

    findSpy.mockImplementation(() => '');
@ -324,7 +322,6 @@ describe('setup-node', () => {

      inputs['node-version'] = version;
      inputs['architecture'] = arch;
-      inputs['always-auth'] = false;
      inputs['token'] = 'faketoken';

      const expectedUrl = `https://nodejs.org/download/v8-canary/v${version}/node-v${version}-${platform}-${arch}.${fileExtension}`;
@ -569,7 +566,6 @@ describe('setup-node', () => {
      const versionSpec = 'v20-v8-canary';

      inputs['node-version'] = versionSpec;
-      inputs['always-auth'] = false;
      inputs['token'] = 'faketoken';

      os.platform = 'linux';
--- a/tests/nightly-installer.test.ts
+++ b/tests/nightly-installer.test.ts
@ -255,7 +255,6 @@ describe('setup-node', () => {
    const versionSpec = '13.13.1-nightly20200415947ddec091';

    inputs['node-version'] = versionSpec;
-    inputs['always-auth'] = false;
    inputs['token'] = 'faketoken';

    // ... but not in the local cache
@ -291,7 +290,6 @@ describe('setup-node', () => {
    ];

    inputs['node-version'] = versionSpec;
-    inputs['always-auth'] = false;
    inputs['token'] = 'faketoken';

    // ... but not in the local cache
@ -333,7 +331,6 @@ describe('setup-node', () => {
    ];

    inputs['node-version'] = versionSpec;
-    inputs['always-auth'] = false;
    inputs['token'] = 'faketoken';

    // ... but not in the local cache
@ -389,7 +386,6 @@ describe('setup-node', () => {
    const versionSpec = '18.0.0-nightly202204180699150267';

    inputs['node-version'] = versionSpec;
-    inputs['always-auth'] = false;
    inputs['token'] = 'faketoken';

    findSpy.mockImplementation(() => '');
@ -427,7 +423,6 @@ describe('setup-node', () => {

      inputs['node-version'] = version;
      inputs['architecture'] = arch;
-      inputs['always-auth'] = false;
      inputs['token'] = 'faketoken';

      const expectedUrl = `https://nodejs.org/download/nightly/v${version}/node-v${version}-${platform}-${arch}.${fileExtension}`;
@ -473,7 +468,6 @@ describe('setup-node', () => {

      inputs['node-version'] = version;
      inputs['architecture'] = arch;
-      inputs['always-auth'] = false;
      inputs['token'] = 'faketoken';
      inputs['mirror'] = 'https://my-mirror.org';
      inputs['mirror-token'] = 'my-mirror-token';
--- a/tests/official-installer.test.ts
+++ b/tests/official-installer.test.ts
@ -235,7 +235,6 @@ describe('setup-node', () => {
    const resolvedVersion = versionSpec;

    inputs['node-version'] = versionSpec;
-    inputs['always-auth'] = false;
    inputs['token'] = 'faketoken';

    const expectedUrl =
@ -290,7 +289,6 @@ describe('setup-node', () => {
    const versionSpec = '11.15.0';
    const mirror = 'https://my_mirror_url';
    inputs['node-version'] = versionSpec;
-    inputs['always-auth'] = false;
    inputs['token'] = 'faketoken';
    inputs['mirror'] = mirror;
    inputs['mirror-token'] = 'faketoken';
@ -327,7 +325,6 @@ describe('setup-node', () => {
    const versionSpec = '11.15.0';

    inputs['node-version'] = versionSpec;
-    inputs['always-auth'] = false;
    inputs['token'] = 'faketoken';

    // ... but not in the local cache
@ -385,7 +382,6 @@ describe('setup-node', () => {
    const resolvedVersion = versionSpec;

    inputs['node-version'] = versionSpec;
-    inputs['always-auth'] = false;
    inputs['token'] = 'faketoken';

    findSpy.mockImplementation(() => '');
@ -405,7 +401,6 @@ describe('setup-node', () => {
    const versionSpec = '11.15.0';

    inputs['node-version'] = versionSpec;
-    inputs['always-auth'] = false;
    inputs['token'] = 'faketoken';

    // ... but not in the local cache
@ -448,7 +443,6 @@ describe('setup-node', () => {

      inputs['node-version'] = version;
      inputs['architecture'] = arch;
-      inputs['always-auth'] = false;
      inputs['token'] = 'faketoken';

      const expectedUrl =
@ -560,7 +554,6 @@ describe('setup-node', () => {

      inputs['node-version'] = versionSpec;
      inputs['check-latest'] = 'true';
-      inputs['always-auth'] = false;
      inputs['token'] = 'faketoken';

      // ... but not in the local cache
@ -602,7 +595,6 @@ describe('setup-node', () => {

      inputs['node-version'] = versionSpec;
      inputs['check-latest'] = 'true';
-      inputs['always-auth'] = false;
      inputs['token'] = 'faketoken';

      // ... but not in the local cache
@ -882,7 +874,6 @@ describe('setup-node', () => {

      inputs['node-version'] = version;
      inputs['architecture'] = arch;
-      inputs['always-auth'] = false;
      inputs['token'] = 'faketoken';
      inputs['mirror'] = 'https://my_mirror_url';
      inputs['mirror-token'] = 'faketoken';
--- a/tests/rc-installer.test.ts
+++ b/tests/rc-installer.test.ts
@ -194,7 +194,6 @@ describe('setup-node', () => {
    const versionSpec = '13.0.0-rc.0';

    inputs['node-version'] = versionSpec;
-    inputs['always-auth'] = false;
    inputs['token'] = 'faketoken';

    // ... but not in the local cache
@ -239,7 +238,6 @@ describe('setup-node', () => {
    const versionSpec = '14.7.0-rc.1';

    inputs['node-version'] = versionSpec;
-    inputs['always-auth'] = false;
    inputs['token'] = 'faketoken';

    findSpy.mockImplementation(() => '');
@ -268,7 +266,6 @@ describe('setup-node', () => {

      inputs['node-version'] = version;
      inputs['architecture'] = arch;
-      inputs['always-auth'] = false;
      inputs['token'] = 'faketoken';

      const expectedUrl = `https://nodejs.org/download/rc/v${version}/node-v${version}-${platform}-${arch}.${fileExtension}`;
--- a/action.yml
+++ b/action.yml
@ -2,9 +2,6 @@ name: 'Setup Node.js environment'
 description: 'Setup a Node.js environment by adding problem matchers and optionally downloading and adding it to the PATH.'
 author: 'GitHub'
 inputs:
-  always-auth:
-    description: 'Set always-auth in npmrc.'
-    default: 'false'
  node-version:
    description: 'Version Spec of the version to use. Examples: 12.x, 10.15.1, >=10.15.0.'
  node-version-file:
--- a/dist/setup/index.js
+++ b/dist/setup/index.js
@ -98589,15 +98589,15 @@ const os = __importStar(__nccwpck_require__(70857));
 const path = __importStar(__nccwpck_require__(16928));
 const core = __importStar(__nccwpck_require__(37484));
 const github = __importStar(__nccwpck_require__(93228));
-function configAuthentication(registryUrl, alwaysAuth) {
+function configAuthentication(registryUrl) {
    const npmrc = path.resolve(process.env['RUNNER_TEMP'] || process.cwd(), '.npmrc');
    if (!registryUrl.endsWith('/')) {
        registryUrl += '/';
    }
-    writeRegistryToFile(registryUrl, npmrc, alwaysAuth);
+    writeRegistryToFile(registryUrl, npmrc);
 }
 exports.configAuthentication = configAuthentication;
-function writeRegistryToFile(registryUrl, fileLocation, alwaysAuth) {
+function writeRegistryToFile(registryUrl, fileLocation) {
    let scope = core.getInput('scope');
    if (!scope && registryUrl.indexOf('npm.pkg.github.com') > -1) {
        scope = github.context.repo.owner;
@ -98622,8 +98622,7 @@ function writeRegistryToFile(registryUrl, fileLocation, alwaysAuth) {
    // Remove http: or https: from front of registry.
    const authString = registryUrl.replace(/(^\w+:|^)/, '') + ':_authToken=${NODE_AUTH_TOKEN}';
    const registryString = `${scope}registry=${registryUrl}`;
-    const alwaysAuthString = `always-auth=${alwaysAuth}`;
-    newContents += `${authString}${os.EOL}${registryString}${os.EOL}${alwaysAuthString}`;
+    newContents += `${authString}${os.EOL}${registryString}`;
    fs.writeFileSync(fileLocation, newContents);
    core.exportVariable('NPM_CONFIG_USERCONFIG', fileLocation);
    // Export empty node_auth_token if didn't exist so npm doesn't complain about not being able to find it
@ -99857,9 +99856,8 @@ function run() {
            }
            yield (0, util_1.printEnvDetailsAndSetOutput)();
            const registryUrl = core.getInput('registry-url');
-            const alwaysAuth = core.getInput('always-auth');
            if (registryUrl) {
-                auth.configAuthentication(registryUrl, alwaysAuth);
+                auth.configAuthentication(registryUrl);
            }
            const cacheDependencyPath = core.getInput('cache-dependency-path');
            if ((0, cache_utils_1.isCacheFeatureAvailable)()) {
--- a/docs/advanced-usage.md
+++ b/docs/advanced-usage.md
@ -446,9 +446,6 @@ To access private GitHub Packages within the same organization, go to "Manage Ac

 Please refer to the [Ensuring workflow access to your package - Configuring a package's access control and visibility](https://docs.github.com/en/packages/learn-github-packages/configuring-a-packages-access-control-and-visibility#ensuring-workflow-access-to-your-package) for more details.

-### always-auth input
-The always-auth input sets `always-auth=true` in .npmrc file. With this option set [npm](https://docs.npmjs.com/cli/v6/using-npm/config#always-auth)/yarn sends the authentication credentials when making a request to the registries.
-
 ## Use private mirror

 It is possible to use a private mirror hosting Node.js binaries. This mirror must be a full mirror of the official Node.js distribution.
--- a/src/authutil.ts
+++ b/src/authutil.ts
@ -4,7 +4,7 @@ import * as path from 'path';
 import * as core from '@actions/core';
 import * as github from '@actions/github';

-export function configAuthentication(registryUrl: string, alwaysAuth: string) {
+export function configAuthentication(registryUrl: string) {
  const npmrc: string = path.resolve(
    process.env['RUNNER_TEMP'] || process.cwd(),
    '.npmrc'
@ -13,14 +13,10 @@ export function configAuthentication(registryUrl: string, alwaysAuth: string) {
    registryUrl += '/';
  }

-  writeRegistryToFile(registryUrl, npmrc, alwaysAuth);
+  writeRegistryToFile(registryUrl, npmrc);
 }

-function writeRegistryToFile(
-  registryUrl: string,
-  fileLocation: string,
-  alwaysAuth: string
-) {
+function writeRegistryToFile(registryUrl: string, fileLocation: string) {
  let scope: string = core.getInput('scope');
  if (!scope && registryUrl.indexOf('npm.pkg.github.com') > -1) {
    scope = github.context.repo.owner;
@ -47,8 +43,7 @@ function writeRegistryToFile(
  const authString: string =
    registryUrl.replace(/(^\w+:|^)/, '') + ':_authToken=${NODE_AUTH_TOKEN}';
  const registryString = `${scope}registry=${registryUrl}`;
-  const alwaysAuthString = `always-auth=${alwaysAuth}`;
-  newContents += `${authString}${os.EOL}${registryString}${os.EOL}${alwaysAuthString}`;
+  newContents += `${authString}${os.EOL}${registryString}`;
  fs.writeFileSync(fileLocation, newContents);
  core.exportVariable('NPM_CONFIG_USERCONFIG', fileLocation);
  // Export empty node_auth_token if didn't exist so npm doesn't complain about not being able to find it
--- a/src/main.ts
+++ b/src/main.ts
@ -62,9 +62,8 @@ export async function run() {
    await printEnvDetailsAndSetOutput();

    const registryUrl: string = core.getInput('registry-url');
-    const alwaysAuth: string = core.getInput('always-auth');
    if (registryUrl) {
-      auth.configAuthentication(registryUrl, alwaysAuth);
+      auth.configAuthentication(registryUrl);
    }

    const cacheDependencyPath = core.getInput('cache-dependency-path');