Skip to content

chore(ci): integrate Verdaccio for integration tests #1795

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 17 commits into from
Oct 22, 2025
Merged

chore(ci): integrate Verdaccio for integration tests #1795

merged 17 commits into from
Oct 22, 2025

Conversation

@mandarini
Copy link
Contributor

Description

Integrates Verdaccio local npm registry into CI integration tests to fix dependency resolution issues and improve test reliability.

Problem

Integration tests (Expo, Next, Bun, Deno) were using tarballs with the file: protocol, which caused * dependencies in package.json to resolve from the public npm registry instead of the workspace. This led to:

  1. Tests installing @supabase/[email protected] from npm (missing tslib)
  2. Tests not using the actual workspace versions being tested
  3. CI failures due to missing transitive dependencies
  4. Complex tarball management with manual packing and copying
  5. Tests not catching issues with existing code, because they were installing previously latest published version

Example of the issue:

  // supabase-js package.json
  "dependencies": {
    "@supabase/functions-js": "*"  // Resolved from npm, not workspace!
  }

Solution

Replaced tarball-based approach with Verdaccio (local npm registry):

  1. Start Verdaccio in each integration test job
  npx verdaccio --config .verdaccio/config.yml &
  npm set registry http://localhost:4873/
  1. Publish all workspace packages to Verdaccio
  for pkg in auth-js functions-js postgrest-js realtime-js storage-js supabase-js; do
    npm publish --registry http://localhost:4873
  done
  1. Tests install from Verdaccio
  npm install --registry http://localhost:4873
  # Now `*` resolves to workspace versions!
  1. Updated test package.json files
    • Changed "@supabase/supabase-js": "file:supabase-supabase-js-0.0.0-automated.tgz"
    • To "@supabase/supabase-js": "*"

Benefits

  • Correct dependency resolution - * dependencies now resolve to workspace versions
  • Realistic testing
  • Tests use npm install like real users
  • Would have caught tslib issue - All transitive dependencies properly resolved
  • No tarball management - Simpler CI workflow
  • Consistent approach - All integration tests use same pattern
  • Zero impact on releases - Verdaccio only used for testing

Security Note

Verdaccio config uses publish: $all (no authentication). This is safe because:

  • Runs on localhost only (not exposed to internet)
  • Ephemeral (starts/stops with each CI job)
  • Temporary storage (deleted after job completes)
  • Never touches real npm registry

@coveralls
Copy link

coveralls commented Oct 21, 2025
edited
Loading

Coverage Status

coverage: 95.455% (-0.5%) from 95.986%
when pulling 2afd73f on chore/use-verdaccio-for-integration-tests
into c408c47 on master.

grdsdev
grdsdev reviewed Oct 21, 2025
View reviewed changes
@mandarini mandarini self-assigned this Oct 21, 2025
@mandarini mandarini force-pushed the chore/use-verdaccio-for-integration-tests branch from d545f1a to c9a52ab Compare October 21, 2025 11:55
@mandarini mandarini mentioned this pull request Oct 21, 2025
Merged
1 task
@mandarini mandarini force-pushed the chore/use-verdaccio-for-integration-tests branch from 1105357 to c9a52ab Compare October 21, 2025 12:13
@mandarini mandarini force-pushed the chore/use-verdaccio-for-integration-tests branch from 1f4e584 to a45333a Compare October 21, 2025 12:51
@mandarini mandarini requested a review from grdsdev October 21, 2025 14:36
@mandarini mandarini marked this pull request as ready for review October 21, 2025 14:43
@mandarini mandarini requested review from a team as code owners October 21, 2025 14:43
@mandarini mandarini merged commit ea64a25 into master Oct 22, 2025
19 of 20 checks passed
@mandarini mandarini deleted the chore/use-verdaccio-for-integration-tests branch October 22, 2025 05:31
mandarini added a commit that referenced this pull request Oct 24, 2025
@mandarini
chore(ci): integrate Verdaccio for integration tests (#1795)
75a00de
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@grdsdev grdsdev grdsdev approved these changes

Assignees

@mandarini mandarini

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@mandarini @coveralls @grdsdev