Skip to content

inital codama client generation and tests#250

Draft
tonyboylehub wants to merge 2 commits intomainfrom
codama
Draft

inital codama client generation and tests#250
tonyboylehub wants to merge 2 commits intomainfrom
codama

Conversation

@tonyboylehub
Copy link
Contributor

@tonyboylehub tonyboylehub commented Dec 17, 2025

No description provided.

@vercel
Copy link

vercel bot commented Dec 17, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Review Updated (UTC)
mpl-core-js-docs Ready Ready Preview, Comment Dec 17, 2025 9:36pm

@coderabbitai
Copy link

coderabbitai bot commented Dec 17, 2025

Important

Review skipped

Draft detected.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch codama

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

github-advanced-security[bot]
github-advanced-security bot found potential problems Dec 17, 2025
View reviewed changes
.github/workflows/test-js-kit-client.yml
Comment on lines +14 to +62
name: Test
runs-on: ubuntu-latest
strategy:
matrix:
node: ["20.x", "22.x"]
steps:
- name: Git checkout
uses: actions/checkout@v4
with:
ref: ${{ inputs.git_ref }}

- name: Load environment variables
run: cat .github/.env >> $GITHUB_ENV

- name: Sanitize Ref
id: sanitize
shell: bash
run: |
REF="${{ inputs.git_ref }}"
if [ -z "$REF" ]; then
REF="default"
fi
SANITIZED=${REF//\//-}
echo "sanitized=$SANITIZED" >> "$GITHUB_OUTPUT"

- name: Start validator
uses: metaplex-foundation/actions/start-validator@v1
with:
node: ${{ matrix.node }}
solana: ${{ env.SOLANA_VERSION }}
cache: ${{ env.CACHE }}
artifacts: program-builds-${{ steps.sanitize.outputs.sanitized }}

- name: Install dependencies
uses: metaplex-foundation/actions/install-node-dependencies@v1
with:
folder: ./clients/js-kit
cache: ${{ env.CACHE }}
key: clients-js-kit

- name: Build
working-directory: ./clients/js-kit
run: pnpm build

- name: Test
working-directory: ./clients/js-kit
run: pnpm test

lint:

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium test

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Copilot Autofix

AI about 2 months ago

To fix the issue, explicitly set the permissions block at the root of the workflow file. The minimum required privilege for this particular workflow—based on its contents (running tests, linting, formatting, checking out code with actions/checkout)—is contents: read. None of the jobs perform write operations (e.g., pushing code, creating issues, managing pull requests), so restricting the GITHUB_TOKEN to only read the repository contents adheres to the principle of least privilege and meets both the security recommendations and the requirements of the workflow.

To implement this, insert the following block after the name and before or after the on: block:

permissions:
  contents: read

This will apply to all jobs in the workflow, unless overridden in individual jobs (which is not necessary here).

What is needed:

  • Insert permissions: at the root level of .github/workflows/test-js-kit-client.yml, specifying contents: read as the value.
Suggested changeset 1
.github/workflows/test-js-kit-client.yml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/test-js-kit-client.yml b/.github/workflows/test-js-kit-client.yml
--- a/.github/workflows/test-js-kit-client.yml
+++ b/.github/workflows/test-js-kit-client.yml
@@ -1,5 +1,8 @@
 name: Test JS Kit client
 
+permissions:
+  contents: read
+
 on:
   workflow_call:
     inputs:
EOF
@@ -1,5 +1,8 @@
name: Test JS Kit client

permissions:
contents: read

on:
workflow_call:
inputs:
Copilot is powered by AI and may make mistakes. Always verify output.
.github/workflows/test-js-kit-client.yml
Comment on lines +63 to +91
name: Lint
runs-on: ubuntu-latest
steps:
- name: Git checkout
uses: actions/checkout@v4

- name: Load environment variables
run: cat .github/.env >> $GITHUB_ENV

- name: Install Node.js
uses: metaplex-foundation/actions/install-node-with-pnpm@v1
with:
version: ${{ env.NODE_VERSION }}
cache: ${{ env.CACHE }}

- name: Install dependencies
uses: metaplex-foundation/actions/install-node-dependencies@v1
with:
folder: ./clients/js-kit
cache: ${{ env.CACHE }}
key: clients-js-kit

- name: Format
working-directory: ./clients/js-kit
run: pnpm format

- name: Lint
working-directory: ./clients/js-kit
run: pnpm lint

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium test

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Copilot Autofix

AI about 2 months ago

To fix the issue, add a permissions block explicitly specifying the minimal privilege required for this workflow. The best way is to set permissions: contents: read at the top level (applies to all jobs unless overridden). This gives the workflow read-only access to repository contents, which suffices for checking out code and running tests/lints locally. Place this immediately after the name: but before on: for proper YAML structure. No changes are needed within jobs or steps, as no write permissions are required by any visible action.

Suggested changeset 1
.github/workflows/test-js-kit-client.yml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/test-js-kit-client.yml b/.github/workflows/test-js-kit-client.yml
--- a/.github/workflows/test-js-kit-client.yml
+++ b/.github/workflows/test-js-kit-client.yml
@@ -1,4 +1,6 @@
 name: Test JS Kit client
+permissions:
+  contents: read
 
 on:
   workflow_call:
EOF
@@ -1,4 +1,6 @@
name: Test JS Kit client
permissions:
contents: read

on:
workflow_call:
Copilot is powered by AI and may make mistakes. Always verify output.
Copy link
Contributor Author

@tonyboylehub tonyboylehub Dec 17, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

dmissing due to other test workflow not having this.

github-actions[bot]
github-actions bot reviewed Dec 17, 2025
View reviewed changes
Copy link

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Benchmark

Details
Benchmark suite Current: 70d21bd Previous: 4917f62 Ratio
CU: create a new, empty asset 7628 Compute Units 7628 Compute Units 1
Space: create a new, empty asset 91 Bytes 91 Bytes 1
CU: create a new, empty asset with empty collection 15706 Compute Units 15706 Compute Units 1
Space: create a new, empty asset with empty collection 91 Bytes 91 Bytes 1
CU: create a new asset with plugins 25922 Compute Units 25922 Compute Units 1
Space: create a new asset with plugins 194 Bytes 194 Bytes 1
CU: create a new asset with plugins and empty collection 30830 Compute Units 30830 Compute Units 1
Space: create a new asset with plugins and empty collection 194 Bytes 194 Bytes 1
CU: list an asset 19019 Compute Units 19019 Compute Units 1
CU: sell an asset 24206 Compute Units 24206 Compute Units 1
CU: list an asset with empty collection 23516 Compute Units 23516 Compute Units 1
CU: sell an asset with empty collection 31593 Compute Units 31593 Compute Units 1
CU: list an asset with collection royalties 22906 Compute Units 22906 Compute Units 1
CU: sell an asset with collection royalties 34644 Compute Units 34644 Compute Units 1
CU: transfer an empty asset 3611 Compute Units 3611 Compute Units 1
CU: transfer an empty asset with empty collection 5171 Compute Units 5171 Compute Units 1
CU: transfer an asset with plugins 7048 Compute Units 7048 Compute Units 1
CU: transfer an asset with plugins and empty collection 8608 Compute Units 8608 Compute Units 1

This comment was automatically generated by workflow using github-action-benchmark.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@tonyboylehub