From c8b6938c2cbb68d3aeb5690544b69e09b21fc280 Mon Sep 17 00:00:00 2001 From: kongenpei Date: Tue, 31 Mar 2026 17:39:06 +0800 Subject: [PATCH 01/16] ci: publish PR preview builds to pkg.pr.new --- .github/workflows/pkg-pr-new.yml | 32 ++++++++++ scripts/build-pkg-pr-new.sh | 102 +++++++++++++++++++++++++++++++ 2 files changed, 134 insertions(+) create mode 100644 .github/workflows/pkg-pr-new.yml create mode 100755 scripts/build-pkg-pr-new.sh diff --git a/.github/workflows/pkg-pr-new.yml b/.github/workflows/pkg-pr-new.yml new file mode 100644 index 00000000..c6c86c6e --- /dev/null +++ b/.github/workflows/pkg-pr-new.yml @@ -0,0 +1,32 @@ +name: PR Preview Package + +on: + pull_request: + types: [opened, synchronize, reopened, ready_for_review] + branches: [main] + +permissions: + contents: read + pull-requests: write + +jobs: + publish: + if: github.event.pull_request.draft == false + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 + + - uses: actions/setup-go@40f1582b2485089dde7abd97c1529aa768e1baff # v5 + with: + go-version-file: go.mod + + - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4 + with: + node-version: 20 + + - name: Build preview package + run: ./scripts/build-pkg-pr-new.sh + + - name: Publish to pkg.pr.new + run: npx pkg-pr-new publish --bin ./.pkg-pr-new diff --git a/scripts/build-pkg-pr-new.sh b/scripts/build-pkg-pr-new.sh new file mode 100755 index 00000000..19b8f3d8 --- /dev/null +++ b/scripts/build-pkg-pr-new.sh @@ -0,0 +1,102 @@ +#!/usr/bin/env bash +set -euo pipefail + +ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)" +OUT_DIR="$ROOT_DIR/.pkg-pr-new" + +cd "$ROOT_DIR" + +python3 scripts/fetch_meta.py + +rm -rf "$OUT_DIR" +mkdir -p "$OUT_DIR/bin" "$OUT_DIR/scripts" + +VERSION="$(node -p "require('./package.json').version")" +DATE="$(date -u +%Y-%m-%dT%H:%M:%SZ)" +SHA="$(git rev-parse --short HEAD)" +LDFLAGS="-s -w -X github.com/larksuite/cli/internal/build.Version=${VERSION}-${SHA} -X github.com/larksuite/cli/internal/build.Date=${DATE}" + +build_target() { + local goos="$1" + local goarch="$2" + local ext="" + if [[ "$goos" == "windows" ]]; then + ext=".exe" + fi + + local output="$OUT_DIR/bin/lark-cli-${goos}-${goarch}${ext}" + echo "Building ${goos}/${goarch} -> ${output}" + CGO_ENABLED=0 GOOS="$goos" GOARCH="$goarch" go build -trimpath -ldflags "$LDFLAGS" -o "$output" ./main.go +} + +build_target darwin amd64 +build_target darwin arm64 +build_target linux amd64 +build_target linux arm64 +build_target windows amd64 +build_target windows arm64 + +cat > "$OUT_DIR/scripts/run.js" <<'RUNJS' +#!/usr/bin/env node +const path = require("path"); +const { execFileSync } = require("child_process"); + +const isWindows = process.platform === "win32"; + +const platformMap = { + darwin: "darwin", + linux: "linux", + win32: "windows", +}; + +const archMap = { + x64: "amd64", + arm64: "arm64", +}; + +const platform = platformMap[process.platform]; +const arch = archMap[process.arch]; + +if (!platform || !arch) { + console.error(`Unsupported platform: ${process.platform}-${process.arch}`); + process.exit(1); +} + +const ext = isWindows ? ".exe" : ""; +const binary = path.join(__dirname, "..", "bin", `lark-cli-${platform}-${arch}${ext}`); + +try { + execFileSync(binary, process.argv.slice(2), { stdio: "inherit" }); +} catch (err) { + process.exit(err.status || 1); +} +RUNJS + +chmod +x "$OUT_DIR/scripts/run.js" + +cat > "$OUT_DIR/package.json" < Date: Tue, 31 Mar 2026 18:00:31 +0800 Subject: [PATCH 02/16] chore: limit pkg-pr-new build targets to 3 platforms --- scripts/build-pkg-pr-new.sh | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/scripts/build-pkg-pr-new.sh b/scripts/build-pkg-pr-new.sh index 19b8f3d8..ce501c1a 100755 --- a/scripts/build-pkg-pr-new.sh +++ b/scripts/build-pkg-pr-new.sh @@ -29,12 +29,13 @@ build_target() { CGO_ENABLED=0 GOOS="$goos" GOARCH="$goarch" go build -trimpath -ldflags "$LDFLAGS" -o "$output" ./main.go } -build_target darwin amd64 build_target darwin arm64 build_target linux amd64 -build_target linux arm64 +# build_target darwin amd64 +# build_target linux arm64 build_target windows amd64 -build_target windows arm64 +# build_target windows arm64 +# TODO: Re-enable commented platforms after pr.pkg.new whitelist is approved. cat > "$OUT_DIR/scripts/run.js" <<'RUNJS' #!/usr/bin/env node From e32883b3121ccd6f93f53f1f9be06fca8b1d5bdf Mon Sep 17 00:00:00 2001 From: kongenpei Date: Tue, 31 Mar 2026 17:41:46 +0800 Subject: [PATCH 03/16] feat: add build-date log in version output --- cmd/root.go | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/cmd/root.go b/cmd/root.go index f02ddfcc..41941f4d 100644 --- a/cmd/root.go +++ b/cmd/root.go @@ -90,6 +90,7 @@ func Execute() int { Long: rootLong, Version: build.Version, } + rootCmd.SetVersionTemplate("lark-cli version {{.Version}}\nBuild date: " + buildDateForVersionOutput() + "\n") installTipsHelpFunc(rootCmd) rootCmd.SilenceErrors = true rootCmd.PersistentPreRun = func(cmd *cobra.Command, args []string) { @@ -282,6 +283,13 @@ func enrichPermissionError(f *cmdutil.Factory, exitErr *output.ExitError) { } } +func buildDateForVersionOutput() string { + if build.Date == "" { + return "unknown" + } + return build.Date +} + // extractRequiredScopes extracts scope names from the API error's permission_violations field. func extractRequiredScopes(detail interface{}) []string { m, ok := detail.(map[string]interface{}) From 2bd473b44d62a764a8476c88a81b7030709906dd Mon Sep 17 00:00:00 2001 From: kongenpei Date: Tue, 31 Mar 2026 18:04:20 +0800 Subject: [PATCH 04/16] ci: use node lts in pkg-pr-new workflow --- .github/workflows/pkg-pr-new.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pkg-pr-new.yml b/.github/workflows/pkg-pr-new.yml index c6c86c6e..0b82457f 100644 --- a/.github/workflows/pkg-pr-new.yml +++ b/.github/workflows/pkg-pr-new.yml @@ -23,7 +23,7 @@ jobs: - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4 with: - node-version: 20 + node-version: lts/* - name: Build preview package run: ./scripts/build-pkg-pr-new.sh From 420210819e750d04aede86291c8201cd4f072722 Mon Sep 17 00:00:00 2001 From: kongenpei Date: Tue, 31 Mar 2026 18:07:24 +0800 Subject: [PATCH 05/16] chore: trim pkg-pr-new to single target to fit size limit --- scripts/build-pkg-pr-new.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/scripts/build-pkg-pr-new.sh b/scripts/build-pkg-pr-new.sh index ce501c1a..54c01a96 100755 --- a/scripts/build-pkg-pr-new.sh +++ b/scripts/build-pkg-pr-new.sh @@ -30,12 +30,12 @@ build_target() { } build_target darwin arm64 -build_target linux amd64 +# build_target linux amd64 # build_target darwin amd64 # build_target linux arm64 -build_target windows amd64 +# build_target windows amd64 # build_target windows arm64 -# TODO: Re-enable commented platforms after pr.pkg.new whitelist is approved. +# TODO: Re-enable multi-platform targets after pr.pkg.new whitelist is approved. cat > "$OUT_DIR/scripts/run.js" <<'RUNJS' #!/usr/bin/env node From c214bf6740e69159bab3b54aa125cb2f0e30677f Mon Sep 17 00:00:00 2001 From: kongenpei Date: Tue, 31 Mar 2026 18:13:51 +0800 Subject: [PATCH 06/16] ci: publish pkg-pr-new package path without --bin --- .github/workflows/pkg-pr-new.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/pkg-pr-new.yml b/.github/workflows/pkg-pr-new.yml index c6c86c6e..af6970f7 100644 --- a/.github/workflows/pkg-pr-new.yml +++ b/.github/workflows/pkg-pr-new.yml @@ -23,10 +23,10 @@ jobs: - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4 with: - node-version: 20 + node-version: lts/* - name: Build preview package run: ./scripts/build-pkg-pr-new.sh - name: Publish to pkg.pr.new - run: npx pkg-pr-new publish --bin ./.pkg-pr-new + run: npx pkg-pr-new publish ./.pkg-pr-new From 3dcec688e2dbf810c181d4da7a621040cf26bb4e Mon Sep 17 00:00:00 2001 From: kongenpei Date: Tue, 31 Mar 2026 18:18:09 +0800 Subject: [PATCH 07/16] ci: disable compact pkg-pr-new urls for fork previews --- .github/workflows/pkg-pr-new.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pkg-pr-new.yml b/.github/workflows/pkg-pr-new.yml index af6970f7..4b9d5163 100644 --- a/.github/workflows/pkg-pr-new.yml +++ b/.github/workflows/pkg-pr-new.yml @@ -29,4 +29,4 @@ jobs: run: ./scripts/build-pkg-pr-new.sh - name: Publish to pkg.pr.new - run: npx pkg-pr-new publish ./.pkg-pr-new + run: npx pkg-pr-new publish --no-compact ./.pkg-pr-new From ee1b4df34d9c79803dad98241884e762c08e91b6 Mon Sep 17 00:00:00 2001 From: kongenpei Date: Tue, 31 Mar 2026 18:23:46 +0800 Subject: [PATCH 08/16] Revert "feat: add build-date log in version output" This reverts commit e32883b3121ccd6f93f53f1f9be06fca8b1d5bdf. --- cmd/root.go | 8 -------- 1 file changed, 8 deletions(-) diff --git a/cmd/root.go b/cmd/root.go index 41941f4d..f02ddfcc 100644 --- a/cmd/root.go +++ b/cmd/root.go @@ -90,7 +90,6 @@ func Execute() int { Long: rootLong, Version: build.Version, } - rootCmd.SetVersionTemplate("lark-cli version {{.Version}}\nBuild date: " + buildDateForVersionOutput() + "\n") installTipsHelpFunc(rootCmd) rootCmd.SilenceErrors = true rootCmd.PersistentPreRun = func(cmd *cobra.Command, args []string) { @@ -283,13 +282,6 @@ func enrichPermissionError(f *cmdutil.Factory, exitErr *output.ExitError) { } } -func buildDateForVersionOutput() string { - if build.Date == "" { - return "unknown" - } - return build.Date -} - // extractRequiredScopes extracts scope names from the API error's permission_violations field. func extractRequiredScopes(detail interface{}) []string { m, ok := detail.(map[string]interface{}) From 0076b7e381aac1912885442175976b64341f6ae6 Mon Sep 17 00:00:00 2001 From: kongenpei Date: Tue, 31 Mar 2026 19:27:49 +0800 Subject: [PATCH 09/16] ci: post minimal npm -g pkg-pr-new install comment --- .github/workflows/pkg-pr-new.yml | 45 +++++++++++++++++++++++++++++++- 1 file changed, 44 insertions(+), 1 deletion(-) diff --git a/.github/workflows/pkg-pr-new.yml b/.github/workflows/pkg-pr-new.yml index 4b9d5163..d7c1e809 100644 --- a/.github/workflows/pkg-pr-new.yml +++ b/.github/workflows/pkg-pr-new.yml @@ -29,4 +29,47 @@ jobs: run: ./scripts/build-pkg-pr-new.sh - name: Publish to pkg.pr.new - run: npx pkg-pr-new publish --no-compact ./.pkg-pr-new + run: npx pkg-pr-new publish --no-compact --json output.json --comment=off ./.pkg-pr-new + + - name: Comment install command + uses: actions/github-script@v7 + with: + script: | + const fs = require("fs"); + const output = JSON.parse(fs.readFileSync("output.json", "utf8")); + const url = output?.packages?.[0]?.url; + if (!url) { + throw new Error("No package URL found in output.json"); + } + + const body = `npm i -g ${url}`; + const issueNumber = context.issue.number; + + const comments = await github.rest.issues.listComments({ + owner: context.repo.owner, + repo: context.repo.repo, + issue_number: issueNumber, + per_page: 100, + }); + + const existing = comments.data.find((comment) => + comment.user?.login === "github-actions[bot]" && + typeof comment.body === "string" && + comment.body.startsWith("npm i -g https://pkg.pr.new/") + ); + + if (existing) { + await github.rest.issues.updateComment({ + owner: context.repo.owner, + repo: context.repo.repo, + comment_id: existing.id, + body, + }); + } else { + await github.rest.issues.createComment({ + owner: context.repo.owner, + repo: context.repo.repo, + issue_number: issueNumber, + body, + }); + } From 3c1e3763990a820c299dac1ae17fa76800308d92 Mon Sep 17 00:00:00 2001 From: kongenpei Date: Tue, 31 Mar 2026 19:28:57 +0800 Subject: [PATCH 10/16] chore: enable windows amd64 build for pkg-pr-new --- scripts/build-pkg-pr-new.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/build-pkg-pr-new.sh b/scripts/build-pkg-pr-new.sh index 54c01a96..63177385 100755 --- a/scripts/build-pkg-pr-new.sh +++ b/scripts/build-pkg-pr-new.sh @@ -33,7 +33,7 @@ build_target darwin arm64 # build_target linux amd64 # build_target darwin amd64 # build_target linux arm64 -# build_target windows amd64 +build_target windows amd64 # build_target windows arm64 # TODO: Re-enable multi-platform targets after pr.pkg.new whitelist is approved. From b86b7b9ea9895f16be1805a193b9e1f4b4830653 Mon Sep 17 00:00:00 2001 From: kongenpei Date: Tue, 31 Mar 2026 19:33:02 +0800 Subject: [PATCH 11/16] ci: format pkg-pr-new install comment as markdown code block --- .github/workflows/pkg-pr-new.yml | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/.github/workflows/pkg-pr-new.yml b/.github/workflows/pkg-pr-new.yml index d7c1e809..c4abb6ca 100644 --- a/.github/workflows/pkg-pr-new.yml +++ b/.github/workflows/pkg-pr-new.yml @@ -42,7 +42,13 @@ jobs: throw new Error("No package URL found in output.json"); } - const body = `npm i -g ${url}`; + const body = [ + "Install preview globally:", + "", + "```bash", + `npm i -g ${url}`, + "```", + ].join("\n"); const issueNumber = context.issue.number; const comments = await github.rest.issues.listComments({ @@ -55,7 +61,7 @@ jobs: const existing = comments.data.find((comment) => comment.user?.login === "github-actions[bot]" && typeof comment.body === "string" && - comment.body.startsWith("npm i -g https://pkg.pr.new/") + comment.body.startsWith("Install preview globally:") ); if (existing) { From 998ac7e3b2dc616e337b0a9b4303d511f7aaabbd Mon Sep 17 00:00:00 2001 From: kongenpei Date: Tue, 31 Mar 2026 19:34:27 +0800 Subject: [PATCH 12/16] ci: tweak pkg-pr-new comment wording --- .github/workflows/pkg-pr-new.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/pkg-pr-new.yml b/.github/workflows/pkg-pr-new.yml index c4abb6ca..2610c45d 100644 --- a/.github/workflows/pkg-pr-new.yml +++ b/.github/workflows/pkg-pr-new.yml @@ -43,7 +43,7 @@ jobs: } const body = [ - "Install preview globally:", + "Install this PR change globally:", "", "```bash", `npm i -g ${url}`, @@ -61,7 +61,7 @@ jobs: const existing = comments.data.find((comment) => comment.user?.login === "github-actions[bot]" && typeof comment.body === "string" && - comment.body.startsWith("Install preview globally:") + comment.body.startsWith("Install this PR change globally:") ); if (existing) { From fb58c5371f254eda908a4f8d60c7ea78a5f421a5 Mon Sep 17 00:00:00 2001 From: kongenpei Date: Tue, 31 Mar 2026 21:04:48 +0800 Subject: [PATCH 13/16] chore: enable pkg PR build targets --- scripts/build-pkg-pr-new.sh | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/scripts/build-pkg-pr-new.sh b/scripts/build-pkg-pr-new.sh index 63177385..43e539d3 100755 --- a/scripts/build-pkg-pr-new.sh +++ b/scripts/build-pkg-pr-new.sh @@ -30,12 +30,11 @@ build_target() { } build_target darwin arm64 -# build_target linux amd64 -# build_target darwin amd64 -# build_target linux arm64 +build_target linux amd64 +build_target darwin amd64 +build_target linux arm64 build_target windows amd64 -# build_target windows arm64 -# TODO: Re-enable multi-platform targets after pr.pkg.new whitelist is approved. +build_target windows arm64 cat > "$OUT_DIR/scripts/run.js" <<'RUNJS' #!/usr/bin/env node From 20b81f16faa714b435f675f757e63863d9da38d5 Mon Sep 17 00:00:00 2001 From: kongenpei Date: Wed, 1 Apr 2026 12:08:48 +0800 Subject: [PATCH 14/16] ci: split pkg.pr.new PR comment into trusted workflow_run --- .github/workflows/pkg-pr-new-comment.yml | 148 +++++++++++++++++++++++ .github/workflows/pkg-pr-new.yml | 80 ++++++------ 2 files changed, 183 insertions(+), 45 deletions(-) create mode 100644 .github/workflows/pkg-pr-new-comment.yml diff --git a/.github/workflows/pkg-pr-new-comment.yml b/.github/workflows/pkg-pr-new-comment.yml new file mode 100644 index 00000000..79a25541 --- /dev/null +++ b/.github/workflows/pkg-pr-new-comment.yml @@ -0,0 +1,148 @@ +name: PR Preview Package Comment + +on: + workflow_run: + workflows: ["PR Preview Package"] + types: [completed] + +permissions: + actions: read + contents: read + issues: write + +jobs: + comment: + if: github.event.workflow_run.conclusion == 'success' && github.event.workflow_run.event == 'pull_request' + runs-on: ubuntu-latest + + steps: + - name: Check comment payload artifact + id: payload + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 + with: + script: | + const runId = context.payload.workflow_run?.id; + const { data } = await github.rest.actions.listWorkflowRunArtifacts({ + owner: context.repo.owner, + repo: context.repo.repo, + run_id: runId, + per_page: 100, + }); + const found = Boolean( + data.artifacts?.some((artifact) => artifact.name === "pkg-pr-new-comment-payload") + ); + core.setOutput("found", found ? "true" : "false"); + if (!found) { + core.notice("No comment payload artifact found for this run; skipping comment."); + } + + - name: Download comment payload + if: steps.payload.outputs.found == 'true' + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8 + with: + name: pkg-pr-new-comment-payload + repository: ${{ github.repository }} + run-id: ${{ github.event.workflow_run.id }} + github-token: ${{ github.token }} + + - name: Comment install command + if: steps.payload.outputs.found == 'true' + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 + with: + script: | + const fs = require("fs"); + const payload = JSON.parse(fs.readFileSync("pkg-pr-new-comment-payload.json", "utf8")); + const url = payload?.url; + const payloadPr = payload?.pr; + const sourceRepo = payload?.sourceRepo; + const sourceBranch = payload?.sourceBranch; + if (!Number.isInteger(payloadPr)) { + throw new Error(`Invalid PR number in artifact payload: ${payloadPr}`); + } + if (payloadPr <= 0) { + throw new Error(`Invalid PR number in artifact payload: ${payloadPr}`); + } + const issueNumber = payloadPr; + const runPrNumber = context.payload.workflow_run?.pull_requests?.[0]?.number; + if (Number.isInteger(runPrNumber) && runPrNumber !== issueNumber) { + throw new Error( + `PR number mismatch between workflow_run (${runPrNumber}) and artifact payload (${issueNumber})`, + ); + } + + if (typeof url !== "string" || url.trim() !== url || /[\u0000-\u001F\u007F]/.test(url)) { + throw new Error(`Invalid package URL in payload: ${url}`); + } + let parsedUrl; + try { + parsedUrl = new URL(url); + } catch { + throw new Error(`Invalid package URL in payload: ${url}`); + } + if (parsedUrl.protocol !== "https:" || parsedUrl.hostname !== "pkg.pr.new") { + throw new Error(`Invalid package URL in payload: ${url}`); + } + + const safeRepoPattern = /^[A-Za-z0-9_.-]+\/[A-Za-z0-9_.-]+$/; + const safeBranchPattern = /^[A-Za-z0-9._\/-]+$/; + const hasSkillSource = + typeof sourceRepo === "string" && + typeof sourceBranch === "string" && + safeRepoPattern.test(sourceRepo) && + safeBranchPattern.test(sourceBranch); + const skillSection = hasSkillSource + ? [ + "", + "### 🧩 Skill update", + "", + "```bash", + `npx skills add ${sourceRepo}#${sourceBranch} -y -g`, + "```", + ] + : [ + "", + "### 🧩 Skill update", + "", + "_Unavailable for this PR because source repo/branch metadata is missing._", + ]; + + const body = [ + "", + "## 🚀 PR Preview Install Guide", + "", + "### 🧰 CLI update", + "", + "```bash", + `npm i -g ${url}`, + "```", + ...skillSection, + ].join("\n"); + + const comments = await github.paginate(github.rest.issues.listComments, { + owner: context.repo.owner, + repo: context.repo.repo, + issue_number: issueNumber, + per_page: 100, + }); + + const existing = comments.find((comment) => + comment.user?.login === "github-actions[bot]" && + typeof comment.body === "string" && + comment.body.includes("") + ); + + if (existing) { + await github.rest.issues.updateComment({ + owner: context.repo.owner, + repo: context.repo.repo, + comment_id: existing.id, + body, + }); + } else { + await github.rest.issues.createComment({ + owner: context.repo.owner, + repo: context.repo.repo, + issue_number: issueNumber, + body, + }); + } diff --git a/.github/workflows/pkg-pr-new.yml b/.github/workflows/pkg-pr-new.yml index 2610c45d..a6582fa5 100644 --- a/.github/workflows/pkg-pr-new.yml +++ b/.github/workflows/pkg-pr-new.yml @@ -7,7 +7,6 @@ on: permissions: contents: read - pull-requests: write jobs: publish: @@ -31,51 +30,42 @@ jobs: - name: Publish to pkg.pr.new run: npx pkg-pr-new publish --no-compact --json output.json --comment=off ./.pkg-pr-new - - name: Comment install command - uses: actions/github-script@v7 - with: - script: | - const fs = require("fs"); - const output = JSON.parse(fs.readFileSync("output.json", "utf8")); - const url = output?.packages?.[0]?.url; - if (!url) { - throw new Error("No package URL found in output.json"); - } + - name: Build comment payload + env: + PR_NUMBER: ${{ github.event.pull_request.number }} + SOURCE_REPO: ${{ github.event.pull_request.head.repo.full_name }} + SOURCE_BRANCH: ${{ github.event.pull_request.head.ref }} + run: | + node <<'NODE' + const fs = require("fs"); + + const output = JSON.parse(fs.readFileSync("output.json", "utf8")); + const url = output?.packages?.[0]?.url; + if (!url) throw new Error("No package URL found in output.json"); + if (!url.startsWith("https://pkg.pr.new/")) { + throw new Error(`Unexpected package URL: ${url}`); + } - const body = [ - "Install this PR change globally:", - "", - "```bash", - `npm i -g ${url}`, - "```", - ].join("\n"); - const issueNumber = context.issue.number; + const pr = Number(process.env.PR_NUMBER); + if (!Number.isInteger(pr) || pr <= 0) { + throw new Error(`Invalid PR_NUMBER: ${process.env.PR_NUMBER}`); + } - const comments = await github.rest.issues.listComments({ - owner: context.repo.owner, - repo: context.repo.repo, - issue_number: issueNumber, - per_page: 100, - }); + const payload = { + pr, + url, + sourceRepo: process.env.SOURCE_REPO || "", + sourceBranch: process.env.SOURCE_BRANCH || "", + }; - const existing = comments.data.find((comment) => - comment.user?.login === "github-actions[bot]" && - typeof comment.body === "string" && - comment.body.startsWith("Install this PR change globally:") - ); + fs.writeFileSync( + "pkg-pr-new-comment-payload.json", + JSON.stringify(payload), + ); + NODE - if (existing) { - await github.rest.issues.updateComment({ - owner: context.repo.owner, - repo: context.repo.repo, - comment_id: existing.id, - body, - }); - } else { - await github.rest.issues.createComment({ - owner: context.repo.owner, - repo: context.repo.repo, - issue_number: issueNumber, - body, - }); - } + - name: Upload comment payload + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4 + with: + name: pkg-pr-new-comment-payload + path: pkg-pr-new-comment-payload.json From 5d004816e969c50c490b977b5780bb2629a3dc00 Mon Sep 17 00:00:00 2001 From: kongenpei Date: Wed, 1 Apr 2026 13:36:45 +0800 Subject: [PATCH 15/16] ci: keep only one mac target in pkg-pr-new build --- scripts/build-pkg-pr-new.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/scripts/build-pkg-pr-new.sh b/scripts/build-pkg-pr-new.sh index 43e539d3..6c0f5678 100755 --- a/scripts/build-pkg-pr-new.sh +++ b/scripts/build-pkg-pr-new.sh @@ -31,7 +31,6 @@ build_target() { build_target darwin arm64 build_target linux amd64 -build_target darwin amd64 build_target linux arm64 build_target windows amd64 build_target windows arm64 From 1db0b1a4afdc3e8737dbf0011c748e36c6b91f82 Mon Sep 17 00:00:00 2001 From: kongenpei Date: Wed, 1 Apr 2026 13:43:35 +0800 Subject: [PATCH 16/16] ci: limit pkg-pr-new build to darwin arm64 only --- scripts/build-pkg-pr-new.sh | 4 ---- 1 file changed, 4 deletions(-) diff --git a/scripts/build-pkg-pr-new.sh b/scripts/build-pkg-pr-new.sh index 6c0f5678..caa65231 100755 --- a/scripts/build-pkg-pr-new.sh +++ b/scripts/build-pkg-pr-new.sh @@ -30,10 +30,6 @@ build_target() { } build_target darwin arm64 -build_target linux amd64 -build_target linux arm64 -build_target windows amd64 -build_target windows arm64 cat > "$OUT_DIR/scripts/run.js" <<'RUNJS' #!/usr/bin/env node