Skip to content

Improve registryAuth logic#3350

Open
PE39806 wants to merge 10 commits intomainfrom
techdebt/improve-registryauth-logic
Open

Improve registryAuth logic#3350
PE39806 wants to merge 10 commits intomainfrom
techdebt/improve-registryauth-logic

Conversation

@PE39806
Copy link
Copy Markdown
Collaborator

@PE39806 PE39806 commented Mar 17, 2026
edited
Loading

  • Fix incorrect "read-only" access logic in isReadOnlyActions
  • Replace generateAccess(scope: any): Access with parseResourceScope(input: string): Access[] to enforce correct Resource Scope Grammar
  • Add NodeCache to reduce reading files from disk
  • Refactor out constants
  • Rename getAccessToken & getRefreshToken to issueAccessToken & issueRefreshToken for clearer intent
  • Harden scope parsing with explicit validation and clearer error handling
  • Improve error handling and logging around JWT signing and auth failures
  • Improve and extend tests

@github-actions github-actions bot added javascript Pull requests that update Javascript code tech debt A feature/requirement implemented in a sub-optimal way & must be re-written tests Improvements or additions to unit tests and / or end to end tests backend Changes affecting server-side logic, APIs, data processing, or internal services. labels Mar 17, 2026
GB907762
GB907762 reviewed Mar 18, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@GB907762 GB907762 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This all looks functionally correct. There's a couple of things, but they may just be really picky.

github-advanced-security[bot]
github-advanced-security bot found potential problems Mar 18, 2026
View reviewed changes
@PE39806 @github-advanced-security
Potential fix for code scanning alert no. 90: Inefficient regular exp…
d6d8fa8 
…ression

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
JRB66955
JRB66955 previously approved these changes Mar 18, 2026
View reviewed changes
@PE39806 PE39806 requested review from JR40159 March 19, 2026 11:04
JR40159
JR40159 requested changes Mar 26, 2026
View reviewed changes
JR40159
JR40159 requested changes Mar 27, 2026
View reviewed changes
@PE39806 PE39806 requested a review from JR40159 March 27, 2026 11:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@GB907762 GB907762 GB907762 left review comments

@JRB66955 JRB66955 JRB66955 left review comments

@JR40159 JR40159 Awaiting requested review from JR40159

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

backend Changes affecting server-side logic, APIs, data processing, or internal services. javascript Pull requests that update Javascript code tech debt A feature/requirement implemented in a sub-optimal way & must be re-written tests Improvements or additions to unit tests and / or end to end tests

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@PE39806 @JR40159 @JRB66955 @GB907762