fregante / chrome-webstore-upload-cli Goto Github PK

Instead of changing the CWD or using --source, every WebExtensions tool could follow Mozilla’s web-ext setup if present: https://extensionworkshop.com/documentation/develop/getting-started-with-web-ext/#automatic-discovery-of-configuration-files

The closest package.json can be found via:
https://github.com/sindresorhus/pkg-up

Despite a successful message, on https://chrome.google.com/u/1/webstore/devconsole/, my package is nor published, nor uploaded.

Do you have a working example from which I can get help.

Thanks in advance.

Hi, Google is forcing everybody to use 2FA, is there a way to make this CLI work in this new situation?

Error: PKG_NO_TWO_FACTOR_AUTH
Enabling 2 step verification on your account is required for security purposes. Please visit https://www.google.com/landing/2step to set it up.

If the manifest specifies a key, it doesn't need to be specified for every call.

https://developer.chrome.com/docs/extensions/mv2/manifest/key/

Hi,

Recently, i got this error when trying to publish using the CLI.

Error
HTTPError: Response code 400 (Bad Request)
    at Request.<anonymous> (C:\ProgramData\nvm\v16.13.1\node_modules\chrome-webstore-upload-cli\node_modules\got\dist\source\as-promise\index.js:117:42)
    at runMicrotasks (<anonymous>)
    at processTicksAndRejections (node:internal/process/task_queues:96:5) {
  code: 'ERR_NON_2XX_3XX_RESPONSE',
  timings: {
    start: 1639499293441,
    socket: 1639499293441,
    lookup: 1639499293442,
    connect: 1639499293452,
    secureConnect: 1639499293466,
    upload: 1639499293466,
    response: 1639499293743,
    end: 1639499293743,
    error: undefined,
    abort: undefined,
    phases: {
      wait: 0,
      dns: 1,
      tcp: 10,
      tls: 14,
      request: 0,
      firstByte: 277,
      download: 0,
      total: 302
    }
  }
}

This is the error message when publishing manually.

{
    "error": {
        "code": 400,
        "message": "Publish condition not met: You must verify your contact email before you can publish any item. Begin the verification process on the Account tab.",
        "errors": [
            {
                "message": "Publish condition not met: You must verify your contact email before you can publish any item. Begin the verification process on the Account tab.",
                "domain": "chromewebstore.access",
                "reason": "badRequest"
            }
        ]
    }
}

It whould be very usefull to log this content in addition to the current error message.

Regards

Hi, I see this parameter --trusted-testers for the publish command, but what if I want to upload it, and then publish to trusted testers ?

my current config:

      - name: Upload to Chrome Web Store
#        run: npx [email protected] upload --source chrome-extension-${{ github.sha }}.zip --auto-publish
        run: npx [email protected] publish --source chrome-extension-${{ github.sha }}.zip --trusted-testers
        env:
          EXTENSION_ID: hbghjfaenddmdpbkobgdcgkmcdcdjjko
          CLIENT_ID: ${{ secrets.CLIENT }}
          CLIENT_SECRET: ${{ secrets.SECRET }}
          REFRESH_TOKEN: ${{ secrets.TOKEN }}
      - name: Delete artifact
        uses: GeekyEggo/[email protected]
        with:
          name: chrome-extension-${{ github.sha }}.zip

I was using upload with --auto-publish to do the job, but I've reached a point where I need to test the extension before making it live for my users.

I had this error and even if I added the email it still wouldn't work:

You must provide a contact email before you can publish any item. Enter your contact email on the Account tab.; To publish your item, you must certify that your data usage complies with our Developer Program Policies. You can certify this on the Privacy practices tab of the item edit page

Solution, via https://chrome.google.com/webstore/devconsole:

1. Upload extension (maybe manually)
2. Maybe log in again
3. Don't click "Save draft" or else you'll see "Why can't I publish?"
4. Just click "Submit for review"

Known errors should be parsed and displayed more cleanly

Publish condition not met

Now

Response code 400 (Bad Request)
{
    "error": {
        "errors": [
            {
                "domain": "global",
                "reason": "badRequest",
                "message": "Publish condition not met: To publish your item, you must provide mandatory privacy information in the new Developer Dashboard: https://chrome.google.com/webstore/devconsole. Click on your item from the home page and enter this information on the Privacy tab."
            }
        ],
        "code": 400,
        "message": "Publish condition not met: To publish your item, you must provide mandatory privacy information in the new Developer Dashboard: https://chrome.google.com/webstore/devconsole. Click on your item from the home page and enter this information on the Privacy tab."
    }
}

Ideal

Publish condition not met: To publish your item, you must provide mandatory privacy information in the new Developer Dashboard: https://chrome.google.com/webstore/devconsole. Click on your item from the home page and enter this information on the Privacy tab.

invalid_grant

#36

Now

Response code 400 (Bad Request)
{
    "error": "invalid_grant",
    "error_description": "Bad Request"
}

Ideal

Response code 400 (Bad Request)
invalid_grant: Bad Request
Probably the supplied keys are invalid. Make sure to trim any extra spaces.

No matter how I run this thing, I get a syntax error:

const { green, red } = require('chalk');
      ^

SyntaxError: Unexpected token {
    at exports.runInThisContext (vm.js:53:16)
    at Module._compile (module.js:413:25)
    at Object.Module._extensions..js (module.js:452:10)
    at Module.load (module.js:355:32)
    at Function.Module._load (module.js:310:12)
    at Function.Module.runMain (module.js:475:10)
    at startup (node.js:118:18)
    at node.js:952:3

I have been working on an Google Sheets add-on using google/clasp, with the goal of being able to automate deployments of new versions of it.

Ideally with the flow of like:

1. Edit source with new changes.
2. clasp push to compile TS into .gs files and update the script project files.
3. Create a new version
4. Publish this version in the webstore (as unlisted).

Based on the discussion in google/clasp#43 it seems that clasp deploy is not able to handle the deployment of a sheets add-on, so I was checking out your project.
I was also checking out https://developers.google.com/apps-script/api/reference/rest/v1/projects.deployments/create and https://developers.google.com/apps-script/api/reference/rest/v1/projects.versions/create to handle the creation of a new version and new deployment.

However, i'm having some issues with putting all the pieces together to do this, if its event possible. I can't seem to get the published version to change, without manually publishing a given version in the script editor.

I figure you might be more knowledgeable about this, any insight you can give would be greatly appreciated.

The current documentation shows how to run the cli tool when it is installed globally.
Could you add documentation about how to run it when installed as dev dependency?

TODO:

• Remove --auto-publish flag
• Change behavior of webstore (without sub-commands) to do an upload + publish
• Make upload command include publishing by default
• Add --no-publish flag to disable publishing when running upload command

refined-github/refined-github#235 (comment)

How should we configure chrome-webstore-upload-cli to run behind a proxy?

##[section]Starting: Chrome Store Publish
==========================================================================
Task         : Command line
Description  : Run a command line script using Bash on Linux and macOS and cmd.exe on Windows
Version      : 2.231.1
Author       : Microsoft Corporation
Help         : https://docs.microsoft.com/azure/devops/pipelines/tasks/utility/command-line
==========================================================================
Generating script.
Script contents:
chrome-webstore-upload publish --extension-id *** --client-id *** --client-secret *** --refresh-token ***
========================== Starting Command Output ===========================
[command]/usr/bin/bash --noprofile --norc /home/vsts/work/_temp/78da6bae-8a3a-450a-a1bb-55b94fde4653.sh
file:///opt/hostedtoolcache/node/20.10.0/x64/lib/node_modules/chrome-webstore-upload-cli/find-source.js:25
     throw new Error(`${errorStart} directory does not contain manifest.json: ${resolvedPath}`);
            ^
Error: Using the cwd, the directory does not contain manifest.json: /home/vsts/work/1/s
  at processDirectory (file:///opt/hostedtoolcache/node/20.10.0/x64/lib/node_modules/chrome-webstore-upload-cli/find-source.js:25:15)
  at async getConfig (file:///opt/hostedtoolcache/node/20.10.0/x64/lib/node_modules/chrome-webstore-upload-cli/config.js:14:18)
  at async file:///opt/hostedtoolcache/node/20.10.0/x64/lib/node_modules/chrome-webstore-upload-cli/cli.js:60:5

Node.js v20.10.0

##[error]Bash exited with code '1'.
##[section]Finishing: Chrome Store Publish

The above output happens after successful upload for the past two months or so. Everything worked as expected for the previous year

From the usage doc:

    --client-id       OAuth2 Client ID
    --client-secret   OAuth2 Client Secret
    --refresh-token   OAuth2 Refresh Token

Is this the right URL? https://developer.chrome.com/webstore/using_webstore_api

That's leading me to https://console.developers.google.com/apis/credentials which doesn't feel right. The OAuth flow described there is one where a user consents in-browser. 😱

Hi, I am getting this error:

Error: Using the cwd, the directory does not contain manifest.json: /home/runner/work/myextension/myextension

- name: Upload step
  run: |-
      chrome-webstore-upload upload --auto-publish \\
        --source chrome-extension-${{ github.sha }}.zip \\
        --extension-id ${{ env.EXTENSION_ID }} \\
        --client-id ${{ secrets.CI_GOOGLE_CLIENT_ID }} \\
        --client-secret ${{ secrets.CI_GOOGLE_CLIENT_SECRET }} \\
        --refresh-token ${{ secrets.CI_GOOGLE_REFRESH_TOKEN }}

The artifact file is: chrome-extension-randomhashhere.zip -> dist -> extension files

It says "using the cwd", but I added "--source" parameter, so I don't understand really.
I think it tries to find the manifest.json on the wrong place, but it looks that the CLI is not taking zip file as a source.

When i try to run publish with autopublish like here
webstore upload --auto-publish --source extension.zip --extension-id $EXTENSION_ID --client-id $CLIENT_ID --client-secret $CLIENT_SECRET --refresh-token $REFRESH_TOKEN

it returns Response code 400 (Bad Request)

Moved from fregante/chrome-webstore-upload#67
To avoid issues like #63 (comment)

It could replace steps 15-19 in https://github.com/fregante/chrome-webstore-upload/blob/main/How%20to%20generate%20Google%20API%20keys.md

Example:

> npx chrome-webstore-upload-cli generate-keys

Enter extension id: bdeobgpddfaegbjfinhldnkfeieakdaf
Enter client id: 960453266371-2qcq5fppm3d5e.apps.googleusercontent.com
Enter client secret: GOCSPX-O9uS1FLnCqXDvru7Y_

Log with the email you used to create the app:

https://accounts.google.com/o/oauth2/auth?response_type=code&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fchromewebstore&redirect_uri=http%3A%2F%2Flocalhost%3A8818&access_type=offline&client_id=960453266371-2qcq5fppm3d5e.apps.googleusercontent.com

Press any key to open the URL in your browser…

✅ Save these secrets:

CLIENT_ID=960453266371-2qcq5fppm3d5e.apps.googleusercontent.com
CLIENT_SECRET=GOCSPX-O9uS1FLnCqXDvru7Y_
REFRESH_TOKEN=1//0ghY2wKCgYIARANwF-L9IruZq9-XH26AQWs9PiMQMtmsz1p6b4_Yqw

Prior art:

• https://www.npmjs.com/package/gcp-refresh-token

I have a CLI pipeline build that publishes the extension to the Chome Web Store. If I run the command, I can see the updated version number and such in the Chrome Web Store and it appears to be fully updated. I can't even update the package in the Dashboard since they share the same version - perfect! But I don't receive the update on my browser. I'll wait for several days, but see nothing. If I trigger a manual ZIP upload, then the update goes out within hours (as expected).

Here is my command: webstore upload --source ./dist/chrome.zip --extension-id XX --client-id XX --client-secret XX --refresh-token XX --auto-publish

Is there anything that I am missing?

The package that this module wraps is heavily unit-tested, but this wrapper is not.

The big difficulty here is that the CLI test is executed using a child process, making it not super feasible to use a normal stubbing/mocking tool. Looking for ways to accomplish this, without having to make gross hacks inside the CLI wrapper itself.

Title :)

Thanks in advance ! :)

Started to get this error after upgrading to 1.2.1 today:

"{\n  \"error\": \"invalid_request\",\n  \"error_description\": \"client_secret is missing.\"\n}"

Reverting back to 1.2.0 fixed the issue.

We manage our source code in Azure DevOps and also use its pipelines of it for releasing new versions of our Chrome application.

Now, we have a problem with this chrome-webstore-upload-cli package. We are using version 2.0.0 of it and passing a whole path as --source parameter (D:\a\1\Extension-Upload\Chrome.zip).
But when executing the script, I get the following output:

- Fetching token
- Uploading Chrome.zip
Error
RequestError: ENOENT: no such file or directory, open 'D:\a\1\s\D:\a\1\Extension-Upload\Chrome.zip'
    at Request._destroy (C:\npm\prefix\node_modules\chrome-webstore-upload-cli\node_modules\got\dist\source\core\index.js:1386:21)
    at _destroy (node:internal/streams/destroy:102:25)
    at Request.destroy (node:internal/streams/destroy:64:5)
    at C:\npm\prefix\node_modules\chrome-webstore-upload-cli\node_modules\got\dist\source\core\index.js:354:26
    at processTicksAndRejections (node:internal/process/task_queues:96:5) {
  code: 'ENOENT',
  timings: undefined
}

A look at the wrapper.js file revealed that process.cwd() is always combined with the passed path. This shouldn't be done when a full path is already specified.

It makes it difficult to understand what's causing the deployment to fail if the error is suppressed

If I remember correctly it's bad practice to pass secrets as flags. I wonder if they should just be dropped in favor of exclusively reading from ENV.

For now in #81 I removed the flags from the examples.

.env files can be used to replace setting environment variables.
This is useful for testing and development.

I am planning to implement it myself.
I would use this library https://www.npmjs.com/package/dotenv if I implement, so it would have to be added to the dependencies.

Hi, I'm getting stuck with this error message:

{
Error: PKG_MANIFEST_PARSE_ERROR
The manifest has an invalid version. Version value must be a string.
  kind: 'chromewebstore#item',
  id: '***',
  uploadState: 'FAILURE',
  itemError: [
    {
      error_code: 'PKG_MANIFEST_PARSE_ERROR',
      error_detail: 'The manifest has an invalid version. Version value must be a string.'
    }
  ]
}

manifest.json

{
...
    "version": "1.3",
    "manifest_version": 3,
}

Tag name 1.3 cannot understand the error, given that version is a string, and manifest_version needs to be an int.
Any tips on what might be wrong?

Hello,

I have been using the cli for sometime successfully to deploy from builds on travis.
My most recent build (it is a long time since I do not do a release) failed with the following error:

Response code 400 (Bad Request)
{
    "error": "invalid_grant",
    "error_description": "Bad Request"
}

Here is a link to the build: https://travis-ci.org/podStation/podStation/builds/641766403

I have not yet tried to reproduce it locally.
Do you know what this could be?
The error message seems related to oauth authentication flow, but bad request does not look like a recoverable error.

I am using version 1.1.1.

I just got a weird message while uploading a new version.

More than one manifest found in package: assets/manifest.json, dist/manifest.json.

https://github.com/OctoLinker/OctoLinker/runs/4073114082?check_suite_focus=true#step:6:18

This is strange, because cwd should be ./dist and not the checkout root which might be the problem.

cd dist && yarn chrome-webstore-upload upload --auto-publish

I tried to replicate the issue locally, but after ~20min waiting for the upload to complete, I got a 500 status back. My suspicion is, it tried to upload my entire local checkout rather than just ./dist

However, I was able to upload a new version using --source ./dist.

I'll prepare a list of things that will likely change:

• #80
• Node 20+
  • Drop recursive-readdir
• Drop --auto-publish (due to #81)
• Forbid unused --source when using the publish command

sindresorhus/refined-twitter#35 (comment)

Hi do you know what it tells me there is a limit here, do you know how to programmatically set the description without this limit ?

Hi! I thought it would be a good feature to support ignoring some files and directories that are zipped up and uploaded. For example, node_modules or src directories that are no longer used by the extension after a build step.