Skip to content

Merge pull request #35 from unicity-sphere/fix/sdk-bump-and-invoice-a… #46

Merge pull request #35 from unicity-sphere/fix/sdk-bump-and-invoice-a…

Merge pull request #35 from unicity-sphere/fix/sdk-bump-and-invoice-a… #46

Workflow file for this run

name: CI
on:
push:
branches: [main]
pull_request:
branches: [main]
# sphere-cli consumes @unicitylabs/sphere-sdk via `file:../../sphere-sdk`
# because the CLI-extraction commit in sphere-sdk (which promoted types
# like CreateInvoiceRequest, PayInvoiceParams to the public exports)
# landed AFTER the sphere-sdk v0.7.0 npm release. Until a new sphere-sdk
# version is published, CI clones the sibling repo into the expected
# `../../sphere-sdk` location and builds it in-place so the `file:`
# dependency resolves correctly.
#
# Swap to an npm-published version once sphere-sdk v0.7.1+ ships.
jobs:
lint-typecheck-test:
name: lint + typecheck + test
runs-on: ubuntu-latest
strategy:
matrix:
node-version: [20.x, 22.x]
steps:
- uses: actions/checkout@v4
# Default path: $GITHUB_WORKSPACE/
# = /home/runner/work/sphere-cli/sphere-cli/
# package.json's `file:../../sphere-sdk` resolves from there to
# /home/runner/work/sphere-sdk/ — that's where we clone below.
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node-version }}
cache: npm
- name: Clone sphere-sdk sibling
# Pin to a specific commit SHA (not a branch name) for supply-chain
# integrity — a branch pointer can be force-pushed or rebased,
# silently changing the code CI builds against.
#
# This SHA is the tip of sphere-sdk `main` (PR #402 / #401 — invoice
# OUTBOX verifier wiring on top of PR #400 / #397's route-invoice-
# delivery-through-the-token-pipeline architectural fix).
#
# Why this matters for sphere-cli: #397 replaces the bespoke
# `invoice_delivery:` NIP-17 DM with the standard TOKEN_TRANSFER
# pipeline (Nostr kind 31113). The `manual-test-accounting-
# roundtrip.sh` soak (and any cross-device invoice consumer) only
# works against this new pipeline; the prior pin (3f3dadf, the
# CID-delivery merge BEFORE #397) leaves the receiver decoder
# unable to ingest invoice DMs. Local repro: alice's `invoice
# list` returns "No invoices found" forever even though bob's
# `invoice deliver` reports `sent: 1, failed: 0`.
#
# This SHA also keeps the exports `src/shared/sphere-providers.ts`
# consumes (`createUxfCarPublisher`, `DEFAULT_IPFS_GATEWAYS`,
# `PublishToIpfsCallback`) and `AccountingModule.deliverInvoice`
# that `invoice-deliver` (PR #18 / issue #226) calls.
#
# Bump this SHA when a new sphere-sdk commit is required; remove
# this whole workaround once sphere-sdk publishes v0.7.1+ to npm
# with the post-extraction exports.
env:
SPHERE_SDK_SHA: d9498445e96be63f6a474f2607372eb4c16247d2
run: |
git clone https://github.com/unicity-sphere/sphere-sdk.git ../../sphere-sdk
# The pinned SHA may not be on a branch tip after future merges;
# fetch it explicitly before checkout so the workflow keeps
# working when sphere-sdk main advances past this commit.
git -C ../../sphere-sdk fetch origin "$SPHERE_SDK_SHA" || true
git -C ../../sphere-sdk checkout --detach "$SPHERE_SDK_SHA"
- name: "Build sphere-sdk (required for file: dependency to resolve types)"
run: |
cd ../../sphere-sdk
npm ci
npm run build
- run: npm ci
- run: npm run lint
- run: npm run typecheck
- run: npm run test
- run: npm run build
- name: Verify bin shim is executable
run: |
chmod +x bin/sphere.mjs
node bin/sphere.mjs --version