refactor: update validation data structure and improve function documentation

- Removed optional `repoId` from `ExtensionPublishValidationData` and adjusted related function to reflect this change. - Added a note in the `validateJsrPackageAsKunkunExtension` function documentation to clarify frontend/backend verification logic. - Updated `ExtPublishMetadata` to rename `repoId` to `repoNodeId` for clarity.
2025-05-24 13:45:03 +00:00 · 2025-03-24 03:03:18 -04:00 · 2025-03-24 03:03:18 -04:00 · 7bb70104bf
commit 7bb70104bf
parent d8cf220b2c
4 changed files with 8 additions and 14 deletions
--- a/packages/package-registry/src/jsr/index.ts
+++ b/packages/package-registry/src/jsr/index.ts
@ -209,6 +209,7 @@ export function jsrPackageExists(scope: string, name: string, version?: string):

 /**
 * Validate a Jsr package as a Kunkun extension
+ * !This function will also run in frontend, so if there is any verification logic that must be run in backend, do not add it here
 * - check if jsr pkg is linked to a github repo
 * - check if jsr pkg is signed with github action
 * - check if user's github username is the same as repo's owner name
@ -373,15 +374,6 @@ export async function validateJsrPackageAsKunkunExtension(payload: {
 	}
 	const rekorInfo = await getInfoFromRekorLog(rekorLogId)

-	/* -------------------------------------------------------------------------- */
-	/*                             Get GitHub Node ID                             */
-	/* -------------------------------------------------------------------------- */
-	const githubRepoMetadata = await getGitHubRepoMetadata(
-		githubRepo.owner,
-		githubRepo.name,
-		payload.githubToken
-	)
-
 	return {
 		data: {
 			pkgJson: parseResult.output,
@ -397,8 +389,7 @@ export async function validateJsrPackageAsKunkunExtension(payload: {
 				commit: rekorInfo.commit,
 				repo: githubRepo.name,
 				owner: githubRepo.owner,
-				workflowPath: rekorInfo.workflowPath,
-				repoId: githubRepoMetadata.node_id
+				workflowPath: rekorInfo.workflowPath
 			}
 		}
 	}
--- a/packages/package-registry/src/models.ts
+++ b/packages/package-registry/src/models.ts
@ -74,8 +74,7 @@ export const ExtensionPublishValidationData = v.object({
 		commit: v.string(),
 		repo: v.string(),
 		owner: v.string(),
-		workflowPath: v.string(),
-		repoId: v.optional(v.string())
+		workflowPath: v.string()
 	})
 })
 export type ExtensionPublishValidationData = v.InferOutput<typeof ExtensionPublishValidationData>
--- a/packages/package-registry/src/npm/index.ts
+++ b/packages/package-registry/src/npm/index.ts
@ -2,6 +2,7 @@ import { ExtPackageJson, License } from "@kksh/api/models"
 import * as v from "valibot"
 import {
 	authenticatedUserIsMemberOfGitHubOrg,
+	getGitHubRepoMetadata,
 	parseGitHubRepoFromUri,
 	userIsPublicMemberOfGitHubOrg
 } from "../github"
@ -237,6 +238,7 @@ export async function validateNpmPackageAsKunkunExtension(payload: {
 		provenance.summary.sourceRepositoryDigest,
 		parseResult.output.readme ?? "README.md"
 	)
+
 	return {
 		data: {
 			pkgJson: parseResult.output,
--- a/packages/supabase/src/models.ts
+++ b/packages/supabase/src/models.ts
@ -21,7 +21,9 @@ export const ExtPublishMetadata = v.object({
 			owner: v.string("GitHub owner of the extension"),
 			commit: v.string("Commit hash of the extension"),
 			workflowPath: v.string("Workflow path of the extension"),
-			repoId: v.optional(v.string("GitHub repo node ID of the extension"))
+			repoNodeId: v.optional(
+				v.string("GitHub repo node ID of the extension (a string, not the number id)")
+			)
 		})
 	)
 })