Rebrand to @mondaycom scope and add release workflow#1
Merged
YossiSaadi merged 8 commits intomasterfrom Mar 10, 2026
Merged
Conversation
Update the npm scope across all three publishable packages: - @mondaydotcomorg/hatcha-core → @mondaycom/hatcha-core - @mondaydotcomorg/hatcha-server → @mondaycom/hatcha-server - @mondaydotcomorg/hatcha-react → @mondaycom/hatcha-react Includes package.json name fields, workspace:* dependency references, and all source-level imports/re-exports. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Rename all @mondaydotcomorg references in the Next.js example app: - package.json workspace dependencies - API route imports (challenge, verify) - Layout provider and CSS imports - Page hook import Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- README.md: update install commands, code examples, and packages table to use @mondaycom scope - CONTRIBUTING.md: fix stale @hatcha/core reference to @mondaycom/hatcha-core Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Lockfile regenerated after renaming all workspace packages from @mondaydotcomorg to @mondaycom. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add workflow_dispatch release workflow with: - Input fields: bump type (patch/minor/major) with semver hints, per-package release toggles (core, server, react) - Validation: requires at least one package, blocks releasing server/react without core - Pipeline: bump versions → update lockfile → build → test → typecheck → publish to npm → commit & tag → GitHub Releases - Security: npm provenance attestation (--provenance), env vars for all expressions, concurrency control - Publish order: core first, then server, then react (respects dependency graph) - npm publish happens before git push to prevent orphaned version bumps on publish failure - GitHub Releases with auto-generated notes - Summary table in workflow run UI Requires NPM_TOKEN repository secret and contents:write + id-token:write permissions (configured in workflow). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- crypto.ts: merge split try-catch blocks so Uint8Array uses const inference (Uint8Array<ArrayBuffer>) instead of let annotation (Uint8Array<ArrayBufferLike>), fixing TS2345 with crypto.subtle.verify - e2e.test.ts: replace unsafe cast to Record<string, unknown> with idiomatic "answer" in challenge check, fixing TS2352 - handler.test.ts: same Record cast fix for ChallengeDisplay, and use "error" in result for union type narrowing on VerifyResult Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add .nvmrc with Node 22.14 as the project-level Node version. Update release workflow to read from .nvmrc instead of hardcoding the version. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Node 18 reached end-of-life in April 2025 and does not support the global Web Crypto API (crypto.subtle) that the codebase uses. This caused all tests to fail with "crypto is not defined", and fail-fast cancelled the Node 20/22 jobs. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What
@mondaydotcomorgto@mondaycomacross the entire repo.nvmrcfor consistent Node version managementScope rename
All three packages updated:
@mondaydotcomorg/hatcha-core→@mondaycom/hatcha-core@mondaydotcomorg/hatcha-server→@mondaycom/hatcha-server@mondaydotcomorg/hatcha-react→@mondaycom/hatcha-reactThis touches package.json files, source imports, the example app, docs, and the lockfile.
Release workflow
New
.github/workflows/release.yml— a manual workflow you trigger from the Actions tab:[skip ci]to avoid redundant CI runsTypeScript fixes
crypto.ts: fixedUint8Array<ArrayBufferLike>type error withcrypto.subtle.verifyby merging try-catch blocks (lets TS infer narrower type viaconst)e2e.test.ts,handler.test.ts: replaced unsafeas Record<string, unknown>casts with idiomaticinoperator checksOther
.nvmrc(Node 22.14) — used by the release workflow and local development@hatcha/corereference in CONTRIBUTING.mdPrerequisites
NPM_TOKENsecret added@mondaycomnpm org existsTesting
pnpm build✅pnpm test✅ (43 tests)pnpm typecheck✅@mondaydotcomorgreferences