ci: npm publishing was still failing

[angelxmoreno]

Summary by CodeRabbit

• Documentation

  • Updated README badges and banners (npm, Bun, CodeRabbit, Biome) and improved formatting.
  • Expanded Community Adapters list and clarified layout; minor code-sample and table alignment tweaks.

• Chores

  • Release workflow updated to add a Bun-based build path, dependency caching, and a unified release-created gate for publishing.
  • Release tooling steps and gating logic cleaned up; publishing behavior preserved.

[coderabbitai]

Walkthrough

Release workflow modified to add a Bun-based install/cache/build path gated on release creation and to change release gating from release_published to release_created; the Release Please package-name field was removed. README updated with badges, formatting, and expanded community adapters list; no API/runtime changes.

Changes

Cohort / File(s)	Summary of Changes
CI Release Workflow .github/workflows/release.yml	Adds Bun install (oven-sh/setup-bun@v2), Bun dependency cache (actions/cache@v4), bun ci, and bun run build steps gated on steps.release.outputs.release_created == 'true'. Moves Release Please invocation before Node setup; makes Node setup conditional on release_created. Changes publish guard to release_created. Removes package-name: axios-cache-interceptor-keyv from Release Please.
Documentation & Badges README.md	Adds/updates badges (npm link, Bun badge and banner, CodeRabbit PR Reviews, Biome), small code-format tweaks (e.g., {debug: true} spacing), table/spacing adjustments, and expands Community Adapters list. No code/API changes.

Sequence Diagram(s)

sequenceDiagram
    autonumber
    actor GitHub
    participant Release as "Release Action\n(Release Please)"
    participant Runner as "Workflow Runner"
    participant Bun as "Bun (setup & cache)"
    participant Node as "Node Setup (conditional)"
    participant Build as "Build step (bun run build)"
    participant Publish as "Publish to npm"

    GitHub->>Release: tag/release event
    Release-->>Runner: outputs.release_created = true
    Runner->>Bun: Install Bun (oven-sh/setup-bun)
    Runner->>Bun: Restore/cache bun deps (~/.bun/install/cache, node_modules)
    Runner->>Runner: Run `bun ci`
    Runner->>Build: Run `bun run build`
    Runner->>Node: Setup Node (only if release_created) 
    Runner->>Publish: Publish to npm (guard: release_created)
    note right of Publish#lightgreen: Publish guarded by release_created

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Tip

🔌 Remote MCP (Model Context Protocol) integration is now available!

Pro plan users can now connect to remote MCP servers from the Integrations page. Connect with popular remote MCPs such as Notion and Linear to add more context to your reviews and chats.

✨ Finishing Touches

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix/npm-depoyment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR/Issue comments)

Type @coderabbitai help to get the list of available commands.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

Status, Documentation and Community

• Visit our Status Page to check the current availability of CodeRabbit.
• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 100.00%. Comparing base (c0e6def) to head (5be3c02).
⚠️ Report is 3 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff            @@
##              main       #12   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files            1         1           
  Lines           24        24           
=========================================
  Hits            24        24           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (4)

.github/workflows/release.yml (3)

25-35: Optional: Speed up CI with Bun cache and new lockfile

Bun v1.2 switched to a text lockfile (bun.lock). If you add dependency caching, key it on **/bun.lock (not bun.lockb). This complements bun ci reproducibility. (bun.com)

Example cache step:

+      - name: Cache Bun downloads
+        if: ${{ steps.release.outputs.release_created == 'true' }}
+        uses: actions/cache@v4
+        with:
+          path: ~/.bun/install/cache
+          key: ${{ runner.os }}-bun-${{ hashFiles('**/bun.lock') }}
+          restore-keys: |
+            ${{ runner.os }}-bun-

---

25-28: Pin Bun version for deterministic builds

oven-sh/setup-bun@v2 defaults to latest. Pin a major/minor (e.g., 1.2.x) or use .bun-version via bun-version-file to avoid surprise breaks. (github.com)

-        uses: oven-sh/setup-bun@v2
+        uses: oven-sh/setup-bun@v2
+        with:
+          bun-version: 1.2.x

---

44-49: Consider provenance on publish

For stronger supply-chain guarantees, consider npm publish --provenance --access public (requires Node 18+, which you have, and npm >= 9). This is optional but increasingly common.

-        run: npm publish --access public
+        run: npm publish --provenance --access public

README.md (1)

8-15: Replace inline SVG badge with a standard image for reliable rendering

GitHub often sanitizes inline SVG with external <image> hrefs; this badge may not render consistently. Prefer a shields.io badge or a simple <img>.

-<a href="https://bun.sh">
-  <svg width="120" height="20" xmlns="http://www.w3.org/2000/svg">
-    <rect width="120" height="20" rx="3" fill="#000"/>
-    <text x="30" y="15" fill="white" font-family="Arial" font-size="11">Made with Bun</text>
-    <image x="5" y="2" width="16" height="16" href="https://api.iconify.design/logos:bun.svg"/>
-  </svg>
-</a>
+<a href="https://bun.sh">
+  <img alt="Made with Bun" src="https://img.shields.io/badge/Made%20with-Bun-000?logo=bun&logoColor=white" />
+</a>

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

💡 Knowledge Base configuration:

• MCP integration is disabled by default for public repositories
• Jira integration is disabled by default for public repositories
• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between ffeadef and ca11d91.

📒 Files selected for processing (2)

• .github/workflows/release.yml (1 hunks)
• README.md (4 hunks)

🧰 Additional context used

🧠 Learnings (1)

📚 Learning: 2025-08-22T20:08:07.461Z

Learnt from: angelxmoreno
PR: angelxmoreno/axios-cache-interceptor-keyv#10
File: .github/workflows/pr-check.yml:20-29
Timestamp: 2025-08-22T20:08:07.461Z
Learning: Bun v1.2 (January 2025) switched from binary bun.lockb to text-based bun.lock (JSONC format) as the default lockfile. The cache key pattern should use '**/bun.lock' for current Bun versions.

Applied to files:

• .github/workflows/release.yml

🪛 LanguageTool

README.md

[grammar] ~4-~4: There might be a mistake here.
Context: ...adge/License-MIT-yellow.svg)](./LICENSE) [![TypeScript](https://img.shields.io/ba...

(QB_NEW_EN)

---

[grammar] ~162-~162: There might be a mistake here.
Context: ...he community. For a complete list, visit the [Keyv Community Adapters](https://gi...

(QB_NEW_EN)

🪛 actionlint (1.7.7)

.github/workflows/release.yml

26-26: property "release" is not defined in object type {}

(expression)

---

30-30: property "release" is not defined in object type {}

(expression)

---

34-34: property "release" is not defined in object type {}

(expression)

🔇 Additional comments (4)

README.md (4)

3-3: LGTM: npm badge target updated

The npm badge now points to the package page; looks good.

---

150-158: Table looks good; double-check adapter package names

The backend table reads well. Please verify the exact package names (e.g., @keyvhq/postgres vs. @keyvhq/postgresql) match what you intend to recommend.

Would you like me to open a quick PR to align any names after you confirm?

---

162-164: Verify community adapters link/anchor

Confirm the “Keyv Community Adapters” link resolves to the correct section of the current KeyvHQ README (anchors sometimes change).

If it’s off, I can suggest the updated URL.

---

141-141: Consistent options formatting

The {debug: true} compact style is now used consistently in examples. Nice touch.

Also applies to: 249-249

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (6)

README.md (2)

16-18: Make the CodeRabbit badge clickable; keep alt text

Shields “link” param isn’t reliably honored on GitHub. Wrap the image in a link for expected UX.

-![CodeRabbit Pull Request Reviews](https://img.shields.io/coderabbit/prs/github/angelxmoreno/axios-cache-interceptor-keyv?utm_source=oss&utm_medium=github&utm_campaign=angelxmoreno%2Faxios-cache-interceptor-keyv&labelColor=171717&color=FF570A&link=https%3A%2F%2Fcoderabbit.ai&label=CodeRabbit+Reviews)
+[![CodeRabbit Pull Request Reviews](https://img.shields.io/coderabbit/prs/github/angelxmoreno/axios-cache-interceptor-keyv?utm_source=oss&utm_medium=github&utm_campaign=angelxmoreno%2Faxios-cache-interceptor-keyv&labelColor=171717&color=FF570A&label=CodeRabbit+Reviews)](https://coderabbit.ai)

---

150-158: Minor docs enhancement: adapter installation hint per backend

The table is helpful. Consider adding a preface line reminding users to install the corresponding adapter package when using non-memory backends to reduce setup friction.

Example addition immediately above the table:

+Note: For each backend below, install the corresponding adapter package (see “Package Required”).

Happy to batch-update the backend examples to include the explicit bun add @keyvhq/<adapter> line where applicable.

.github/workflows/release.yml (4)

26-32: Harden npm auth setup and future-proof

Add always-auth: true so npm always sends auth to the registry, avoiding edge cases with scoped packages or multiple publishes.

       - name: Setup Node
         if: ${{ steps.release.outputs.release_created == 'true' }}
         uses: actions/setup-node@v4
         with:
           node-version: 20
           registry-url: https://registry.npmjs.org
+          always-auth: true

---

33-36: Optionally pin Bun for reproducibility

CI determinism improves if you pin a major.minor (e.g., 1.2.x). Not mandatory but recommended.

       - name: Install Bun
         if: ${{ steps.release.outputs.release_created == 'true' }}
         uses: oven-sh/setup-bun@v2
+        with:
+          bun-version: 1.2.x

---

37-47: Cache scope: avoid caching node_modules with Bun

Bun’s ci uses the global install cache; caching node_modules can become stale and provide little benefit. Keep Bun cache only. The key correctly uses '**/bun.lock' per latest Bun.

       - name: Cache Bun dependencies
         if: ${{ steps.release.outputs.release_created == 'true' }}
         uses: actions/cache@v4
         with:
           path: |
             ~/.bun/install/cache
-            node_modules
           key: ${{ runner.os }}-bun-${{ hashFiles('**/bun.lock') }}
           restore-keys: |
             ${{ runner.os }}-bun-

---

56-61: Add provenance to npm publish and required permission

Enable npm provenance for the published package and grant id-token: write at workflow level.

 permissions:
   contents: write
   pull-requests: write
+  id-token: write
@@
       - name: Publish to npm
         if: ${{ steps.release.outputs.release_created == 'true' }}
-        run: npm publish --access public
+        run: npm publish --access public --provenance
         env:
           NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+          NPM_CONFIG_PROVENANCE: true

I can also add a “dry-run” guard behind a boolean input if you want safe testing on forks.

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

💡 Knowledge Base configuration:

• MCP integration is disabled by default for public repositories
• Jira integration is disabled by default for public repositories
• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between ca11d91 and 5be3c02.

📒 Files selected for processing (2)

• .github/workflows/release.yml (1 hunks)
• README.md (4 hunks)

🧰 Additional context used

🧠 Learnings (1)

📚 Learning: 2025-08-22T20:08:07.461Z

Learnt from: angelxmoreno
PR: angelxmoreno/axios-cache-interceptor-keyv#10
File: .github/workflows/pr-check.yml:20-29
Timestamp: 2025-08-22T20:08:07.461Z
Learning: Bun v1.2 (January 2025) switched from binary bun.lockb to text-based bun.lock (JSONC format) as the default lockfile. The cache key pattern should use '**/bun.lock' for current Bun versions.

Applied to files:

• .github/workflows/release.yml

🪛 LanguageTool

README.md

[grammar] ~4-~4: There might be a mistake here.
Context: ...adge/License-MIT-yellow.svg)](./LICENSE) [![TypeScript](https://img.shields.io/ba...

(QB_NEW_EN)

---

[grammar] ~162-~162: There might be a mistake here.
Context: ...he community. For a complete list, visit the [Keyv Community Adapters](https://gi...

(QB_NEW_EN)

🔇 Additional comments (6)

README.md (3)

3-3: npm badge link looks good

Points to the official npm package page; no action needed.

---

141-142: Debug example consistency

Good call tightening the object spacing to {debug: true}. Matches other examples and typical TS style.

---

249-249: Good: debug logging sample uses the new options shape consistently

No changes needed.

.github/workflows/release.yml (3)

19-25: Correctly moved Release Please earlier and switched to release_created

This fixes the gating bug that skipped build/publish. Good.

---

52-55: Build step aligns with Bun toolchain

Looks good; relies on package.json scripts being wired for Bun.

---

48-51: bun.lock present – no action needed

The verification script confirmed that bun.lock exists in the repository root, so bun ci will run successfully as configured.

No further changes are required.