Update release workflow and verify assets script for v0.0.5

SFARPak · SFARPak · commit 5587b1305bb4 · 2025-10-12T23:47:16.000+05:00
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -98,7 +98,51 @@ jobs:
     name: Verify Release Assets
     needs: build
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: read
+      actions: read
     steps:
+      - name: Check token permissions
+        run: |
+          echo "🔐 Checking GITHUB_TOKEN permissions..."
+          echo "📡 Making API call to: https://api.github.com/user"
+
+          # Capture full response for detailed logging
+          RESPONSE=$(curl -s -w "\nHTTP_STATUS:%{http_code}\n" \
+               -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
+               -H "Accept: application/vnd.github.v3+json" \
+               -H "User-Agent: dyad-release-workflow" \
+               https://api.github.com/user)
+
+          # Extract status code
+          HTTP_STATUS=$(echo "$RESPONSE" | grep "HTTP_STATUS:" | cut -d: -f2)
+          JSON_RESPONSE=$(echo "$RESPONSE" | sed '/HTTP_STATUS:/d')
+
+          echo "📡 API Response Status: $HTTP_STATUS"
+
+          # Log token scopes and permissions from headers (if available)
+          echo "🔑 Token scopes: $(curl -s -I \
+               -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
+               -H "Accept: application/vnd.github.v3+json" \
+               https://api.github.com/user | grep -i "x-oauth-scopes:" | sed 's/.*: //' || echo "Not available")"
+
+          echo "📋 Accepted permissions: $(curl -s -I \
+               -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
+               -H "Accept: application/vnd.github.v3+json" \
+               https://api.github.com/user | grep -i "x-accepted-github-permissions:" | sed 's/.*: //' || echo "Not available")"
+
+          if [ "$HTTP_STATUS" -eq 200 ]; then
+            echo "✅ Token authentication successful"
+            echo "👤 User data:"
+            echo "$JSON_RESPONSE" | jq '.login // "Not available"'
+            echo "📋 Permissions:"
+            echo "$JSON_RESPONSE" | jq '.permissions // empty'
+          else
+            echo "❌ Token authentication failed with status: $HTTP_STATUS"
+            echo "🔍 Response body: $JSON_RESPONSE"
+            exit 1
+          fi
       - name: Github checkout
         uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
       - name: Use Node.js
diff --git a/scripts/verify-release-assets.js b/scripts/verify-release-assets.js
@@ -18,13 +18,36 @@ async function verifyReleaseAssets() {
 
     // GitHub API configuration
     const owner = "SFARPak";
-    const repo = "dyad";
+    const repo = "AliFullStack";
     const token = process.env.GITHUB_TOKEN;
 
     if (!token) {
       throw new Error("GITHUB_TOKEN environment variable is required");
     }
 
+    // Log token permissions for debugging
+    console.log(`🔐 Checking token permissions...`);
+    try {
+      const userResponse = await fetch("https://api.github.com/user", {
+        headers: {
+          Authorization: `token ${token}`,
+          Accept: "application/vnd.github.v3+json",
+          "User-Agent": "dyad-release-verifier",
+        },
+      });
+
+      if (userResponse.ok) {
+        const userData = await userResponse.json();
+        console.log(`👤 Authenticated as: ${userData.login}`);
+        console.log(`🔑 Token scopes:`, userResponse.headers.get("x-oauth-scopes") || "Not available");
+        console.log(`📋 Accepted permissions:`, userResponse.headers.get("x-accepted-github-permissions") || "Not available");
+      } else {
+        console.warn(`⚠️  Could not verify token permissions: ${userResponse.status} ${userResponse.statusText}`);
+      }
+    } catch (error) {
+      console.warn(`⚠️  Error checking token permissions: ${error.message}`);
+    }
+
     // Fetch all releases (including drafts) with retry logic
     const tagName = `v${version}`;
     const maxRetries = 5;
@@ -48,6 +71,8 @@ async function verifyReleaseAssets() {
         });
 
         console.log(`📡 API Response Status: ${response.status} ${response.statusText}`);
+        console.log(`🔑 Token scopes:`, response.headers.get("x-oauth-scopes") || "Not available");
+        console.log(`📋 Accepted permissions:`, response.headers.get("x-accepted-github-permissions") || "Not available");
 
         if (!response.ok) {
           console.error(`❌ GitHub API error details:`);
@@ -73,6 +98,17 @@ async function verifyReleaseAssets() {
         console.log(`📦 Total releases found: ${allReleases.length}`);
         console.log(`🔍 Available release tags:`, allReleases.map(r => r.tag_name).slice(0, 10));
 
+        // Check if release exists at all
+        const releaseExists = allReleases.some(r => r.tag_name === tagName);
+        if (!releaseExists) {
+          console.error(`❌ Release ${tagName} does not exist in the repository!`);
+          console.error(`📋 All available releases:`);
+          allReleases.forEach(r => {
+            console.error(`   - ${r.tag_name} (${r.draft ? 'DRAFT' : 'PUBLISHED'})`);
+          });
+          throw new Error(`Release ${tagName} not found in repository`);
+        }
+
         release = allReleases.find((r) => r.tag_name === tagName);
 
         if (release) {
