Skip to content

fix: add repository.url for npm provenance publishing#200

Merged
justinchung-cb merged 1 commit intomasterfrom
justinchung/fix-repository-url
Feb 23, 2026
Merged

fix: add repository.url for npm provenance publishing#200
justinchung-cb merged 1 commit intomasterfrom
justinchung/fix-repository-url

Conversation

@justinchung-cb
Copy link
Contributor

@justinchung-cb justinchung-cb commented Feb 23, 2026

Summary

  • Add repository field to package.json with the GitHub repo URL

Details

npm trusted publishing with sigstore provenance requires repository.url in package.json to match the GitHub repo URL. Without it, the publish fails with:

Error verifying sigstore provenance bundle: Failed to validate repository information: package.json: "repository.url" is "", expected to match "https://github.com/coinbase/onchaintestkit"

Test Plan

  • Merge this PR
  • Run the Release (manual) workflow
  • Verify npm view @coinbase/onchaintestkit version shows 1.2.1

Made with Cursor

@justinchung-cb @cursoragent
fix: add repository.url to package.json for npm provenance
fa91d70 
npm trusted publishing requires repository.url to match the GitHub
repo URL for sigstore provenance verification.

Co-authored-by: Cursor <cursoragent@cursor.com>
@cb-heimdall
Copy link

cb-heimdall commented Feb 23, 2026
edited
Loading

✅ Heimdall Review Status

Requirement Status More Info
Reviews 1/1
Denominator calculation
Show calculation
1 if user is bot 0
1 if user is external 0
2 if repo is sensitive 0
From .codeflow.yml 1
Additional review requirements
Show calculation
Max 0
0
From CODEOWNERS 0
Global minimum 0
Max 1
1
1 if commit is unverified 0
Sum 1

@justinchung-cb justinchung-cb merged commit 827653e into master Feb 23, 2026
7 checks passed
@justinchung-cb justinchung-cb deleted the justinchung/fix-repository-url branch February 23, 2026 18:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@timothywangdev-cb timothywangdev-cb timothywangdev-cb approved these changes

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@justinchung-cb @cb-heimdall @timothywangdev-cb