@ha...@in-tools.com<mailto:ha...@in-tools.com>, @Piotr Zarzycki<mailto:piotrzarzyck...@gmail.com>, from what I understand they need [1] the return-path header. I think either of you can find that by opening the attached eml file you received in a text editor. You can post it in the Jira and see if that gets it going.
[1] https://issues.apache.org/jira/browse/INFRA-24625 ________________________________ From: Yishay Weiss <yishayj...@hotmail.com> Sent: Tuesday, May 23, 2023 7:20 PM To: dev@royale.apache.org <dev@royale.apache.org> Subject: Re: NPM Credentials Problem Blocking Release Thanks, Harbs. We are trying to whiie-list the domain so we don't have to rely on moderators to login. Can you try replying to all? One of the addresses should have the 'allow' str which theoretically should white-list [1] [1] Mailing list moderation - Apache Infrastructure Website<https://infra.apache.org/mailing-list-moderation.html#allowing_posts> ________________________________ From: Harbs <harbs.li...@gmail.com> Sent: Tuesday, May 23, 2023 5:24 PM To: dev@royale.apache.org <dev@royale.apache.org> Subject: Re: NPM Credentials Problem Blocking Release I sent the code to Yishay via Slack. Does that work? > On May 23, 2023, at 5:22 PM, Harbs <harbs.li...@gmail.com> wrote: > > I’m getting the moderation emails with the code. Will that help? > >> On May 23, 2023, at 5:13 PM, Piotr Zarzycki <piotrzarzyck...@gmail.com> >> wrote: >> >> Hi Guys, >> >> I still need to accept one time password which are coming from npm >> addresses. We have tried with Yishay white list that email but it didn't >> work for some reason. I have raised following issue in INFR [1] >> >> [1] https://issues.apache.org/jira/browse/INFRA-24625 >> >> Thanks, >> Piotr >> >> sob., 2 kwi 2022 o 09:58 Yishay Weiss <yishayj...@hotmail.com> napisał(a): >> >>> The non-interactivity happens before ant, in publish.js. I ended up doing >>> it interactively on the CLI. >>> >>> Reading their docs [1]it looks like 2FA will be enforced at some point, so >>> we should aim IMO to work with that. Manually, I just switched the settings >>> to 2FA and then used my mobile authenticator to provide the OTP (I’ve >>> reverted it back to no 2FA). I could not get the automation token (which >>> I’ve generated) [2] to work. >>> >>> [1] Enrolling all npm publishers in enhanced login verification and next >>> steps for two-factor authentication enforcement | The GitHub Blog< >>> https://github.blog/2021-12-07-enrolling-npm-publishers-enhanced-login-verification-two-factor-authentication-enforcement/ >>>> >>> >>> [2] Creating and viewing access tokens | npm Docs (npmjs.com)< >>> https://docs.npmjs.com/creating-and-viewing-access-tokens#creating-access-tokens >>>> >>> >>> >>> From: Alex Harui<mailto:aha...@adobe.com.INVALID> >>> Sent: Friday, April 1, 2022 9:04 PM >>> To: dev@royale.apache.org<mailto:dev@royale.apache.org> >>> Subject: Re: NPM Credentials Problem Blocking Release >>> >>> Hi Yishay, >>> >>> All of my Royale stuff is on another old laptop and I won't have access to >>> it for another 7 days. >>> >>> It could be that Ant is not running in a mode that allows for a prompt. I >>> don't remember if we had OTP when publishing in the past. >>> >>> -Alex >>> >>> On 4/1/22, 10:51 AM, "Yishay Weiss" <yishayj...@hotmail.com> wrote: >>> >>> Thanks, they’re coming through now. >>> >>> Being new to npm publishing I have not been able to modify the ant >>> scripts to make this work. So any help would be appreciated. The script >>> fails on adduser [1]. >>> >>> I’ve tried adding an .npmrc file under royale-asjs with >>> >>> //registry.npmjs.org/:_authToken=<…> >>> >>> But that didn’t help. >>> >>> Any ideas? >>> >>> [1] >>> [exec] Publishing to NPM: @apache-royale/royale-js version: >>> 0.9.9... >>> [exec] info attempt registry request try #1 at 8:37:34 PM >>> [exec] http request PUT >>> https://registry.npmjs.org/-/user/org.couchdb.user:apache-royale-owner >>> [exec] info attempt registry request try #1 at 8:37:35 PM >>> [exec] http request PUT >>> https://registry.npmjs.org/@apache-royale%2froyale-js >>> [exec] http 401 >>> https://registry.npmjs.org/-/user/org.couchdb.user:apache-royale-owner >>> [exec] WARN notice Please use the one-time password (OTP) from >>> your authenticator application >>> [exec] WARN adduser Incorrect username or password >>> [exec] WARN adduser You can reset your account by visiting: >>> [exec] WARN adduser >>> [exec] WARN adduser >>> https://npmjs.org/forgot >>> [exec] WARN adduser >>> [exec] >>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:52 >>> [exec] throw new Error(error); >>> [exec] ^ >>> [exec] >>> [exec] Error: Error: failed to authenticate: Could not >>> authenticate apache-royale-owner: bad otp : >>> -/user/org.couchdb.user:apache-royale-owner >>> [exec] at >>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:52:14 >>> [exec] at >>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14 >>> [exec] at >>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16 >>> [exec] at f >>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25) >>> [exec] at >>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10 >>> [exec] at >>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12 >>> [exec] at f >>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25) >>> [exec] at RegClient.<anonymous> >>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12) >>> [exec] at Request._callback >>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14) >>> [exec] at Request.self.callback >>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22) >>> [exec] at Request.emit (events.js:315:20) >>> [exec] at Request.<anonymous> >>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10) >>> [exec] at Request.emit (events.js:315:20) >>> [exec] at IncomingMessage.<anonymous> >>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12) >>> [exec] at Object.onceWrapper (events.js:421:28) >>> [exec] at IncomingMessage.emit (events.js:327:22) >>> >>> BUILD FAILED >>> C:\dev\release_royale\releasecandidate.xml:1363: exec returned: 1 >>> >>> From: Alex Harui<mailto:aha...@adobe.com.INVALID> >>> Sent: Friday, April 1, 2022 12:25 AM >>> To: dev@royale.apache.org<mailto:dev@royale.apache.org> >>> Subject: Re: NPM Credentials Problem Blocking Release >>> >>> Infra says the actual sender is not supp...@npmjs.com. They have >>> implemented a custom solution. Yishay, can you try again? >>> >>> Thanks, >>> -Alex >>> >>> On 3/31/22, 1:39 PM, "Alex Harui" <aha...@adobe.com.INVALID> wrote: >>> >>> Yeah, not sure why that didn't work. I'll email infra. >>> >>> On 3/31/22, 12:53 PM, "Harbs" <harbs.li...@gmail.com> wrote: >>> >>> I don’t know why it didn’t work. >>> >>> We should probably ask Infra. >>> >>>> On Mar 31, 2022, at 10:23 PM, Yishay Weiss < >>> yishayj...@hotmail.com> wrote: >>>> >>>> I thought Alex fixed it so it doesn’t need you to approve… >>> It’s expired and you should see a couple of more such messages. >>>> >>>> From: Harbs<mailto:harbs.li...@gmail.com> >>>> Sent: Thursday, March 31, 2022 10:06 PM >>>> To: Apache Royale Development<mailto:dev@royale.apache.org> >>>> Subject: Re: NPM Credentials Problem Blocking Release >>>> >>>> I approved and should have added it again to the allow list. >>>> >>>> It came through. If it expired already, try again. Hopefully >>> it’ll work... >>>> >>>>> On Mar 31, 2022, at 10:01 PM, Yishay Weiss < >>> yishayj...@hotmail.com> wrote: >>>>> >>>>> I just tried logging in, got the OTP sent message, but am >>> not seeing it in private. >>>>> >>>>> From: Alex Harui<mailto:aha...@adobe.com.INVALID> >>>>> Sent: Thursday, March 31, 2022 7:44 PM >>>>> To: dev@royale.apache.org<mailto:dev@royale.apache.org> >>>>> Subject: Re: NPM Credentials Problem Blocking Release >>>>> >>>>> OK, supp...@npmjs.com is now on the allow list. Yishay, >>> if you try to publish again, in theory the NPM messages will go straight to >>> private@. Let us know if that isn't happening. I'll try to look for >>> moderator messages but they often go to junk and I can't control settings >>> for my corporate email. >>>>> >>>>> FWIW, Here's a link to some doc on the EZMLM robot that >>> runs ASF mailing lists. >>> https://untroubled.org/ezmlm/manual/ >>>>> >>>>> The command I sent was executed by sending an email to >>> private-allow-subscribe-support=npmjs....@royale.apache.org >>>>> Any list moderator can send to these sort of email >>> addresses and the robot will parse the address and execute a command. We >>> can subscribe and unsubscribe people, allow them to send and not receive, >>> get a list of all subscribers and more. >>>>> >>>>> HTH, >>>>> -Alex >>>>> >>>>> On 3/31/22, 8:44 AM, "Josh Tynjala" < >>> joshtynj...@bowlerhat.dev> wrote: >>>>> >>>>> Do it. >>>>> >>>>> -- >>>>> Josh Tynjala >>>>> Bowler Hat LLC < >>> https://bowlerhat.dev/ >>>> >>>>> >>>>> >>>>> On Wed, Mar 30, 2022 at 11:24 PM Alex Harui >>> <aha...@adobe.com.invalid> >>>>> wrote: >>>>> >>>>>> Each mailing list has an "allow" subscriber list that is >>> different from >>>>>> the regular subscriber list. "allow" can send but can't >>> receive. The >>>>>> syntax can be extracted from the moderator emails. If we >>> get consensus to >>>>>> try it, I'll send the command. >>>>>> >>>>>> On 3/30/22, 11:17 PM, "Piotr Zarzycki" < >>> piotrzarzyck...@gmail.com> wrote: >>>>>> >>>>>> I don’t know how to whitelist that email but I will try >>> to figure it >>>>>> out >>>>>> soon. >>>>>> >>>>>> On Thu, 31 Mar 2022 at 06:06, Alex Harui >>> <aha...@adobe.com.invalid> >>>>>> wrote: >>>>>> >>>>>>> Yishay, maybe you can also be a moderator? It might also >>> be >>>>>> possible to >>>>>>> allow emails from npm without moderation. I don't >>> remember if we >>>>>> tried >>>>>>> that. It works on the other lists. There might be a >>> restriction on >>>>>>> private@. >>>>>>> >>>>>>> -Alex >>>>>>> >>>>>>> On 3/30/22, 7:55 PM, "Yishay Weiss" < >>> yishayj...@hotmail.com> wrote: >>>>>>> >>>>>>> Piotr, being the moderator, is receiving them but it’s >>> hard for >>>>>> me to >>>>>>> do anything from my side because I can’t login without a >>> OTP. >>>>>>> >>>>>>> I’m guessing we need to either create an automation >>> token, or >>>>>> change >>>>>>> the module settings to not require 2FA [1]. >>>>>>> >>>>>>> [1] Securely Automating npm publish with the New npm >>> Automation >>>>>> Tokens >>>>>>> - DEV Community< >>>>>>> >>>>>> >>> https://dev.to/bnb/securely-automating-npm-publish-with-the-new-npm-automation-tokens-oei >>>>>>>> >>>>>>> >>>>>>> From: Alex Harui<mailto:aha...@adobe.com.INVALID> >>>>>>> Sent: Tuesday, March 29, 2022 7:05 PM >>>>>>> To: dev@royale.apache.org<mailto:dev@royale.apache.org> >>>>>>> Cc: OmPrakash Muppirala<mailto:bigosma...@gmail.com> >>>>>>> Subject: Re: NPM Credentials Problem Blocking Release >>>>>>> >>>>>>> I get some emails from NPM to apache-royale-owner. I >>> can >>>>>> forward them >>>>>>> to private@royale.a.o if they aren't also going there. >>>>>>> >>>>>>> One has the subject: [npm] OTP for logging in to your >>> account: >>>>>>> apache-royale-owner >>>>>>> The other: Your npm password reset >>>>>>> >>>>>>> -Alex >>>>>>> >>>>>>> On 3/29/22, 3:37 AM, "Yishay Weiss" < >>> yishayj...@hotmail.com> >>>>>> wrote: >>>>>>> >>>>>>> Ok, looks like we’ve figured it out for now with a >>> temp >>>>>> password. >>>>>>> 2FA does not seem to be a requirement. We will update the >>> private >>>>>> list with >>>>>>> the new credentials when that’s ready. >>>>>>> >>>>>>> From: Piotr Zarzycki<mailto: >>> piotrzarzyck...@gmail.com> >>>>>>> Sent: Tuesday, March 29, 2022 11:18 AM >>>>>>> To: Apache Royale Development<mailto: >>> dev@royale.apache.org> >>>>>>> Cc: OmPrakash Muppirala<mailto:bigosma...@gmail.com >>>> >>>>>>> Subject: Re: NPM Credentials Problem Blocking >>> Release >>>>>>> >>>>>>> Yes it goes to private as I see... >>>>>>> >>>>>>> wt., 29 mar 2022 o 09:47 Yishay Weiss < >>>>>> yishayj...@hotmail.com> >>>>>>> napisał(a): >>>>>>> >>>>>>>> I’m not sure which email the new password gets sent to. >>>>>> Does it >>>>>>> go to >>>>>>>> priv...@royale.release.org<mailto: >>>>>> priv...@royale.release.org> ? >>>>>>>> >>>>>>>> Also, I see some npm requests to do 2FA which we have >>>>>> ignored. >>>>>>> It’s >>>>>>>> probably best to avoid that if possible to keep the >>> release >>>>>>> scriptable. >>>>>>>> >>>>>>>> @OmPrakash Muppirala<mailto:bigosma...@gmail.com>, are >>>>>> you the >>>>>>> one who >>>>>>>> set this up? Can you help out? >>>>>>>> >>>>>>>> Thanks. >>>>>>>> >>>>>>>> [exec] http request PUT >>>>>>>> >>>>>>> >>>>>> >>> https://registry.npmjs.org/-/user/org.couchdb.user:apache-royale-owner >>>>>>>> [exec] info attempt registry request try #1 at >>>>>> 10:39:44 AM >>>>>>>> [exec] http request PUT >>>>>>>> >>>>>>> >>>>>> >>> https://registry.npmjs.org/@apache-royale%2froyale-js >>>>>>>> [exec] http 401 >>>>>>>> >>>>>>> >>>>>> >>> https://registry.npmjs.org/-/user/org.couchdb.user:apache-royale-owner >>>>>>>> [exec] WARN notice Please check your email for a >>>>>> one-time >>>>>>> password >>>>>>>> (OTP) >>>>>>>> [exec] WARN adduser Incorrect username or password >>>>>>>> [exec] WARN adduser You can reset your account by >>>>>> visiting: >>>>>>>> [exec] WARN adduser >>>>>>>> [exec] WARN adduser >>>>>>> >>>>>> >>> https://npmjs.org/forgot >>>>>>>> [exec] WARN adduser >>>>>>>> [exec] >>>>>>>> >>>>>>> >>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51 >>>>>>>> [exec] throw new Error(error); >>>>>>>> [exec] ^ >>>>>>>> [exec] >>>>>>>> [exec] Error: Error: failed to authenticate: A One >>>>>> Time >>>>>>> Password >>>>>>>> (OTP) by email is required. : >>>>>>> -/user/org.couchdb.user:apache-royale-owner >>>>>>>> [exec] at >>>>>>>> >>>>>>> >>>>>> >>> C:\dev\release_royale\royale-asjs\npm\release-scripts\publish.js:51:14 >>>>>>>> [exec] at >>>>>>>> >>>>>>> >>>>>> >>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:125:14 >>>>>>>> [exec] at >>>>>>>> >>>>>>> >>>>>> >>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\adduser.js:73:16 >>>>>>>> [exec] at f >>>>>>>> >>>>>>> >>>>>> >>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25) >>>>>>>> [exec] at >>>>>>>> >>>>>>> >>>>>> >>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:91:10 >>>>>>>> [exec] at >>>>>>>> >>>>>>> >>>>>> >>> C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:105:12 >>>>>>>> [exec] at f >>>>>>>> >>>>>>> >>>>>> >>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\once\once.js:25:25) >>>>>>>> [exec] at RegClient.<anonymous> >>>>>>>> >>>>>>> >>>>>> >>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:324:12) >>>>>>>> [exec] at Request._callback >>>>>>>> >>>>>>> >>>>>> >>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\npm-registry-client\lib\request.js:216:14) >>>>>>>> [exec] at Request.self.callback >>>>>>>> >>>>>>> >>>>>> >>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:185:22) >>>>>>>> [exec] at Request.emit (events.js:315:20) >>>>>>>> [exec] at Request.<anonymous> >>>>>>>> >>>>>>> >>>>>> >>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1154:10) >>>>>>>> [exec] at Request.emit (events.js:315:20) >>>>>>>> [exec] at IncomingMessage.<anonymous> >>>>>>>> >>>>>>> >>>>>> >>> (C:\dev\release_royale\royale-asjs\npm\release-scripts\node_modules\request\request.js:1076:12) >>>>>>>> [exec] at Object.onceWrapper (events.js:421:28) >>>>>>>> [exec] at IncomingMessage.emit (events.js:327:22) >>>>>>>> >>>>>>>> BUILD FAILED >>>>>>>> C:\dev\release_royale\releasecandidate.xml:1116: The >>>>>> following >>>>>>> error >>>>>>>> occurred while executing this line: >>>>>>>> C:\dev\release_royale\releasecandidate.xml:1400: exec >>>>>> returned: 1 >>>>>>>> >>>>>>>> Total time: 7 minutes 26 seconds >>>>>>>> >>>>>>>> >>>>>>> >>>>>>> -- >>>>>>> >>>>>>> Piotr Zarzycki >>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>> >>>>>> Piotr Zarzycki >>>>>> >>>>>> >>>>> >>>> >>> >>> >>> >>> >>> >> >> -- >> >> Piotr Zarzycki >
